diff --git a/config/v1/tests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/tests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml
new file mode 100644
index 00000000000..5459778123a
--- /dev/null
+++ b/config/v1/tests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml
@@ -0,0 +1,506 @@
+apiVersion: apiextensions.k8s.io/v1 # Hack because controller-gen complains if we don't have this
+name: "ClusterVersion"
+crdName: clusterversions.config.openshift.io
+featureGates:
+ - ClusterUpdateAcceptRisks
+tests:
+ onCreate:
+ - name: Should be able to set accepted risks
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ expected: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ - name: A risk name greater than 256 characters is not allowed
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: a261aabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbbaaabbb
+ expectedError: "Too long: may not be more than 256 bytes"
+ - name: Risk names from the accept field must be unique
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskA
+ expectedError: "Duplicate value: map[string]interface {}{\"name\":\"RiskA\""
+ onUpdate:
+ - name: The riskNames field might be unspecified
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ expected: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ - name: Should be able to update fields related to accepted risks
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames:
+ - DualStackNeedsController
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ expected: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames:
+ - DualStackNeedsController
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ - name: More than a single condition on an update risk is not allowed
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ - status: "False"
+ type: Applies
+ reason: Far
+ message: Far
+ lastTransitionTime: 2021-09-13T12:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames:
+ - DualStackNeedsController
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ expectedStatusError: "conditions: Too many: 2: must have at most 1 item"
+ - name: Risk names of a conditional update must be unique
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames:
+ - DualStackNeedsController
+ - DualStackNeedsController
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ - status: "False"
+ type: Applies
+ reason: Far
+ message: Far
+ lastTransitionTime: 2021-09-13T12:03:05Z
+ expectedStatusError: 'Duplicate value: "DualStackNeedsController"'
+ - name: The type of a risk condition must be Applies
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Wrong
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames:
+ - DualStackNeedsController
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ expectedStatusError: "type must be 'Applies'"
+ - name: The value of riskNames cannot be the empty set
+ initial: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.1
+ acceptRisks:
+ - name: RiskA
+ - name: RiskB
+ updated: |
+ apiVersion: config.openshift.io/v1
+ kind: ClusterVersion
+ spec:
+ clusterID: foo
+ desiredUpdate:
+ architecture: Multi
+ version: 4.11.2
+ acceptRisks:
+ - name: RiskA
+ - name: RiskC
+ status:
+ desired:
+ version: foo
+ image: foo
+ observedGeneration: 1
+ versionHash: foo
+ availableUpdates:
+ - version: foo
+ image: foo
+ conditionalUpdateRisks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ conditionalUpdates:
+ - release:
+ version: 4.18.16
+ image: bar
+ riskNames: []
+ risks:
+ - name: DualStackNeedsController
+ message: Upgrade can get stuck on clusters that use multiple networks together with dual stack.
+ url: https://issues.redhat.com/browse/SDN-3996
+ matchingRules:
+ - type: Always
+ conditions:
+ - status: "True"
+ type: Applies
+ reason: MatchingRule
+ message: The matchingRules[0] matches
+ lastTransitionTime: 2021-09-13T17:03:05Z
+ expectedStatusError: "should have at least 1 items"
diff --git a/config/v1/types_cluster_version.go b/config/v1/types_cluster_version.go
index b89d487ca4c..f3867eda007 100644
--- a/config/v1/types_cluster_version.go
+++ b/config/v1/types_cluster_version.go
@@ -199,6 +199,19 @@ type ClusterVersionStatus struct {
// +listType=atomic
// +optional
ConditionalUpdates []ConditionalUpdate `json:"conditionalUpdates,omitempty"`
+
+ // conditionalUpdateRisks contains the list of risks associated with conditionalUpdates.
+ // When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field.
+ // If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked.
+ // The risk names in the list must be unique.
+ // conditionalUpdateRisks must not contain more than 500 entries.
+ // +openshift:enable:FeatureGate=ClusterUpdateAcceptRisks
+ // +kubebuilder:validation:MaxItems=500
+ // +kubebuilder:validation:MinItems=1
+ // +listType=map
+ // +listMapKey=name
+ // +optional
+ ConditionalUpdateRisks []ConditionalUpdateRisk `json:"conditionalUpdateRisks,omitempty"`
}
// UpdateState is a constant representing whether an update was successfully
@@ -255,8 +268,8 @@ type UpdateHistory struct {
Verified bool `json:"verified"`
// acceptedRisks records risks which were accepted to initiate the update.
- // For example, it may menition an Upgradeable=False or missing signature
- // that was overriden via desiredUpdate.force, or an update that was
+ // For example, it may mention an Upgradeable=False or missing signature
+ // that was overridden via desiredUpdate.force, or an update that was
// initiated despite not being in the availableUpdates set of recommended
// update targets.
// +optional
@@ -725,6 +738,30 @@ type Update struct {
//
// +optional
Force bool `json:"force"`
+
+ // acceptRisks is an optional set of names of conditional update risks that are considered acceptable.
+ // A conditional update is performed only if all of its risks are acceptable.
+ // This list may contain entries that apply to current, previous or future updates.
+ // The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks.
+ // acceptRisks must not contain more than 1000 entries.
+ // Only one accept risk is allowed per risk name.
+ // +openshift:enable:FeatureGate=ClusterUpdateAcceptRisks
+ // +kubebuilder:validation:MaxItems=1000
+ // +kubebuilder:validation:MinItems=1
+ // +listType=map
+ // +listMapKey=name
+ // +optional
+ AcceptRisks []AcceptRisk `json:"acceptRisks,omitempty"`
+}
+
+// AcceptRisk represents a risk that is considered acceptable.
+type AcceptRisk struct {
+ // name is the name of the acceptable risk.
+ // It must be a non-empty string and must not exceed 256 characters.
+ // +kubebuilder:validation:MinLength=1
+ // +kubebuilder:validation:MaxLength=256
+ // +required
+ Name string `json:"name,omitempty"`
}
// Release represents an OpenShift release image and associated metadata.
@@ -780,6 +817,20 @@ type ConditionalUpdate struct {
// +required
Release Release `json:"release"`
+ // riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters.
+ // The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster.
+ // A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator.
+ // The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field.
+ // Entries must be unique and must not exceed 256 characters.
+ // riskNames must not contain more than 500 entries.
+ // +openshift:enable:FeatureGate=ClusterUpdateAcceptRisks
+ // +kubebuilder:validation:MinItems=1
+ // +kubebuilder:validation:items:MaxLength=256
+ // +kubebuilder:validation:MaxItems=500
+ // +listType=set
+ // +optional
+ RiskNames []string `json:"riskNames,omitempty"`
+
// risks represents the range of issues associated with
// updating to the target release. The cluster-version
// operator will evaluate all entries, and only recommend the
@@ -806,6 +857,20 @@ type ConditionalUpdate struct {
// for not recommending a conditional update.
// +k8s:deepcopy-gen=true
type ConditionalUpdateRisk struct {
+ // conditions represents the observations of the conditional update
+ // risk's current status. Known types are:
+ // * Applies, for whether the risk applies to the current cluster.
+ // The condition's types in the list must be unique.
+ // conditions must not contain more than one entry.
+ // +openshift:enable:FeatureGate=ClusterUpdateAcceptRisks
+ // +kubebuilder:validation:items:XValidation:rule="has(self.type) && self.type == 'Applies'",message="type must be 'Applies'"
+ // +kubebuilder:validation:MaxItems=1
+ // +kubebuilder:validation:MinItems=1
+ // +listType=map
+ // +listMapKey=type
+ // +optional
+ Conditions []metav1.Condition `json:"conditions,omitempty"`
+
// url contains information about this risk.
// +kubebuilder:validation:Format=uri
// +kubebuilder:validation:MinLength=1
diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml
index 087b62dda1c..251e45b37b7 100644
--- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml
+++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-CustomNoUpgrade.crd.yaml
@@ -154,6 +154,34 @@ spec:
the previous version will cause a rollback to be attempted. Not all
rollbacks will succeed.
properties:
+ acceptRisks:
+ description: |-
+ acceptRisks is an optional set of names of conditional update risks that are considered acceptable.
+ A conditional update is performed only if all of its risks are acceptable.
+ This list may contain entries that apply to current, previous or future updates.
+ The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks.
+ acceptRisks must not contain more than 1000 entries.
+ Only one accept risk is allowed per risk name.
+ items:
+ description: AcceptRisk represents a risk that is considered
+ acceptable.
+ properties:
+ name:
+ description: |-
+ name is the name of the acceptable risk.
+ It must be a non-empty string and must not exceed 256 characters.
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 1000
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
architecture:
description: |-
architecture is an optional field that indicates the desired
@@ -422,6 +450,166 @@ spec:
type: array
x-kubernetes-list-type: atomic
type: object
+ conditionalUpdateRisks:
+ description: |-
+ conditionalUpdateRisks contains the list of risks associated with conditionalUpdates.
+ When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field.
+ If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked.
+ The risk names in the list must be unique.
+ conditionalUpdateRisks must not contain more than 500 entries.
+ items:
+ description: |-
+ ConditionalUpdateRisk represents a reason and cluster-state
+ for not recommending a conditional update.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect of
+ the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False,
+ Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ matchingRules:
+ description: |-
+ matchingRules is a slice of conditions for deciding which
+ clusters match the risk and which do not. The slice is
+ ordered by decreasing precedence. The cluster-version
+ operator will walk the slice in order, and stop after the
+ first it can successfully evaluate. If no condition can be
+ successfully evaluated, the update will not be recommended.
+ items:
+ description: |-
+ ClusterCondition is a union of typed cluster conditions. The 'type'
+ property determines which of the type-specific properties are relevant.
+ When evaluated on a cluster, the condition may match, not match, or
+ fail to evaluate.
+ properties:
+ promql:
+ description: promql represents a cluster condition based
+ on PromQL.
+ properties:
+ promql:
+ description: |-
+ promql is a PromQL query classifying clusters. This query
+ query should return a 1 in the match case and a 0 in the
+ does-not-match case. Queries which return no time
+ series, or which return values besides 0 or 1, are
+ evaluation failures.
+ type: string
+ required:
+ - promql
+ type: object
+ type:
+ description: |-
+ type represents the cluster-condition type. This defines
+ the members and semantics of any additional properties.
+ enum:
+ - Always
+ - PromQL
+ type: string
+ required:
+ - type
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: atomic
+ message:
+ description: |-
+ message provides additional information about the risk of
+ updating, in the event that matchingRules match the cluster
+ state. This is only to be consumed by humans. It may
+ contain Line Feed characters (U+000A), which should be
+ rendered as new lines.
+ minLength: 1
+ type: string
+ name:
+ description: |-
+ name is the CamelCase reason for not recommending a
+ conditional update, in the event that matchingRules match the
+ cluster state.
+ minLength: 1
+ type: string
+ url:
+ description: url contains information about this risk.
+ format: uri
+ minLength: 1
+ type: string
+ required:
+ - matchingRules
+ - message
+ - name
+ - url
+ type: object
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
conditionalUpdates:
description: |-
conditionalUpdates contains the list of updates that may be
@@ -546,6 +734,21 @@ spec:
- image
- version
type: object
+ riskNames:
+ description: |-
+ riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters.
+ The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster.
+ A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator.
+ The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field.
+ Entries must be unique and must not exceed 256 characters.
+ riskNames must not contain more than 500 entries.
+ items:
+ maxLength: 256
+ type: string
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: set
risks:
description: |-
risks represents the range of issues associated with
@@ -558,6 +761,78 @@ spec:
ConditionalUpdateRisk represents a reason and cluster-state
for not recommending a conditional update.
properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect
+ of the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True,
+ False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in
+ foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
matchingRules:
description: |-
matchingRules is a slice of conditions for deciding which
@@ -747,8 +1022,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml
index f93da1e2e2b..7e09a1cdd78 100644
--- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml
+++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-Default.crd.yaml
@@ -663,8 +663,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml
index 300d94a714f..edc2518366e 100644
--- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml
+++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-DevPreviewNoUpgrade.crd.yaml
@@ -154,6 +154,34 @@ spec:
the previous version will cause a rollback to be attempted. Not all
rollbacks will succeed.
properties:
+ acceptRisks:
+ description: |-
+ acceptRisks is an optional set of names of conditional update risks that are considered acceptable.
+ A conditional update is performed only if all of its risks are acceptable.
+ This list may contain entries that apply to current, previous or future updates.
+ The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks.
+ acceptRisks must not contain more than 1000 entries.
+ Only one accept risk is allowed per risk name.
+ items:
+ description: AcceptRisk represents a risk that is considered
+ acceptable.
+ properties:
+ name:
+ description: |-
+ name is the name of the acceptable risk.
+ It must be a non-empty string and must not exceed 256 characters.
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 1000
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
architecture:
description: |-
architecture is an optional field that indicates the desired
@@ -422,6 +450,166 @@ spec:
type: array
x-kubernetes-list-type: atomic
type: object
+ conditionalUpdateRisks:
+ description: |-
+ conditionalUpdateRisks contains the list of risks associated with conditionalUpdates.
+ When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field.
+ If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked.
+ The risk names in the list must be unique.
+ conditionalUpdateRisks must not contain more than 500 entries.
+ items:
+ description: |-
+ ConditionalUpdateRisk represents a reason and cluster-state
+ for not recommending a conditional update.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect of
+ the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False,
+ Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ matchingRules:
+ description: |-
+ matchingRules is a slice of conditions for deciding which
+ clusters match the risk and which do not. The slice is
+ ordered by decreasing precedence. The cluster-version
+ operator will walk the slice in order, and stop after the
+ first it can successfully evaluate. If no condition can be
+ successfully evaluated, the update will not be recommended.
+ items:
+ description: |-
+ ClusterCondition is a union of typed cluster conditions. The 'type'
+ property determines which of the type-specific properties are relevant.
+ When evaluated on a cluster, the condition may match, not match, or
+ fail to evaluate.
+ properties:
+ promql:
+ description: promql represents a cluster condition based
+ on PromQL.
+ properties:
+ promql:
+ description: |-
+ promql is a PromQL query classifying clusters. This query
+ query should return a 1 in the match case and a 0 in the
+ does-not-match case. Queries which return no time
+ series, or which return values besides 0 or 1, are
+ evaluation failures.
+ type: string
+ required:
+ - promql
+ type: object
+ type:
+ description: |-
+ type represents the cluster-condition type. This defines
+ the members and semantics of any additional properties.
+ enum:
+ - Always
+ - PromQL
+ type: string
+ required:
+ - type
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: atomic
+ message:
+ description: |-
+ message provides additional information about the risk of
+ updating, in the event that matchingRules match the cluster
+ state. This is only to be consumed by humans. It may
+ contain Line Feed characters (U+000A), which should be
+ rendered as new lines.
+ minLength: 1
+ type: string
+ name:
+ description: |-
+ name is the CamelCase reason for not recommending a
+ conditional update, in the event that matchingRules match the
+ cluster state.
+ minLength: 1
+ type: string
+ url:
+ description: url contains information about this risk.
+ format: uri
+ minLength: 1
+ type: string
+ required:
+ - matchingRules
+ - message
+ - name
+ - url
+ type: object
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
conditionalUpdates:
description: |-
conditionalUpdates contains the list of updates that may be
@@ -546,6 +734,21 @@ spec:
- image
- version
type: object
+ riskNames:
+ description: |-
+ riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters.
+ The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster.
+ A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator.
+ The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field.
+ Entries must be unique and must not exceed 256 characters.
+ riskNames must not contain more than 500 entries.
+ items:
+ maxLength: 256
+ type: string
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: set
risks:
description: |-
risks represents the range of issues associated with
@@ -558,6 +761,78 @@ spec:
ConditionalUpdateRisk represents a reason and cluster-state
for not recommending a conditional update.
properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect
+ of the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True,
+ False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in
+ foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
matchingRules:
description: |-
matchingRules is a slice of conditions for deciding which
@@ -747,8 +1022,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml
index 6fc2cb0d949..93ac5585122 100644
--- a/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml
+++ b/config/v1/zz_generated.crd-manifests/0000_00_cluster-version-operator_01_clusterversions-TechPreviewNoUpgrade.crd.yaml
@@ -154,6 +154,34 @@ spec:
the previous version will cause a rollback to be attempted. Not all
rollbacks will succeed.
properties:
+ acceptRisks:
+ description: |-
+ acceptRisks is an optional set of names of conditional update risks that are considered acceptable.
+ A conditional update is performed only if all of its risks are acceptable.
+ This list may contain entries that apply to current, previous or future updates.
+ The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks.
+ acceptRisks must not contain more than 1000 entries.
+ Only one accept risk is allowed per risk name.
+ items:
+ description: AcceptRisk represents a risk that is considered
+ acceptable.
+ properties:
+ name:
+ description: |-
+ name is the name of the acceptable risk.
+ It must be a non-empty string and must not exceed 256 characters.
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 1000
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
architecture:
description: |-
architecture is an optional field that indicates the desired
@@ -422,6 +450,166 @@ spec:
type: array
x-kubernetes-list-type: atomic
type: object
+ conditionalUpdateRisks:
+ description: |-
+ conditionalUpdateRisks contains the list of risks associated with conditionalUpdates.
+ When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field.
+ If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked.
+ The risk names in the list must be unique.
+ conditionalUpdateRisks must not contain more than 500 entries.
+ items:
+ description: |-
+ ConditionalUpdateRisk represents a reason and cluster-state
+ for not recommending a conditional update.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect of
+ the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False,
+ Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ matchingRules:
+ description: |-
+ matchingRules is a slice of conditions for deciding which
+ clusters match the risk and which do not. The slice is
+ ordered by decreasing precedence. The cluster-version
+ operator will walk the slice in order, and stop after the
+ first it can successfully evaluate. If no condition can be
+ successfully evaluated, the update will not be recommended.
+ items:
+ description: |-
+ ClusterCondition is a union of typed cluster conditions. The 'type'
+ property determines which of the type-specific properties are relevant.
+ When evaluated on a cluster, the condition may match, not match, or
+ fail to evaluate.
+ properties:
+ promql:
+ description: promql represents a cluster condition based
+ on PromQL.
+ properties:
+ promql:
+ description: |-
+ promql is a PromQL query classifying clusters. This query
+ query should return a 1 in the match case and a 0 in the
+ does-not-match case. Queries which return no time
+ series, or which return values besides 0 or 1, are
+ evaluation failures.
+ type: string
+ required:
+ - promql
+ type: object
+ type:
+ description: |-
+ type represents the cluster-condition type. This defines
+ the members and semantics of any additional properties.
+ enum:
+ - Always
+ - PromQL
+ type: string
+ required:
+ - type
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: atomic
+ message:
+ description: |-
+ message provides additional information about the risk of
+ updating, in the event that matchingRules match the cluster
+ state. This is only to be consumed by humans. It may
+ contain Line Feed characters (U+000A), which should be
+ rendered as new lines.
+ minLength: 1
+ type: string
+ name:
+ description: |-
+ name is the CamelCase reason for not recommending a
+ conditional update, in the event that matchingRules match the
+ cluster state.
+ minLength: 1
+ type: string
+ url:
+ description: url contains information about this risk.
+ format: uri
+ minLength: 1
+ type: string
+ required:
+ - matchingRules
+ - message
+ - name
+ - url
+ type: object
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
conditionalUpdates:
description: |-
conditionalUpdates contains the list of updates that may be
@@ -546,6 +734,21 @@ spec:
- image
- version
type: object
+ riskNames:
+ description: |-
+ riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters.
+ The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster.
+ A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator.
+ The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field.
+ Entries must be unique and must not exceed 256 characters.
+ riskNames must not contain more than 500 entries.
+ items:
+ maxLength: 256
+ type: string
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: set
risks:
description: |-
risks represents the range of issues associated with
@@ -558,6 +761,78 @@ spec:
ConditionalUpdateRisk represents a reason and cluster-state
for not recommending a conditional update.
properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect
+ of the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True,
+ False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in
+ foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
matchingRules:
description: |-
matchingRules is a slice of conditions for deciding which
@@ -747,8 +1022,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.deepcopy.go b/config/v1/zz_generated.deepcopy.go
index 70edc176996..9bd39567d1c 100644
--- a/config/v1/zz_generated.deepcopy.go
+++ b/config/v1/zz_generated.deepcopy.go
@@ -316,6 +316,22 @@ func (in *AWSServiceEndpoint) DeepCopy() *AWSServiceEndpoint {
return out
}
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AcceptRisk) DeepCopyInto(out *AcceptRisk) {
+ *out = *in
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AcceptRisk.
+func (in *AcceptRisk) DeepCopy() *AcceptRisk {
+ if in == nil {
+ return nil
+ }
+ out := new(AcceptRisk)
+ in.DeepCopyInto(out)
+ return out
+}
+
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *AdmissionConfig) DeepCopyInto(out *AdmissionConfig) {
*out = *in
@@ -1388,7 +1404,7 @@ func (in *ClusterVersionSpec) DeepCopyInto(out *ClusterVersionSpec) {
if in.DesiredUpdate != nil {
in, out := &in.DesiredUpdate, &out.DesiredUpdate
*out = new(Update)
- **out = **in
+ (*in).DeepCopyInto(*out)
}
if in.Capabilities != nil {
in, out := &in.Capabilities, &out.Capabilities
@@ -1451,6 +1467,13 @@ func (in *ClusterVersionStatus) DeepCopyInto(out *ClusterVersionStatus) {
(*in)[i].DeepCopyInto(&(*out)[i])
}
}
+ if in.ConditionalUpdateRisks != nil {
+ in, out := &in.ConditionalUpdateRisks, &out.ConditionalUpdateRisks
+ *out = make([]ConditionalUpdateRisk, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
return
}
@@ -1539,6 +1562,11 @@ func (in *ComponentRouteStatus) DeepCopy() *ComponentRouteStatus {
func (in *ConditionalUpdate) DeepCopyInto(out *ConditionalUpdate) {
*out = *in
in.Release.DeepCopyInto(&out.Release)
+ if in.RiskNames != nil {
+ in, out := &in.RiskNames, &out.RiskNames
+ *out = make([]string, len(*in))
+ copy(*out, *in)
+ }
if in.Risks != nil {
in, out := &in.Risks, &out.Risks
*out = make([]ConditionalUpdateRisk, len(*in))
@@ -1569,6 +1597,13 @@ func (in *ConditionalUpdate) DeepCopy() *ConditionalUpdate {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *ConditionalUpdateRisk) DeepCopyInto(out *ConditionalUpdateRisk) {
*out = *in
+ if in.Conditions != nil {
+ in, out := &in.Conditions, &out.Conditions
+ *out = make([]metav1.Condition, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
if in.MatchingRules != nil {
in, out := &in.MatchingRules, &out.MatchingRules
*out = make([]ClusterCondition, len(*in))
@@ -6300,6 +6335,11 @@ func (in *TokenRequiredClaim) DeepCopy() *TokenRequiredClaim {
// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (in *Update) DeepCopyInto(out *Update) {
*out = *in
+ if in.AcceptRisks != nil {
+ in, out := &in.AcceptRisks, &out.AcceptRisks
+ *out = make([]AcceptRisk, len(*in))
+ copy(*out, *in)
+ }
return
}
diff --git a/config/v1/zz_generated.featuregated-crd-manifests.yaml b/config/v1/zz_generated.featuregated-crd-manifests.yaml
index 19a304c17bf..18c97d4a45a 100644
--- a/config/v1/zz_generated.featuregated-crd-manifests.yaml
+++ b/config/v1/zz_generated.featuregated-crd-manifests.yaml
@@ -141,6 +141,7 @@ clusterversions.config.openshift.io:
Capability: ""
Category: ""
FeatureGates:
+ - ClusterUpdateAcceptRisks
- ImageStreamImportMode
- SignatureStores
FilenameOperatorName: cluster-version-operator
diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml
index f1f9f661bde..c92b91b7e58 100644
--- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml
+++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/AAA_ungated.yaml
@@ -665,8 +665,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml
new file mode 100644
index 00000000000..35655fd88a3
--- /dev/null
+++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ClusterUpdateAcceptRisks.yaml
@@ -0,0 +1,1032 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+ annotations:
+ api-approved.openshift.io: https://github.com/openshift/api/pull/495
+ api.openshift.io/filename-cvo-runlevel: "0000_00"
+ api.openshift.io/filename-operator: cluster-version-operator
+ api.openshift.io/filename-ordering: "01"
+ feature-gate.release.openshift.io/ClusterUpdateAcceptRisks: "true"
+ include.release.openshift.io/self-managed-high-availability: "true"
+ name: clusterversions.config.openshift.io
+spec:
+ group: config.openshift.io
+ names:
+ kind: ClusterVersion
+ listKind: ClusterVersionList
+ plural: clusterversions
+ singular: clusterversion
+ scope: Cluster
+ versions:
+ - additionalPrinterColumns:
+ - jsonPath: .status.history[?(@.state=="Completed")].version
+ name: Version
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Available")].status
+ name: Available
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Progressing")].status
+ name: Progressing
+ type: string
+ - jsonPath: .status.conditions[?(@.type=="Progressing")].lastTransitionTime
+ name: Since
+ type: date
+ - jsonPath: .status.conditions[?(@.type=="Progressing")].message
+ name: Status
+ type: string
+ name: v1
+ schema:
+ openAPIV3Schema:
+ description: |-
+ ClusterVersion is the configuration for the ClusterVersionOperator. This is where
+ parameters related to automatic updates can be set.
+
+ Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer).
+ properties:
+ apiVersion:
+ description: |-
+ APIVersion defines the versioned schema of this representation of an object.
+ Servers should convert recognized schemas to the latest internal value, and
+ may reject unrecognized values.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ type: string
+ kind:
+ description: |-
+ Kind is a string value representing the REST resource this object represents.
+ Servers may infer this from the endpoint the client submits requests to.
+ Cannot be updated.
+ In CamelCase.
+ More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ type: string
+ metadata:
+ type: object
+ spec:
+ description: |-
+ spec is the desired state of the cluster version - the operator will work
+ to ensure that the desired version is applied to the cluster.
+ properties:
+ capabilities:
+ description: |-
+ capabilities configures the installation of optional, core
+ cluster components. A null value here is identical to an
+ empty object; see the child properties for default semantics.
+ properties:
+ additionalEnabledCapabilities:
+ description: |-
+ additionalEnabledCapabilities extends the set of managed
+ capabilities beyond the baseline defined in
+ baselineCapabilitySet. The default is an empty set.
+ items:
+ description: ClusterVersionCapability enumerates optional, core
+ cluster components.
+ enum:
+ - openshift-samples
+ - baremetal
+ - marketplace
+ - Console
+ - Insights
+ - Storage
+ - CSISnapshot
+ - NodeTuning
+ - MachineAPI
+ - Build
+ - DeploymentConfig
+ - ImageRegistry
+ - OperatorLifecycleManager
+ - CloudCredential
+ - Ingress
+ - CloudControllerManager
+ - OperatorLifecycleManagerV1
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ baselineCapabilitySet:
+ description: |-
+ baselineCapabilitySet selects an initial set of
+ optional capabilities to enable, which can be extended via
+ additionalEnabledCapabilities. If unset, the cluster will
+ choose a default, and the default may change over time.
+ The current default is vCurrent.
+ enum:
+ - None
+ - v4.11
+ - v4.12
+ - v4.13
+ - v4.14
+ - v4.15
+ - v4.16
+ - v4.17
+ - v4.18
+ - vCurrent
+ type: string
+ type: object
+ channel:
+ description: |-
+ channel is an identifier for explicitly requesting a non-default set
+ of updates to be applied to this cluster. The default channel will
+ contain stable updates that are appropriate for production clusters.
+ type: string
+ clusterID:
+ description: |-
+ clusterID uniquely identifies this cluster. This is expected to be
+ an RFC4122 UUID value (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx in
+ hexadecimal values). This is a required field.
+ type: string
+ desiredUpdate:
+ description: |-
+ desiredUpdate is an optional field that indicates the desired value of
+ the cluster version. Setting this value will trigger an upgrade (if
+ the current version does not match the desired version). The set of
+ recommended update values is listed as part of available updates in
+ status, and setting values outside that range may cause the upgrade
+ to fail.
+
+ Some of the fields are inter-related with restrictions and meanings described here.
+ 1. image is specified, version is specified, architecture is specified. API validation error.
+ 2. image is specified, version is specified, architecture is not specified. The version extracted from the referenced image must match the specified version.
+ 3. image is specified, version is not specified, architecture is specified. API validation error.
+ 4. image is specified, version is not specified, architecture is not specified. image is used.
+ 5. image is not specified, version is specified, architecture is specified. version and desired architecture are used to select an image.
+ 6. image is not specified, version is specified, architecture is not specified. version and current architecture are used to select an image.
+ 7. image is not specified, version is not specified, architecture is specified. API validation error.
+ 8. image is not specified, version is not specified, architecture is not specified. API validation error.
+
+ If an upgrade fails the operator will halt and report status
+ about the failing component. Setting the desired update value back to
+ the previous version will cause a rollback to be attempted. Not all
+ rollbacks will succeed.
+ properties:
+ acceptRisks:
+ description: |-
+ acceptRisks is an optional set of names of conditional update risks that are considered acceptable.
+ A conditional update is performed only if all of its risks are acceptable.
+ This list may contain entries that apply to current, previous or future updates.
+ The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks.
+ acceptRisks must not contain more than 1000 entries.
+ Only one accept risk is allowed per risk name.
+ items:
+ description: AcceptRisk represents a risk that is considered
+ acceptable.
+ properties:
+ name:
+ description: |-
+ name is the name of the acceptable risk.
+ It must be a non-empty string and must not exceed 256 characters.
+ maxLength: 256
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
+ maxItems: 1000
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ architecture:
+ description: |-
+ architecture is an optional field that indicates the desired
+ value of the cluster architecture. In this context cluster
+ architecture means either a single architecture or a multi
+ architecture. architecture can only be set to Multi thereby
+ only allowing updates from single to multi architecture. If
+ architecture is set, image cannot be set and version must be
+ set.
+ Valid values are 'Multi' and empty.
+ enum:
+ - Multi
+ - ""
+ type: string
+ force:
+ description: |-
+ force allows an administrator to update to an image that has failed
+ verification or upgradeable checks. This option should only
+ be used when the authenticity of the provided image has been verified out
+ of band because the provided image will run with full administrative access
+ to the cluster. Do not use this flag with images that comes from unknown
+ or potentially malicious sources.
+ type: boolean
+ image:
+ description: |-
+ image is a container image location that contains the update.
+ image should be used when the desired version does not exist in availableUpdates or history.
+ When image is set, architecture cannot be specified.
+ If both version and image are set, the version extracted from the referenced image must match the specified version.
+ type: string
+ version:
+ description: |-
+ version is a semantic version identifying the update version.
+ version is required if architecture is specified.
+ If both version and image are set, the version extracted from the referenced image must match the specified version.
+ type: string
+ type: object
+ x-kubernetes-validations:
+ - message: cannot set both Architecture and Image
+ rule: 'has(self.architecture) && has(self.image) ? (self.architecture
+ == "" || self.image == "") : true'
+ - message: Version must be set if Architecture is set
+ rule: 'has(self.architecture) && self.architecture != "" ? self.version
+ != "" : true'
+ overrides:
+ description: |-
+ overrides is list of overides for components that are managed by
+ cluster version operator. Marking a component unmanaged will prevent
+ the operator from creating or updating the object.
+ items:
+ description: |-
+ ComponentOverride allows overriding cluster version operator's behavior
+ for a component.
+ properties:
+ group:
+ description: group identifies the API group that the kind is
+ in.
+ type: string
+ kind:
+ description: kind indentifies which object to override.
+ type: string
+ name:
+ description: name is the component's name.
+ type: string
+ namespace:
+ description: |-
+ namespace is the component's namespace. If the resource is cluster
+ scoped, the namespace should be empty.
+ type: string
+ unmanaged:
+ description: |-
+ unmanaged controls if cluster version operator should stop managing the
+ resources in this cluster.
+ Default: false
+ type: boolean
+ required:
+ - group
+ - kind
+ - name
+ - namespace
+ - unmanaged
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - kind
+ - group
+ - namespace
+ - name
+ x-kubernetes-list-type: map
+ upstream:
+ description: |-
+ upstream may be used to specify the preferred update server. By default
+ it will use the appropriate update server for the cluster and region.
+ type: string
+ required:
+ - clusterID
+ type: object
+ status:
+ description: |-
+ status contains information about the available updates and any in-progress
+ updates.
+ properties:
+ availableUpdates:
+ description: |-
+ availableUpdates contains updates recommended for this
+ cluster. Updates which appear in conditionalUpdates but not in
+ availableUpdates may expose this cluster to known issues. This list
+ may be empty if no updates are recommended, if the update service
+ is unavailable, or if an invalid channel has been specified.
+ items:
+ description: Release represents an OpenShift release image and associated
+ metadata.
+ properties:
+ channels:
+ description: |-
+ channels is the set of Cincinnati channels to which the release
+ currently belongs.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: set
+ image:
+ description: |-
+ image is a container image location that contains the update. When this
+ field is part of spec, image is optional if version is specified and the
+ availableUpdates field contains a matching version.
+ type: string
+ url:
+ description: |-
+ url contains information about this release. This URL is set by
+ the 'url' metadata property on a release or the metadata returned by
+ the update API and should be displayed as a link in user
+ interfaces. The URL field may not be set for test or nightly
+ releases.
+ type: string
+ version:
+ description: |-
+ version is a semantic version identifying the update version. When this
+ field is part of spec, version is optional if image is specified.
+ type: string
+ required:
+ - image
+ - version
+ type: object
+ nullable: true
+ type: array
+ x-kubernetes-list-type: atomic
+ capabilities:
+ description: capabilities describes the state of optional, core cluster
+ components.
+ properties:
+ enabledCapabilities:
+ description: enabledCapabilities lists all the capabilities that
+ are currently managed.
+ items:
+ description: ClusterVersionCapability enumerates optional, core
+ cluster components.
+ enum:
+ - openshift-samples
+ - baremetal
+ - marketplace
+ - Console
+ - Insights
+ - Storage
+ - CSISnapshot
+ - NodeTuning
+ - MachineAPI
+ - Build
+ - DeploymentConfig
+ - ImageRegistry
+ - OperatorLifecycleManager
+ - CloudCredential
+ - Ingress
+ - CloudControllerManager
+ - OperatorLifecycleManagerV1
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ knownCapabilities:
+ description: knownCapabilities lists all the capabilities known
+ to the current cluster.
+ items:
+ description: ClusterVersionCapability enumerates optional, core
+ cluster components.
+ enum:
+ - openshift-samples
+ - baremetal
+ - marketplace
+ - Console
+ - Insights
+ - Storage
+ - CSISnapshot
+ - NodeTuning
+ - MachineAPI
+ - Build
+ - DeploymentConfig
+ - ImageRegistry
+ - OperatorLifecycleManager
+ - CloudCredential
+ - Ingress
+ - CloudControllerManager
+ - OperatorLifecycleManagerV1
+ type: string
+ type: array
+ x-kubernetes-list-type: atomic
+ type: object
+ conditionalUpdateRisks:
+ description: |-
+ conditionalUpdateRisks contains the list of risks associated with conditionalUpdates.
+ When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field.
+ If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked.
+ The risk names in the list must be unique.
+ conditionalUpdateRisks must not contain more than 500 entries.
+ items:
+ description: |-
+ ConditionalUpdateRisk represents a reason and cluster-state
+ for not recommending a conditional update.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect of
+ the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False,
+ Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ matchingRules:
+ description: |-
+ matchingRules is a slice of conditions for deciding which
+ clusters match the risk and which do not. The slice is
+ ordered by decreasing precedence. The cluster-version
+ operator will walk the slice in order, and stop after the
+ first it can successfully evaluate. If no condition can be
+ successfully evaluated, the update will not be recommended.
+ items:
+ description: |-
+ ClusterCondition is a union of typed cluster conditions. The 'type'
+ property determines which of the type-specific properties are relevant.
+ When evaluated on a cluster, the condition may match, not match, or
+ fail to evaluate.
+ properties:
+ promql:
+ description: promql represents a cluster condition based
+ on PromQL.
+ properties:
+ promql:
+ description: |-
+ promql is a PromQL query classifying clusters. This query
+ query should return a 1 in the match case and a 0 in the
+ does-not-match case. Queries which return no time
+ series, or which return values besides 0 or 1, are
+ evaluation failures.
+ type: string
+ required:
+ - promql
+ type: object
+ type:
+ description: |-
+ type represents the cluster-condition type. This defines
+ the members and semantics of any additional properties.
+ enum:
+ - Always
+ - PromQL
+ type: string
+ required:
+ - type
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: atomic
+ message:
+ description: |-
+ message provides additional information about the risk of
+ updating, in the event that matchingRules match the cluster
+ state. This is only to be consumed by humans. It may
+ contain Line Feed characters (U+000A), which should be
+ rendered as new lines.
+ minLength: 1
+ type: string
+ name:
+ description: |-
+ name is the CamelCase reason for not recommending a
+ conditional update, in the event that matchingRules match the
+ cluster state.
+ minLength: 1
+ type: string
+ url:
+ description: url contains information about this risk.
+ format: uri
+ minLength: 1
+ type: string
+ required:
+ - matchingRules
+ - message
+ - name
+ - url
+ type: object
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ conditionalUpdates:
+ description: |-
+ conditionalUpdates contains the list of updates that may be
+ recommended for this cluster if it meets specific required
+ conditions. Consumers interested in the set of updates that are
+ actually recommended for this cluster should use
+ availableUpdates. This list may be empty if no updates are
+ recommended, if the update service is unavailable, or if an empty
+ or invalid channel has been specified.
+ items:
+ description: |-
+ ConditionalUpdate represents an update which is recommended to some
+ clusters on the version the current cluster is reconciling, but which
+ may not be recommended for the current cluster.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update's
+ current status. Known types are:
+ * Recommended, for whether the update is recommended for the current cluster.
+ items:
+ description: Condition contains details for one aspect of
+ the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True, False,
+ Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ release:
+ description: release is the target of the update.
+ properties:
+ channels:
+ description: |-
+ channels is the set of Cincinnati channels to which the release
+ currently belongs.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: set
+ image:
+ description: |-
+ image is a container image location that contains the update. When this
+ field is part of spec, image is optional if version is specified and the
+ availableUpdates field contains a matching version.
+ type: string
+ url:
+ description: |-
+ url contains information about this release. This URL is set by
+ the 'url' metadata property on a release or the metadata returned by
+ the update API and should be displayed as a link in user
+ interfaces. The URL field may not be set for test or nightly
+ releases.
+ type: string
+ version:
+ description: |-
+ version is a semantic version identifying the update version. When this
+ field is part of spec, version is optional if image is specified.
+ type: string
+ required:
+ - image
+ - version
+ type: object
+ riskNames:
+ description: |-
+ riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters.
+ The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster.
+ A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator.
+ The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field.
+ Entries must be unique and must not exceed 256 characters.
+ riskNames must not contain more than 500 entries.
+ items:
+ maxLength: 256
+ type: string
+ maxItems: 500
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: set
+ risks:
+ description: |-
+ risks represents the range of issues associated with
+ updating to the target release. The cluster-version
+ operator will evaluate all entries, and only recommend the
+ update if there is at least one entry and all entries
+ recommend the update.
+ items:
+ description: |-
+ ConditionalUpdateRisk represents a reason and cluster-state
+ for not recommending a conditional update.
+ properties:
+ conditions:
+ description: |-
+ conditions represents the observations of the conditional update
+ risk's current status. Known types are:
+ * Applies, for whether the risk applies to the current cluster.
+ The condition's types in the list must be unique.
+ conditions must not contain more than one entry.
+ items:
+ description: Condition contains details for one aspect
+ of the current state of this API Resource.
+ properties:
+ lastTransitionTime:
+ description: |-
+ lastTransitionTime is the last time the condition transitioned from one status to another.
+ This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message is a human readable message indicating details about the transition.
+ This may be an empty string.
+ maxLength: 32768
+ type: string
+ observedGeneration:
+ description: |-
+ observedGeneration represents the .metadata.generation that the condition was set based upon.
+ For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
+ with respect to the current state of the instance.
+ format: int64
+ minimum: 0
+ type: integer
+ reason:
+ description: |-
+ reason contains a programmatic identifier indicating the reason for the condition's last transition.
+ Producers of specific condition types may define expected values and meanings for this field,
+ and whether the values are considered a guaranteed API.
+ The value should be a CamelCase string.
+ This field may not be empty.
+ maxLength: 1024
+ minLength: 1
+ pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+ type: string
+ status:
+ description: status of the condition, one of True,
+ False, Unknown.
+ enum:
+ - "True"
+ - "False"
+ - Unknown
+ type: string
+ type:
+ description: type of condition in CamelCase or in
+ foo.example.com/CamelCase.
+ maxLength: 316
+ pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+ type: string
+ required:
+ - lastTransitionTime
+ - message
+ - reason
+ - status
+ - type
+ type: object
+ x-kubernetes-validations:
+ - message: type must be 'Applies'
+ rule: has(self.type) && self.type == 'Applies'
+ maxItems: 1
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ matchingRules:
+ description: |-
+ matchingRules is a slice of conditions for deciding which
+ clusters match the risk and which do not. The slice is
+ ordered by decreasing precedence. The cluster-version
+ operator will walk the slice in order, and stop after the
+ first it can successfully evaluate. If no condition can be
+ successfully evaluated, the update will not be recommended.
+ items:
+ description: |-
+ ClusterCondition is a union of typed cluster conditions. The 'type'
+ property determines which of the type-specific properties are relevant.
+ When evaluated on a cluster, the condition may match, not match, or
+ fail to evaluate.
+ properties:
+ promql:
+ description: promql represents a cluster condition
+ based on PromQL.
+ properties:
+ promql:
+ description: |-
+ promql is a PromQL query classifying clusters. This query
+ query should return a 1 in the match case and a 0 in the
+ does-not-match case. Queries which return no time
+ series, or which return values besides 0 or 1, are
+ evaluation failures.
+ type: string
+ required:
+ - promql
+ type: object
+ type:
+ description: |-
+ type represents the cluster-condition type. This defines
+ the members and semantics of any additional properties.
+ enum:
+ - Always
+ - PromQL
+ type: string
+ required:
+ - type
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-type: atomic
+ message:
+ description: |-
+ message provides additional information about the risk of
+ updating, in the event that matchingRules match the cluster
+ state. This is only to be consumed by humans. It may
+ contain Line Feed characters (U+000A), which should be
+ rendered as new lines.
+ minLength: 1
+ type: string
+ name:
+ description: |-
+ name is the CamelCase reason for not recommending a
+ conditional update, in the event that matchingRules match the
+ cluster state.
+ minLength: 1
+ type: string
+ url:
+ description: url contains information about this risk.
+ format: uri
+ minLength: 1
+ type: string
+ required:
+ - matchingRules
+ - message
+ - name
+ - url
+ type: object
+ minItems: 1
+ type: array
+ x-kubernetes-list-map-keys:
+ - name
+ x-kubernetes-list-type: map
+ required:
+ - release
+ - risks
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ conditions:
+ description: |-
+ conditions provides information about the cluster version. The condition
+ "Available" is set to true if the desiredUpdate has been reached. The
+ condition "Progressing" is set to true if an update is being applied.
+ The condition "Degraded" is set to true if an update is currently blocked
+ by a temporary or permanent error. Conditions are only valid for the
+ current desiredUpdate when metadata.generation is equal to
+ status.generation.
+ items:
+ description: |-
+ ClusterOperatorStatusCondition represents the state of the operator's
+ managed and monitored components.
+ properties:
+ lastTransitionTime:
+ description: lastTransitionTime is the time of the last update
+ to the current status property.
+ format: date-time
+ type: string
+ message:
+ description: |-
+ message provides additional information about the current condition.
+ This is only to be consumed by humans. It may contain Line Feed
+ characters (U+000A), which should be rendered as new lines.
+ type: string
+ reason:
+ description: reason is the CamelCase reason for the condition's
+ current status.
+ type: string
+ status:
+ description: status of the condition, one of True, False, Unknown.
+ type: string
+ type:
+ description: type specifies the aspect reported by this condition.
+ type: string
+ required:
+ - lastTransitionTime
+ - status
+ - type
+ type: object
+ type: array
+ x-kubernetes-list-map-keys:
+ - type
+ x-kubernetes-list-type: map
+ desired:
+ description: |-
+ desired is the version that the cluster is reconciling towards.
+ If the cluster is not yet fully initialized desired will be set
+ with the information available, which may be an image or a tag.
+ properties:
+ channels:
+ description: |-
+ channels is the set of Cincinnati channels to which the release
+ currently belongs.
+ items:
+ type: string
+ type: array
+ x-kubernetes-list-type: set
+ image:
+ description: |-
+ image is a container image location that contains the update. When this
+ field is part of spec, image is optional if version is specified and the
+ availableUpdates field contains a matching version.
+ type: string
+ url:
+ description: |-
+ url contains information about this release. This URL is set by
+ the 'url' metadata property on a release or the metadata returned by
+ the update API and should be displayed as a link in user
+ interfaces. The URL field may not be set for test or nightly
+ releases.
+ type: string
+ version:
+ description: |-
+ version is a semantic version identifying the update version. When this
+ field is part of spec, version is optional if image is specified.
+ type: string
+ required:
+ - image
+ - version
+ type: object
+ history:
+ description: |-
+ history contains a list of the most recent versions applied to the cluster.
+ This value may be empty during cluster startup, and then will be updated
+ when a new update is being applied. The newest update is first in the
+ list and it is ordered by recency. Updates in the history have state
+ Completed if the rollout completed - if an update was failing or halfway
+ applied the state will be Partial. Only a limited amount of update history
+ is preserved.
+ items:
+ description: UpdateHistory is a single attempted update to the cluster.
+ properties:
+ acceptedRisks:
+ description: |-
+ acceptedRisks records risks which were accepted to initiate the update.
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
+ initiated despite not being in the availableUpdates set of recommended
+ update targets.
+ type: string
+ completionTime:
+ description: |-
+ completionTime, if set, is when the update was fully applied. The update
+ that is currently being applied will have a null completion time.
+ Completion time will always be set for entries that are not the current
+ update (usually to the started time of the next update).
+ format: date-time
+ nullable: true
+ type: string
+ image:
+ description: |-
+ image is a container image location that contains the update. This value
+ is always populated.
+ type: string
+ startedTime:
+ description: startedTime is the time at which the update was
+ started.
+ format: date-time
+ type: string
+ state:
+ description: |-
+ state reflects whether the update was fully applied. The Partial state
+ indicates the update is not fully applied, while the Completed state
+ indicates the update was successfully rolled out at least once (all
+ parts of the update successfully applied).
+ type: string
+ verified:
+ description: |-
+ verified indicates whether the provided update was properly verified
+ before it was installed. If this is false the cluster may not be trusted.
+ Verified does not cover upgradeable checks that depend on the cluster
+ state at the time when the update target was accepted.
+ type: boolean
+ version:
+ description: |-
+ version is a semantic version identifying the update version. If the
+ requested image does not define a version, or if a failure occurs
+ retrieving the image, this value may be empty.
+ type: string
+ required:
+ - completionTime
+ - image
+ - startedTime
+ - state
+ - verified
+ type: object
+ type: array
+ x-kubernetes-list-type: atomic
+ observedGeneration:
+ description: |-
+ observedGeneration reports which version of the spec is being synced.
+ If this value is not equal to metadata.generation, then the desired
+ and conditions fields may represent a previous version.
+ format: int64
+ type: integer
+ versionHash:
+ description: |-
+ versionHash is a fingerprint of the content that the cluster will be
+ updated with. It is used by the operator to avoid unnecessary work
+ and is for internal use only.
+ type: string
+ required:
+ - availableUpdates
+ - desired
+ - observedGeneration
+ - versionHash
+ type: object
+ required:
+ - spec
+ type: object
+ x-kubernetes-validations:
+ - message: the `marketplace` capability requires the `OperatorLifecycleManager`
+ capability, which is neither explicitly or implicitly enabled in this
+ cluster, please enable the `OperatorLifecycleManager` capability
+ rule: 'has(self.spec.capabilities) && has(self.spec.capabilities.additionalEnabledCapabilities)
+ && self.spec.capabilities.baselineCapabilitySet == ''None'' && ''marketplace''
+ in self.spec.capabilities.additionalEnabledCapabilities ? ''OperatorLifecycleManager''
+ in self.spec.capabilities.additionalEnabledCapabilities || (has(self.status)
+ && has(self.status.capabilities) && has(self.status.capabilities.enabledCapabilities)
+ && ''OperatorLifecycleManager'' in self.status.capabilities.enabledCapabilities)
+ : true'
+ served: true
+ storage: true
+ subresources:
+ status: {}
diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml
index 386b85a8609..0234d21f4be 100644
--- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml
+++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/ImageStreamImportMode.yaml
@@ -698,8 +698,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml
index bbc6435b680..bcd958a4e88 100644
--- a/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml
+++ b/config/v1/zz_generated.featuregated-crd-manifests/clusterversions.config.openshift.io/SignatureStores.yaml
@@ -716,8 +716,8 @@ spec:
acceptedRisks:
description: |-
acceptedRisks records risks which were accepted to initiate the update.
- For example, it may menition an Upgradeable=False or missing signature
- that was overriden via desiredUpdate.force, or an update that was
+ For example, it may mention an Upgradeable=False or missing signature
+ that was overridden via desiredUpdate.force, or an update that was
initiated despite not being in the availableUpdates set of recommended
update targets.
type: string
diff --git a/config/v1/zz_generated.swagger_doc_generated.go b/config/v1/zz_generated.swagger_doc_generated.go
index eb78ad7ca66..3bbeeb566e1 100644
--- a/config/v1/zz_generated.swagger_doc_generated.go
+++ b/config/v1/zz_generated.swagger_doc_generated.go
@@ -724,6 +724,15 @@ func (OperandVersion) SwaggerDoc() map[string]string {
return map_OperandVersion
}
+var map_AcceptRisk = map[string]string{
+ "": "AcceptRisk represents a risk that is considered acceptable.",
+ "name": "name is the name of the acceptable risk. It must be a non-empty string and must not exceed 256 characters.",
+}
+
+func (AcceptRisk) SwaggerDoc() map[string]string {
+ return map_AcceptRisk
+}
+
var map_ClusterCondition = map[string]string{
"": "ClusterCondition is a union of typed cluster conditions. The 'type' property determines which of the type-specific properties are relevant. When evaluated on a cluster, the condition may match, not match, or fail to evaluate.",
"type": "type represents the cluster-condition type. This defines the members and semantics of any additional properties.",
@@ -790,15 +799,16 @@ func (ClusterVersionSpec) SwaggerDoc() map[string]string {
}
var map_ClusterVersionStatus = map[string]string{
- "": "ClusterVersionStatus reports the status of the cluster versioning, including any upgrades that are in progress. The current field will be set to whichever version the cluster is reconciling to, and the conditions array will report whether the update succeeded, is in progress, or is failing.",
- "desired": "desired is the version that the cluster is reconciling towards. If the cluster is not yet fully initialized desired will be set with the information available, which may be an image or a tag.",
- "history": "history contains a list of the most recent versions applied to the cluster. This value may be empty during cluster startup, and then will be updated when a new update is being applied. The newest update is first in the list and it is ordered by recency. Updates in the history have state Completed if the rollout completed - if an update was failing or halfway applied the state will be Partial. Only a limited amount of update history is preserved.",
- "observedGeneration": "observedGeneration reports which version of the spec is being synced. If this value is not equal to metadata.generation, then the desired and conditions fields may represent a previous version.",
- "versionHash": "versionHash is a fingerprint of the content that the cluster will be updated with. It is used by the operator to avoid unnecessary work and is for internal use only.",
- "capabilities": "capabilities describes the state of optional, core cluster components.",
- "conditions": "conditions provides information about the cluster version. The condition \"Available\" is set to true if the desiredUpdate has been reached. The condition \"Progressing\" is set to true if an update is being applied. The condition \"Degraded\" is set to true if an update is currently blocked by a temporary or permanent error. Conditions are only valid for the current desiredUpdate when metadata.generation is equal to status.generation.",
- "availableUpdates": "availableUpdates contains updates recommended for this cluster. Updates which appear in conditionalUpdates but not in availableUpdates may expose this cluster to known issues. This list may be empty if no updates are recommended, if the update service is unavailable, or if an invalid channel has been specified.",
- "conditionalUpdates": "conditionalUpdates contains the list of updates that may be recommended for this cluster if it meets specific required conditions. Consumers interested in the set of updates that are actually recommended for this cluster should use availableUpdates. This list may be empty if no updates are recommended, if the update service is unavailable, or if an empty or invalid channel has been specified.",
+ "": "ClusterVersionStatus reports the status of the cluster versioning, including any upgrades that are in progress. The current field will be set to whichever version the cluster is reconciling to, and the conditions array will report whether the update succeeded, is in progress, or is failing.",
+ "desired": "desired is the version that the cluster is reconciling towards. If the cluster is not yet fully initialized desired will be set with the information available, which may be an image or a tag.",
+ "history": "history contains a list of the most recent versions applied to the cluster. This value may be empty during cluster startup, and then will be updated when a new update is being applied. The newest update is first in the list and it is ordered by recency. Updates in the history have state Completed if the rollout completed - if an update was failing or halfway applied the state will be Partial. Only a limited amount of update history is preserved.",
+ "observedGeneration": "observedGeneration reports which version of the spec is being synced. If this value is not equal to metadata.generation, then the desired and conditions fields may represent a previous version.",
+ "versionHash": "versionHash is a fingerprint of the content that the cluster will be updated with. It is used by the operator to avoid unnecessary work and is for internal use only.",
+ "capabilities": "capabilities describes the state of optional, core cluster components.",
+ "conditions": "conditions provides information about the cluster version. The condition \"Available\" is set to true if the desiredUpdate has been reached. The condition \"Progressing\" is set to true if an update is being applied. The condition \"Degraded\" is set to true if an update is currently blocked by a temporary or permanent error. Conditions are only valid for the current desiredUpdate when metadata.generation is equal to status.generation.",
+ "availableUpdates": "availableUpdates contains updates recommended for this cluster. Updates which appear in conditionalUpdates but not in availableUpdates may expose this cluster to known issues. This list may be empty if no updates are recommended, if the update service is unavailable, or if an invalid channel has been specified.",
+ "conditionalUpdates": "conditionalUpdates contains the list of updates that may be recommended for this cluster if it meets specific required conditions. Consumers interested in the set of updates that are actually recommended for this cluster should use availableUpdates. This list may be empty if no updates are recommended, if the update service is unavailable, or if an empty or invalid channel has been specified.",
+ "conditionalUpdateRisks": "conditionalUpdateRisks contains the list of risks associated with conditionalUpdates. When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field. If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked. The risk names in the list must be unique. conditionalUpdateRisks must not contain more than 500 entries.",
}
func (ClusterVersionStatus) SwaggerDoc() map[string]string {
@@ -821,6 +831,7 @@ func (ComponentOverride) SwaggerDoc() map[string]string {
var map_ConditionalUpdate = map[string]string{
"": "ConditionalUpdate represents an update which is recommended to some clusters on the version the current cluster is reconciling, but which may not be recommended for the current cluster.",
"release": "release is the target of the update.",
+ "riskNames": "riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters. The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster. A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator. The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field. Entries must be unique and must not exceed 256 characters. riskNames must not contain more than 500 entries.",
"risks": "risks represents the range of issues associated with updating to the target release. The cluster-version operator will evaluate all entries, and only recommend the update if there is at least one entry and all entries recommend the update.",
"conditions": "conditions represents the observations of the conditional update's current status. Known types are: * Recommended, for whether the update is recommended for the current cluster.",
}
@@ -831,6 +842,7 @@ func (ConditionalUpdate) SwaggerDoc() map[string]string {
var map_ConditionalUpdateRisk = map[string]string{
"": "ConditionalUpdateRisk represents a reason and cluster-state for not recommending a conditional update.",
+ "conditions": "conditions represents the observations of the conditional update risk's current status. Known types are: * Applies, for whether the risk applies to the current cluster. The condition's types in the list must be unique. conditions must not contain more than one entry.",
"url": "url contains information about this risk.",
"name": "name is the CamelCase reason for not recommending a conditional update, in the event that matchingRules match the cluster state.",
"message": "message provides additional information about the risk of updating, in the event that matchingRules match the cluster state. This is only to be consumed by humans. It may contain Line Feed characters (U+000A), which should be rendered as new lines.",
@@ -879,6 +891,7 @@ var map_Update = map[string]string{
"version": "version is a semantic version identifying the update version. version is required if architecture is specified. If both version and image are set, the version extracted from the referenced image must match the specified version.",
"image": "image is a container image location that contains the update. image should be used when the desired version does not exist in availableUpdates or history. When image is set, architecture cannot be specified. If both version and image are set, the version extracted from the referenced image must match the specified version.",
"force": "force allows an administrator to update to an image that has failed verification or upgradeable checks. This option should only be used when the authenticity of the provided image has been verified out of band because the provided image will run with full administrative access to the cluster. Do not use this flag with images that comes from unknown or potentially malicious sources.",
+ "acceptRisks": "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Only one accept risk is allowed per risk name.",
}
func (Update) SwaggerDoc() map[string]string {
@@ -893,7 +906,7 @@ var map_UpdateHistory = map[string]string{
"version": "version is a semantic version identifying the update version. If the requested image does not define a version, or if a failure occurs retrieving the image, this value may be empty.",
"image": "image is a container image location that contains the update. This value is always populated.",
"verified": "verified indicates whether the provided update was properly verified before it was installed. If this is false the cluster may not be trusted. Verified does not cover upgradeable checks that depend on the cluster state at the time when the update target was accepted.",
- "acceptedRisks": "acceptedRisks records risks which were accepted to initiate the update. For example, it may menition an Upgradeable=False or missing signature that was overriden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
+ "acceptedRisks": "acceptedRisks records risks which were accepted to initiate the update. For example, it may mention an Upgradeable=False or missing signature that was overridden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
}
func (UpdateHistory) SwaggerDoc() map[string]string {
diff --git a/features.md b/features.md
index e25cfe49eb3..69b81b6f1a4 100644
--- a/features.md
+++ b/features.md
@@ -26,6 +26,7 @@
| BootcNodeManagement| | | Enabled | Enabled | Enabled | Enabled |
| ClusterAPIInstallIBMCloud| | | Enabled | Enabled | Enabled | Enabled |
| ClusterMonitoringConfig| | | Enabled | Enabled | Enabled | Enabled |
+| ClusterUpdateAcceptRisks| | | Enabled | Enabled | Enabled | Enabled |
| DNSNameResolver| | | Enabled | Enabled | Enabled | Enabled |
| DyanmicServiceEndpointIBMCloud| | | Enabled | Enabled | Enabled | Enabled |
| DynamicResourceAllocation| | | Enabled | Enabled | Enabled | Enabled |
diff --git a/features/features.go b/features/features.go
index df72371102d..8af4579d1e9 100644
--- a/features/features.go
+++ b/features/features.go
@@ -728,6 +728,14 @@ var (
enableIn(configv1.DevPreviewNoUpgrade).
mustRegister()
+ FeatureGatClusterUpdateAcceptRisks = newFeatureGate("ClusterUpdateAcceptRisks").
+ reportProblemsToJiraComponent("Cluster Version Operator").
+ contactPerson("hongkliu").
+ productScope(ocpSpecific).
+ enhancementPR("https://github.com/openshift/enhancements/pull/1807").
+ enableIn(configv1.DevPreviewNoUpgrade, configv1.TechPreviewNoUpgrade).
+ mustRegister()
+
FeatureGateGCPCustomAPIEndpoints = newFeatureGate("GCPCustomAPIEndpoints").
reportProblemsToJiraComponent("Installer").
contactPerson("barbacbd").
diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go
index ec60816e623..d5800e6bcdc 100644
--- a/openapi/generated_openapi/zz_generated.openapi.go
+++ b/openapi/generated_openapi/zz_generated.openapi.go
@@ -155,6 +155,7 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA
"github.com/openshift/api/config/v1.AWSPlatformStatus": schema_openshift_api_config_v1_AWSPlatformStatus(ref),
"github.com/openshift/api/config/v1.AWSResourceTag": schema_openshift_api_config_v1_AWSResourceTag(ref),
"github.com/openshift/api/config/v1.AWSServiceEndpoint": schema_openshift_api_config_v1_AWSServiceEndpoint(ref),
+ "github.com/openshift/api/config/v1.AcceptRisk": schema_openshift_api_config_v1_AcceptRisk(ref),
"github.com/openshift/api/config/v1.AdmissionConfig": schema_openshift_api_config_v1_AdmissionConfig(ref),
"github.com/openshift/api/config/v1.AdmissionPluginConfig": schema_openshift_api_config_v1_AdmissionPluginConfig(ref),
"github.com/openshift/api/config/v1.AlibabaCloudPlatformSpec": schema_openshift_api_config_v1_AlibabaCloudPlatformSpec(ref),
@@ -8830,6 +8831,27 @@ func schema_openshift_api_config_v1_AWSServiceEndpoint(ref common.ReferenceCallb
}
}
+func schema_openshift_api_config_v1_AcceptRisk(ref common.ReferenceCallback) common.OpenAPIDefinition {
+ return common.OpenAPIDefinition{
+ Schema: spec.Schema{
+ SchemaProps: spec.SchemaProps{
+ Description: "AcceptRisk represents a risk that is considered acceptable.",
+ Type: []string{"object"},
+ Properties: map[string]spec.Schema{
+ "name": {
+ SchemaProps: spec.SchemaProps{
+ Description: "name is the name of the acceptable risk. It must be a non-empty string and must not exceed 256 characters.",
+ Type: []string{"string"},
+ Format: "",
+ },
+ },
+ },
+ Required: []string{"name"},
+ },
+ },
+ }
+}
+
func schema_openshift_api_config_v1_AdmissionConfig(ref common.ReferenceCallback) common.OpenAPIDefinition {
return common.OpenAPIDefinition{
Schema: spec.Schema{
@@ -11117,12 +11139,34 @@ func schema_openshift_api_config_v1_ClusterVersionStatus(ref common.ReferenceCal
},
},
},
+ "conditionalUpdateRisks": {
+ VendorExtensible: spec.VendorExtensible{
+ Extensions: spec.Extensions{
+ "x-kubernetes-list-map-keys": []interface{}{
+ "name",
+ },
+ "x-kubernetes-list-type": "map",
+ },
+ },
+ SchemaProps: spec.SchemaProps{
+ Description: "conditionalUpdateRisks contains the list of risks associated with conditionalUpdates. When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field. If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked. The risk names in the list must be unique. conditionalUpdateRisks must not contain more than 500 entries.",
+ Type: []string{"array"},
+ Items: &spec.SchemaOrArray{
+ Schema: &spec.Schema{
+ SchemaProps: spec.SchemaProps{
+ Default: map[string]interface{}{},
+ Ref: ref("github.com/openshift/api/config/v1.ConditionalUpdateRisk"),
+ },
+ },
+ },
+ },
+ },
},
Required: []string{"desired", "observedGeneration", "versionHash", "capabilities", "availableUpdates"},
},
},
Dependencies: []string{
- "github.com/openshift/api/config/v1.ClusterOperatorStatusCondition", "github.com/openshift/api/config/v1.ClusterVersionCapabilitiesStatus", "github.com/openshift/api/config/v1.ConditionalUpdate", "github.com/openshift/api/config/v1.Release", "github.com/openshift/api/config/v1.UpdateHistory"},
+ "github.com/openshift/api/config/v1.ClusterOperatorStatusCondition", "github.com/openshift/api/config/v1.ClusterVersionCapabilitiesStatus", "github.com/openshift/api/config/v1.ConditionalUpdate", "github.com/openshift/api/config/v1.ConditionalUpdateRisk", "github.com/openshift/api/config/v1.Release", "github.com/openshift/api/config/v1.UpdateHistory"},
}
}
@@ -11347,6 +11391,26 @@ func schema_openshift_api_config_v1_ConditionalUpdate(ref common.ReferenceCallba
Ref: ref("github.com/openshift/api/config/v1.Release"),
},
},
+ "riskNames": {
+ VendorExtensible: spec.VendorExtensible{
+ Extensions: spec.Extensions{
+ "x-kubernetes-list-type": "set",
+ },
+ },
+ SchemaProps: spec.SchemaProps{
+ Description: "riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters. The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster. A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator. The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field. Entries must be unique and must not exceed 256 characters. riskNames must not contain more than 500 entries.",
+ Type: []string{"array"},
+ Items: &spec.SchemaOrArray{
+ Schema: &spec.Schema{
+ SchemaProps: spec.SchemaProps{
+ Default: "",
+ Type: []string{"string"},
+ Format: "",
+ },
+ },
+ },
+ },
+ },
"risks": {
VendorExtensible: spec.VendorExtensible{
Extensions: spec.Extensions{
@@ -11409,6 +11473,28 @@ func schema_openshift_api_config_v1_ConditionalUpdateRisk(ref common.ReferenceCa
Description: "ConditionalUpdateRisk represents a reason and cluster-state for not recommending a conditional update.",
Type: []string{"object"},
Properties: map[string]spec.Schema{
+ "conditions": {
+ VendorExtensible: spec.VendorExtensible{
+ Extensions: spec.Extensions{
+ "x-kubernetes-list-map-keys": []interface{}{
+ "type",
+ },
+ "x-kubernetes-list-type": "map",
+ },
+ },
+ SchemaProps: spec.SchemaProps{
+ Description: "conditions represents the observations of the conditional update risk's current status. Known types are: * Applies, for whether the risk applies to the current cluster. The condition's types in the list must be unique. conditions must not contain more than one entry.",
+ Type: []string{"array"},
+ Items: &spec.SchemaOrArray{
+ Schema: &spec.Schema{
+ SchemaProps: spec.SchemaProps{
+ Default: map[string]interface{}{},
+ Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Condition"),
+ },
+ },
+ },
+ },
+ },
"url": {
SchemaProps: spec.SchemaProps{
Description: "url contains information about this risk.",
@@ -11457,7 +11543,7 @@ func schema_openshift_api_config_v1_ConditionalUpdateRisk(ref common.ReferenceCa
},
},
Dependencies: []string{
- "github.com/openshift/api/config/v1.ClusterCondition"},
+ "github.com/openshift/api/config/v1.ClusterCondition", "k8s.io/apimachinery/pkg/apis/meta/v1.Condition"},
}
}
@@ -20374,9 +20460,33 @@ func schema_openshift_api_config_v1_Update(ref common.ReferenceCallback) common.
Format: "",
},
},
+ "acceptRisks": {
+ VendorExtensible: spec.VendorExtensible{
+ Extensions: spec.Extensions{
+ "x-kubernetes-list-map-keys": []interface{}{
+ "name",
+ },
+ "x-kubernetes-list-type": "map",
+ },
+ },
+ SchemaProps: spec.SchemaProps{
+ Description: "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Only one accept risk is allowed per risk name.",
+ Type: []string{"array"},
+ Items: &spec.SchemaOrArray{
+ Schema: &spec.Schema{
+ SchemaProps: spec.SchemaProps{
+ Default: map[string]interface{}{},
+ Ref: ref("github.com/openshift/api/config/v1.AcceptRisk"),
+ },
+ },
+ },
+ },
+ },
},
},
},
+ Dependencies: []string{
+ "github.com/openshift/api/config/v1.AcceptRisk"},
}
}
@@ -20433,7 +20543,7 @@ func schema_openshift_api_config_v1_UpdateHistory(ref common.ReferenceCallback)
},
"acceptedRisks": {
SchemaProps: spec.SchemaProps{
- Description: "acceptedRisks records risks which were accepted to initiate the update. For example, it may menition an Upgradeable=False or missing signature that was overriden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
+ Description: "acceptedRisks records risks which were accepted to initiate the update. For example, it may mention an Upgradeable=False or missing signature that was overridden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
Type: []string{"string"},
Format: "",
},
diff --git a/openapi/openapi.json b/openapi/openapi.json
index 95d2878597d..40c08f42d69 100644
--- a/openapi/openapi.json
+++ b/openapi/openapi.json
@@ -4306,6 +4306,19 @@
}
}
},
+ "com.github.openshift.api.config.v1.AcceptRisk": {
+ "description": "AcceptRisk represents a risk that is considered acceptable.",
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "name": {
+ "description": "name is the name of the acceptable risk. It must be a non-empty string and must not exceed 256 characters.",
+ "type": "string"
+ }
+ }
+ },
"com.github.openshift.api.config.v1.AdmissionConfig": {
"type": "object",
"properties": {
@@ -5577,6 +5590,18 @@
"default": {},
"$ref": "#/definitions/com.github.openshift.api.config.v1.ClusterVersionCapabilitiesStatus"
},
+ "conditionalUpdateRisks": {
+ "description": "conditionalUpdateRisks contains the list of risks associated with conditionalUpdates. When performing a conditional update, all its associated risks will be compared with the set of accepted risks in the spec.desiredUpdate.acceptRisks field. If all risks for a conditional update are included in the spec.desiredUpdate.acceptRisks set, the conditional update can proceed, otherwise it is blocked. The risk names in the list must be unique. conditionalUpdateRisks must not contain more than 500 entries.",
+ "type": "array",
+ "items": {
+ "default": {},
+ "$ref": "#/definitions/com.github.openshift.api.config.v1.ConditionalUpdateRisk"
+ },
+ "x-kubernetes-list-map-keys": [
+ "name"
+ ],
+ "x-kubernetes-list-type": "map"
+ },
"conditionalUpdates": {
"description": "conditionalUpdates contains the list of updates that may be recommended for this cluster if it meets specific required conditions. Consumers interested in the set of updates that are actually recommended for this cluster should use availableUpdates. This list may be empty if no updates are recommended, if the update service is unavailable, or if an empty or invalid channel has been specified.",
"type": "array",
@@ -5784,6 +5809,15 @@
"default": {},
"$ref": "#/definitions/com.github.openshift.api.config.v1.Release"
},
+ "riskNames": {
+ "description": "riskNames represents the set of the names of conditionalUpdateRisks that are relevant to this update for some clusters. The Applies condition of each conditionalUpdateRisks entry declares if that risk applies to this cluster. A conditional update is accepted only if each of its risks either does not apply to the cluster or is considered acceptable by the cluster administrator. The latter means that the risk names are included in value of the spec.desiredUpdate.acceptRisks field. Entries must be unique and must not exceed 256 characters. riskNames must not contain more than 500 entries.",
+ "type": "array",
+ "items": {
+ "type": "string",
+ "default": ""
+ },
+ "x-kubernetes-list-type": "set"
+ },
"risks": {
"description": "risks represents the range of issues associated with updating to the target release. The cluster-version operator will evaluate all entries, and only recommend the update if there is at least one entry and all entries recommend the update.",
"type": "array",
@@ -5810,6 +5844,18 @@
"matchingRules"
],
"properties": {
+ "conditions": {
+ "description": "conditions represents the observations of the conditional update risk's current status. Known types are: * Applies, for whether the risk applies to the current cluster. The condition's types in the list must be unique. conditions must not contain more than one entry.",
+ "type": "array",
+ "items": {
+ "default": {},
+ "$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Condition"
+ },
+ "x-kubernetes-list-map-keys": [
+ "type"
+ ],
+ "x-kubernetes-list-type": "map"
+ },
"matchingRules": {
"description": "matchingRules is a slice of conditions for deciding which clusters match the risk and which do not. The slice is ordered by decreasing precedence. The cluster-version operator will walk the slice in order, and stop after the first it can successfully evaluate. If no condition can be successfully evaluated, the update will not be recommended.",
"type": "array",
@@ -11052,6 +11098,18 @@
"description": "Update represents an administrator update request.",
"type": "object",
"properties": {
+ "acceptRisks": {
+ "description": "acceptRisks is an optional set of names of conditional update risks that are considered acceptable. A conditional update is performed only if all of its risks are acceptable. This list may contain entries that apply to current, previous or future updates. The entries therefore may not map directly to a risk in .status.conditionalUpdateRisks. acceptRisks must not contain more than 1000 entries. Only one accept risk is allowed per risk name.",
+ "type": "array",
+ "items": {
+ "default": {},
+ "$ref": "#/definitions/com.github.openshift.api.config.v1.AcceptRisk"
+ },
+ "x-kubernetes-list-map-keys": [
+ "name"
+ ],
+ "x-kubernetes-list-type": "map"
+ },
"architecture": {
"description": "architecture is an optional field that indicates the desired value of the cluster architecture. In this context cluster architecture means either a single architecture or a multi architecture. architecture can only be set to Multi thereby only allowing updates from single to multi architecture. If architecture is set, image cannot be set and version must be set. Valid values are 'Multi' and empty.",
"type": "string",
@@ -11086,7 +11144,7 @@
],
"properties": {
"acceptedRisks": {
- "description": "acceptedRisks records risks which were accepted to initiate the update. For example, it may menition an Upgradeable=False or missing signature that was overriden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
+ "description": "acceptedRisks records risks which were accepted to initiate the update. For example, it may mention an Upgradeable=False or missing signature that was overridden via desiredUpdate.force, or an update that was initiated despite not being in the availableUpdates set of recommended update targets.",
"type": "string"
},
"completionTime": {
diff --git a/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml b/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml
index 600c07d80e8..8fd92dc1af9 100644
--- a/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml
+++ b/payload-manifests/featuregates/featureGate-Hypershift-Default.yaml
@@ -46,6 +46,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ClusterVersionOperatorConfiguration"
},
diff --git a/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml
index 69780c6da5b..c3f32cf267d 100644
--- a/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml
+++ b/payload-manifests/featuregates/featureGate-Hypershift-DevPreviewNoUpgrade.yaml
@@ -104,6 +104,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ClusterVersionOperatorConfiguration"
},
diff --git a/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml
index ee5e899d227..14008133436 100644
--- a/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml
+++ b/payload-manifests/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml
@@ -119,6 +119,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ConsolePluginContentSecurityPolicy"
},
diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml
index fbc391edcd8..0d5556802b6 100644
--- a/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml
+++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-Default.yaml
@@ -46,6 +46,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ClusterVersionOperatorConfiguration"
},
diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
index a446049d39a..e17527c67a1 100644
--- a/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
+++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-DevPreviewNoUpgrade.yaml
@@ -89,6 +89,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ClusterVersionOperatorConfiguration"
},
diff --git a/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml b/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
index 5e4a6e08184..7086faff900 100644
--- a/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
+++ b/payload-manifests/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml
@@ -104,6 +104,9 @@
{
"name": "ClusterMonitoringConfig"
},
+ {
+ "name": "ClusterUpdateAcceptRisks"
+ },
{
"name": "ConsolePluginContentSecurityPolicy"
},