From a06736a6d064538b52cee17cccd4dc3eb4fee5a8 Mon Sep 17 00:00:00 2001 From: Hongliang Liu Date: Thu, 28 Jan 2021 15:13:38 +0800 Subject: [PATCH] Rename API groups from *.antrea.tanzu.vmware.com to *.antrea.io Extension API groups as well as CRD API groups are renamed from*.antrea.tanzu .vmware.com to *.antrea.io.Old version of extension API groups is not renamed. Legacy CRD API groups ops.antrea.tanzu.vmware.com, security.antrea.tanzu.vmware.com, core.antrea.tanzu.vmware.com are merged into crd.antrea.io. Legacy extension and CRD API groups are reservered. Legacy extension API groups can be used directly. For legacy API groups, option LegacyCRDMirroring should be enabled in feature gates.When the mirroring is enabled,if a legacy CRD is created with legacy API groups, mirroring-controllerwill create a new CRD with the Spec and Labels from the legacy CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new CRD automatically. In addition, the modification of Status in new CRD will also be synchronized to legacy CRD automatically. If legacy CRD is deleted, the corresponding new CRD will be deleted. --- build/yamls/antrea-aks.yml | 1530 ++++++++-- build/yamls/antrea-eks.yml | 1530 ++++++++-- build/yamls/antrea-gke.yml | 1530 ++++++++-- build/yamls/antrea-ipsec.yml | 1530 ++++++++-- build/yamls/antrea.yml | 1530 ++++++++-- build/yamls/base/agent-rbac.yml | 5 + build/yamls/base/antctl.yml | 5 + build/yamls/base/conf/antrea-controller.conf | 12 + build/yamls/base/controller-rbac.yml | 141 +- build/yamls/base/controller.yml | 347 ++- build/yamls/base/crds-rbac.yml | 18 + build/yamls/base/crds.yml | 787 ++++- ci/kind/test-e2e-kind.sh | 10 +- cmd/antrea-agent/agent.go | 2 +- cmd/antrea-controller/config.go | 2 + cmd/antrea-controller/controller.go | 71 +- cmd/antrea-controller/options.go | 1 + docs/api.md | 34 +- hack/generate-manifest.sh | 10 + hack/update-codegen-dockerized.sh | 74 +- hack/update-codegen.sh | 2 +- .../apiserver/handlers/agentinfo/handler.go | 2 +- pkg/agent/controller/networkpolicy/cache.go | 4 +- pkg/agent/controller/traceflow/packetin.go | 6 +- .../controller/traceflow/packetin_test.go | 28 +- .../traceflow/traceflow_controller.go | 42 +- pkg/agent/openflow/network_policy.go | 6 +- pkg/agent/openflow/network_policy_test.go | 8 +- pkg/agent/querier/querier.go | 2 +- pkg/agent/querier/querier_test.go | 2 +- pkg/agent/querier/testing/mock_querier.go | 2 +- pkg/agent/types/networkpolicy.go | 2 +- pkg/antctl/command_definition_test.go | 2 +- pkg/antctl/raw/proxy/command.go | 6 +- pkg/antctl/raw/supportbundle/command.go | 4 +- pkg/antctl/raw/traceflow/command.go | 8 +- pkg/antctl/raw/traceflow/command_test.go | 2 +- .../transform/controllerinfo/transform.go | 18 +- pkg/antctl/transform/version/transform.go | 2 +- pkg/apis/controlplane/doc.go | 2 +- pkg/apis/controlplane/register.go | 2 +- pkg/apis/controlplane/types.go | 4 +- pkg/apis/controlplane/v1beta1/conversion.go | 2 +- pkg/apis/controlplane/v1beta1/doc.go | 2 +- pkg/apis/controlplane/v1beta1/generated.pb.go | 201 +- pkg/apis/controlplane/v1beta1/register.go | 2 +- pkg/apis/controlplane/v1beta1/types.go | 4 +- .../v1beta1/zz_generated.conversion.go | 2 +- .../v1beta1/zz_generated.deepcopy.go | 2 +- pkg/apis/controlplane/v1beta2/doc.go | 2 +- pkg/apis/controlplane/v1beta2/generated.pb.go | 224 +- pkg/apis/controlplane/v1beta2/register.go | 2 +- pkg/apis/controlplane/v1beta2/types.go | 4 +- .../v1beta2/zz_generated.conversion.go | 2 +- .../v1beta2/zz_generated.deepcopy.go | 2 +- .../controlplane/zz_generated.deepcopy.go | 2 +- pkg/apis/crd/doc.go | 18 + pkg/apis/crd/register.go | 20 + pkg/apis/crd/v1alpha1/doc.go | 20 + pkg/apis/crd/v1alpha1/register.go | 67 + pkg/apis/{security => crd}/v1alpha1/types.go | 230 +- .../v1alpha1/zz_generated.deepcopy.go | 311 ++ pkg/apis/crd/v1alpha2/doc.go | 19 + pkg/apis/crd/v1alpha2/register.go | 55 + pkg/apis/{core => crd}/v1alpha2/types.go | 6 +- pkg/apis/crd/v1alpha2/webhook.go | 81 + .../v1alpha2/zz_generated.deepcopy.go | 2 +- pkg/apis/crd/v1beta1/doc.go | 20 + pkg/apis/crd/v1beta1/register.go | 56 + .../v1beta1/types.go | 0 .../v1beta1/zz_generated.deepcopy.go | 2 +- pkg/apis/ops/v1alpha1/types.go | 247 -- .../ops/v1alpha1/zz_generated.deepcopy.go | 334 --- pkg/apis/stats/doc.go | 2 +- pkg/apis/stats/register.go | 2 +- pkg/apis/stats/v1alpha1/doc.go | 2 +- pkg/apis/stats/v1alpha1/register.go | 2 +- pkg/apis/system/v1beta1/doc.go | 2 +- pkg/apis/system/v1beta1/register.go | 8 +- pkg/apiserver/apiserver.go | 64 +- .../certificate/cacert_controller.go | 5 + pkg/apiserver/openapi/zz_generated.openapi.go | 1996 ++++++------- .../registry/system/controllerinfo/rest.go | 12 +- .../system/controllerinfo/rest_test.go | 2 +- pkg/client/clientset/versioned/clientset.go | 78 +- pkg/client/clientset/versioned/doc.go | 2 +- .../versioned/fake/clientset_generated.go | 39 +- pkg/client/clientset/versioned/fake/doc.go | 2 +- .../clientset/versioned/fake/register.go | 16 +- pkg/client/clientset/versioned/scheme/doc.go | 2 +- .../clientset/versioned/scheme/register.go | 16 +- .../controlplane/v1beta1/addressgroup.go | 2 +- .../controlplane/v1beta1/appliedtogroup.go | 2 +- .../v1beta1/controlplane_client.go | 4 +- .../typed/controlplane/v1beta1/doc.go | 2 +- .../typed/controlplane/v1beta1/fake/doc.go | 2 +- .../v1beta1/fake/fake_addressgroup.go | 6 +- .../v1beta1/fake/fake_appliedtogroup.go | 6 +- .../v1beta1/fake/fake_controlplane_client.go | 2 +- .../v1beta1/fake/fake_networkpolicy.go | 6 +- .../v1beta1/fake/fake_nodestatssummary.go | 6 +- .../v1beta1/generated_expansion.go | 2 +- .../controlplane/v1beta1/networkpolicy.go | 2 +- .../controlplane/v1beta1/nodestatssummary.go | 2 +- .../controlplane/v1beta2/addressgroup.go | 2 +- .../controlplane/v1beta2/appliedtogroup.go | 2 +- .../v1beta2/controlplane_client.go | 2 +- .../typed/controlplane/v1beta2/doc.go | 2 +- .../typed/controlplane/v1beta2/fake/doc.go | 2 +- .../v1beta2/fake/fake_addressgroup.go | 6 +- .../v1beta2/fake/fake_appliedtogroup.go | 6 +- .../v1beta2/fake/fake_networkpolicy.go | 6 +- .../fake/fake_networkpolicy_expansion.go | 2 +- .../v1beta2/fake/fake_nodestatssummary.go | 6 +- .../controlplane/v1beta2/networkpolicy.go | 2 +- .../v1beta2/networkpolicy_expansion.go | 2 +- .../controlplane/v1beta2/nodestatssummary.go | 2 +- .../v1alpha1/clusternetworkpolicy.go | 6 +- .../typed/crd/v1alpha1/crd_client.go | 102 + .../typed/{ops => crd}/v1alpha1/doc.go | 2 +- .../v1alpha2 => crd/v1alpha1}/fake/doc.go | 2 +- .../fake/fake_clusternetworkpolicy.go | 131 + .../crd/v1alpha1/fake/fake_crd_client.go | 50 + .../crd/v1alpha1/fake/fake_networkpolicy.go | 140 + .../typed/crd/v1alpha1/fake/fake_tier.go | 120 + .../typed/crd/v1alpha1/fake/fake_traceflow.go | 131 + .../typed/crd/v1alpha1/generated_expansion.go | 25 + .../v1alpha1/networkpolicy.go | 6 +- .../typed/{security => crd}/v1alpha1/tier.go | 6 +- .../typed/{ops => crd}/v1alpha1/traceflow.go | 6 +- .../{core => crd}/v1alpha2/clustergroup.go | 4 +- .../typed/crd/v1alpha2/crd_client.go | 92 + .../typed/{core => crd}/v1alpha2/doc.go | 2 +- .../{core => crd}/v1alpha2/externalentity.go | 6 +- .../v1alpha1 => crd/v1alpha2}/fake/doc.go | 2 +- .../crd/v1alpha2/fake/fake_clustergroup.go | 131 + .../crd/v1alpha2/fake/fake_crd_client.go | 42 + .../crd/v1alpha2/fake/fake_externalentity.go | 128 + .../v1alpha2/generated_expansion.go | 2 +- .../v1beta1/antreaagentinfo.go | 6 +- .../typed/crd/v1beta1/antreacontrollerinfo.go | 166 ++ .../versioned/typed/crd/v1beta1/crd_client.go | 92 + .../v1beta1/doc.go | 2 +- .../v1alpha1 => crd/v1beta1}/fake/doc.go | 2 +- .../crd/v1beta1/fake/fake_antreaagentinfo.go | 120 + .../v1beta1/fake/fake_antreacontrollerinfo.go | 120 + .../typed/crd/v1beta1/fake/fake_crd_client.go | 42 + .../v1beta1/generated_expansion.go | 2 +- .../antreaclusternetworkpolicystats.go | 2 +- .../v1alpha1/antreanetworkpolicystats.go | 2 +- .../versioned/typed/stats/v1alpha1/doc.go | 2 +- .../typed/stats/v1alpha1/fake/doc.go | 2 +- .../fake_antreaclusternetworkpolicystats.go | 6 +- .../fake/fake_antreanetworkpolicystats.go | 6 +- .../v1alpha1/fake/fake_networkpolicystats.go | 6 +- .../stats/v1alpha1/fake/fake_stats_client.go | 2 +- .../stats/v1alpha1/generated_expansion.go | 2 +- .../stats/v1alpha1/networkpolicystats.go | 2 +- .../typed/stats/v1alpha1/stats_client.go | 4 +- .../versioned/typed/system/v1beta1/doc.go | 2 +- .../typed/system/v1beta1/fake/doc.go | 2 +- .../system/v1beta1/fake/fake_supportbundle.go | 6 +- .../system/v1beta1/fake/fake_system_client.go | 2 +- .../system/v1beta1/generated_expansion.go | 2 +- .../typed/system/v1beta1/supportbundle.go | 2 +- .../typed/system/v1beta1/system_client.go | 4 +- .../externalversions/crd/interface.go | 60 + .../crd/v1alpha1/clusternetworkpolicy.go | 87 + .../crd/v1alpha1/interface.go | 64 + .../crd/v1alpha1/networkpolicy.go | 88 + .../externalversions/crd/v1alpha1/tier.go | 87 + .../{ops => crd}/v1alpha1/traceflow.go | 14 +- .../crd/v1alpha2/clustergroup.go | 87 + .../crd/v1alpha2/externalentity.go | 88 + .../{core => crd}/v1alpha2/interface.go | 2 +- .../crd/v1beta1/antreaagentinfo.go | 87 + .../crd/v1beta1/antreacontrollerinfo.go | 87 + .../v1beta1/interface.go | 2 +- .../informers/externalversions/factory.go | 28 +- .../informers/externalversions/generic.go | 45 +- .../internalinterfaces/factory_interfaces.go | 2 +- .../v1alpha1/clusternetworkpolicy.go | 4 +- .../crd/v1alpha1/expansion_generated.go | 37 + .../v1alpha1/networkpolicy.go | 4 +- .../{security => crd}/v1alpha1/tier.go | 4 +- .../{ops => crd}/v1alpha1/traceflow.go | 4 +- .../{core => crd}/v1alpha2/clustergroup.go | 4 +- .../v1alpha2/expansion_generated.go | 2 +- .../{core => crd}/v1alpha2/externalentity.go | 4 +- .../v1beta1/antreaagentinfo.go | 4 +- .../v1beta1/antreacontrollerinfo.go | 4 +- .../v1beta1/expansion_generated.go | 2 +- .../crdmirroring/crdhandler/clustergroup.go | 151 + .../crdhandler/clusternetworkpolicy.go | 151 + .../crdmirroring/crdhandler/externalentity.go | 126 + .../crdmirroring/crdhandler/networkpolicy.go | 154 + pkg/controller/crdmirroring/crdhandler/ops.go | 154 + .../crdmirroring/crdhandler/tier.go | 127 + .../crdmirroring/crdhandler/utils.go | 35 + .../crdmirroring/crdmirroring_controller.go | 240 ++ .../crdmirroring_controller_test.go | 1606 ++++++++++ .../crdmirroring/crdmirroring_handlers.go | 111 + .../crdmirroring/types/interface.go | 27 + pkg/controller/crdmirroring/types/types.go | 22 + pkg/controller/grouping/controller.go | 8 +- pkg/controller/grouping/controller_test.go | 4 +- pkg/controller/grouping/group_entity_index.go | 2 +- .../grouping/group_entity_index_test.go | 2 +- .../networkpolicy/antreanetworkpolicy.go | 18 +- .../networkpolicy/antreanetworkpolicy_test.go | 116 +- pkg/controller/networkpolicy/clustergroup.go | 36 +- .../networkpolicy/clustergroup_test.go | 122 +- .../networkpolicy/clusternetworkpolicy.go | 18 +- .../clusternetworkpolicy_test.go | 292 +- pkg/controller/networkpolicy/crd_utils.go | 2 +- .../networkpolicy/crd_utils_test.go | 46 +- pkg/controller/networkpolicy/mutate.go | 12 +- .../networkpolicy/networkpolicy_controller.go | 12 +- .../networkpolicy_controller_test.go | 27 +- .../networkpolicy/status_controller.go | 46 +- .../networkpolicy/status_controller_test.go | 66 +- pkg/controller/networkpolicy/tier.go | 6 +- pkg/controller/networkpolicy/validate.go | 78 +- pkg/controller/querier/querier.go | 2 +- .../querier/testing/mock_querier.go | 4 +- pkg/controller/stats/aggregator.go | 18 +- pkg/controller/stats/aggregator_test.go | 18 +- pkg/controller/traceflow/controller.go | 50 +- pkg/controller/traceflow/controller_test.go | 42 +- pkg/graphviz/traceflow.go | 50 +- pkg/k8s/client.go | 35 + .../clusterinformation/v1beta1/doc.go | 0 .../clusterinformation/v1beta1/register.go | 0 .../clusterinformation/v1beta1/types.go | 73 + .../v1beta1/zz_generated.deepcopy.go | 169 ++ pkg/legacyapis/controlplane/doc.go | 24 + .../controlplane/install/install.go | 32 + pkg/legacyapis/controlplane/register.go | 64 + pkg/legacyapis/controlplane/v1beta1/doc.go | 22 + .../controlplane/v1beta1/register.go | 60 + .../controlplane/v1beta2}/conversion.go | 2 +- pkg/legacyapis/controlplane/v1beta2/doc.go | 22 + .../controlplane/v1beta2/register.go | 81 + pkg/{apis => legacyapis}/core/doc.go | 0 pkg/{apis => legacyapis}/core/register.go | 0 pkg/{apis => legacyapis}/core/v1alpha2/doc.go | 2 +- .../core/v1alpha2/register.go | 0 pkg/legacyapis/core/v1alpha2/types.go | 67 + .../core/v1alpha2/webhook.go | 0 .../core/v1alpha2/zz_generated.deepcopy.go | 144 + pkg/{apis => legacyapis}/networking/doc.go | 0 .../networking/install/install.go | 4 +- .../networking/register.go | 0 .../networking/v1beta1/doc.go | 0 .../networking/v1beta1/register.go | 0 pkg/{apis => legacyapis}/ops/v1alpha1/doc.go | 0 .../ops/v1alpha1/register.go | 0 pkg/legacyapis/ops/v1alpha1/types.go | 40 + .../ops/v1alpha1/zz_generated.deepcopy.go | 84 + pkg/{apis => legacyapis}/security/doc.go | 0 pkg/{apis => legacyapis}/security/register.go | 0 .../security/v1alpha1/doc.go | 0 .../security/v1alpha1/register.go | 0 pkg/legacyapis/security/v1alpha1/types.go | 94 + .../v1alpha1/zz_generated.deepcopy.go | 205 ++ pkg/legacyapis/stats/doc.go | 21 + pkg/legacyapis/stats/install/install.go | 30 + pkg/legacyapis/stats/register.go | 57 + pkg/legacyapis/stats/v1alpha1/doc.go | 22 + pkg/legacyapis/stats/v1alpha1/register.go | 54 + pkg/legacyapis/system/doc.go | 19 + pkg/legacyapis/system/install/install.go | 28 + pkg/legacyapis/system/v1beta1/doc.go | 22 + pkg/legacyapis/system/v1beta1/register.go | 63 + .../clientset/versioned/clientset.go | 193 ++ pkg/legacyclient/clientset/versioned/doc.go | 18 + .../versioned/fake/clientset_generated.go | 129 + .../clientset/versioned/fake/doc.go | 18 + .../clientset/versioned/fake/register.go | 68 + .../clientset/versioned/scheme/doc.go | 18 + .../clientset/versioned/scheme/register.go | 68 + .../v1beta1/antreaagentinfo.go | 166 ++ .../v1beta1/antreacontrollerinfo.go | 6 +- .../v1beta1/clusterinformation_client.go | 6 +- .../typed/clusterinformation/v1beta1/doc.go | 18 + .../clusterinformation/v1beta1/fake/doc.go | 2 +- .../v1beta1/fake/fake_antreaagentinfo.go | 4 +- .../v1beta1/fake/fake_antreacontrollerinfo.go | 4 +- .../fake/fake_clusterinformation_client.go | 4 +- .../v1beta1/generated_expansion.go | 21 + .../v1beta1/controlplane_client.go | 82 + .../typed/controlplane/v1beta1/doc.go | 18 + .../typed/controlplane/v1beta1/fake/doc.go | 18 + .../v1beta1/fake/fake_controlplane_client.go | 33 + .../v1beta1/generated_expansion.go | 17 + .../v1beta2/controlplane_client.go | 82 + .../typed/controlplane/v1beta2/doc.go | 18 + .../typed/controlplane/v1beta2/fake/doc.go | 18 + .../v1beta2/fake/fake_controlplane_client.go | 33 + .../v1beta2/generated_expansion.go | 17 + .../typed/core/v1alpha2/clustergroup.go | 182 ++ .../typed/core/v1alpha2/core_client.go | 6 +- .../versioned/typed/core/v1alpha2/doc.go | 18 + .../typed/core/v1alpha2/externalentity.go | 176 ++ .../versioned/typed/core/v1alpha2/fake/doc.go | 18 + .../core/v1alpha2/fake/fake_clustergroup.go | 2 +- .../core/v1alpha2/fake/fake_core_client.go | 4 +- .../core/v1alpha2/fake/fake_externalentity.go | 4 +- .../core/v1alpha2/generated_expansion.go | 21 + .../versioned/typed/ops}/v1alpha1/doc.go | 2 +- .../versioned/typed/ops/v1alpha1/fake/doc.go | 18 + .../ops/v1alpha1/fake/fake_ops_client.go | 4 +- .../typed/ops/v1alpha1/fake/fake_traceflow.go | 4 +- .../typed/ops/v1alpha1/generated_expansion.go | 2 +- .../typed/ops/v1alpha1/ops_client.go | 6 +- .../versioned/typed/ops/v1alpha1/traceflow.go | 182 ++ .../security/v1alpha1/clusternetworkpolicy.go | 182 ++ .../versioned/typed/security/v1alpha1/doc.go | 18 + .../typed/security/v1alpha1/fake/doc.go | 18 + .../fake/fake_clusternetworkpolicy.go | 4 +- .../v1alpha1/fake/fake_networkpolicy.go | 4 +- .../v1alpha1/fake/fake_security_client.go | 4 +- .../typed/security/v1alpha1/fake/fake_tier.go | 4 +- .../security/v1alpha1/generated_expansion.go | 2 +- .../typed/security/v1alpha1/networkpolicy.go | 193 ++ .../security/v1alpha1/security_client.go | 6 +- .../versioned/typed/security/v1alpha1/tier.go | 166 ++ .../versioned/typed/stats/v1alpha1/doc.go | 18 + .../typed/stats/v1alpha1/fake/doc.go | 18 + .../stats/v1alpha1/fake/fake_stats_client.go | 33 + .../stats/v1alpha1/generated_expansion.go | 17 + .../typed/stats/v1alpha1/stats_client.go | 82 + .../versioned/typed/system/v1beta1/doc.go | 18 + .../typed/system/v1beta1/fake/doc.go | 18 + .../system/v1beta1/fake/fake_system_client.go | 33 + .../system/v1beta1/generated_expansion.go | 17 + .../typed/system/v1beta1/system_client.go | 82 + .../clusterinformation/interface.go | 6 +- .../v1beta1/antreaagentinfo.go | 10 +- .../v1beta1/antreacontrollerinfo.go | 10 +- .../clusterinformation/v1beta1/interface.go | 50 + .../externalversions/core/interface.go | 6 +- .../core/v1alpha2/clustergroup.go | 10 +- .../core/v1alpha2/externalentity.go | 10 +- .../core/v1alpha2/interface.go | 50 + .../informers/externalversions/factory.go | 196 ++ .../informers/externalversions/generic.go | 83 + .../internalinterfaces/factory_interfaces.go | 38 + .../externalversions/ops/interface.go | 6 +- .../ops/v1alpha1/interface.go | 4 +- .../ops/v1alpha1/traceflow.go | 87 + .../externalversions/security/interface.go | 6 +- .../security/v1alpha1/clusternetworkpolicy.go | 10 +- .../security/v1alpha1/interface.go | 4 +- .../security/v1alpha1/networkpolicy.go | 10 +- .../security/v1alpha1/tier.go | 10 +- .../v1beta1/antreaagentinfo.go | 63 + .../v1beta1/antreacontrollerinfo.go | 63 + .../v1beta1/expansion_generated.go | 25 + .../listers/core/v1alpha2/clustergroup.go | 63 + .../core/v1alpha2/expansion_generated.go | 29 + .../listers/core/v1alpha2/externalentity.go | 92 + .../ops/v1alpha1/expansion_generated.go | 2 +- .../listers/ops/v1alpha1/traceflow.go | 63 + .../security/v1alpha1/clusternetworkpolicy.go | 63 + .../security/v1alpha1/expansion_generated.go | 2 +- .../security/v1alpha1/networkpolicy.go | 92 + .../listers/security/v1alpha1/tier.go | 63 + pkg/monitor/agent.go | 8 +- pkg/monitor/controller.go | 12 +- pkg/support/dump.go | 2 +- .../cmd/antrea-octant-plugin/antrea_info.go | 8 +- .../octant/cmd/antrea-octant-plugin/main.go | 6 +- .../cmd/antrea-octant-plugin/traceflow.go | 76 +- test/e2e/antreapolicy_test.go | 323 ++- test/e2e/clustergroup_test.go | 72 +- test/e2e/framework.go | 14 +- test/e2e/k8s_util.go | 390 ++- test/e2e/legacyantreapolicy_test.go | 2581 +++++++++++++++++ test/e2e/legacyclustergroup_test.go | 273 ++ test/e2e/networkpolicy_test.go | 2 +- test/e2e/security_test.go | 2 +- test/e2e/traceflow_test.go | 58 +- test/e2e/util.go | 11 + test/e2e/utils/anpspecbuilder.go | 59 +- test/e2e/utils/cgspecbuilder.go | 28 +- test/e2e/utils/cnpspecbuilder.go | 60 +- test/integration/agent/openflow_test.go | 6 +- 388 files changed, 25379 insertions(+), 4293 deletions(-) create mode 100644 pkg/apis/crd/doc.go create mode 100644 pkg/apis/crd/register.go create mode 100644 pkg/apis/crd/v1alpha1/doc.go create mode 100644 pkg/apis/crd/v1alpha1/register.go rename pkg/apis/{security => crd}/v1alpha1/types.go (59%) rename pkg/apis/{security => crd}/v1alpha1/zz_generated.deepcopy.go (59%) create mode 100644 pkg/apis/crd/v1alpha2/doc.go create mode 100644 pkg/apis/crd/v1alpha2/register.go rename pkg/apis/{core => crd}/v1alpha2/types.go (97%) create mode 100644 pkg/apis/crd/v1alpha2/webhook.go rename pkg/apis/{core => crd}/v1alpha2/zz_generated.deepcopy.go (99%) create mode 100644 pkg/apis/crd/v1beta1/doc.go create mode 100644 pkg/apis/crd/v1beta1/register.go rename pkg/apis/{clusterinformation => crd}/v1beta1/types.go (100%) rename pkg/apis/{clusterinformation => crd}/v1beta1/zz_generated.deepcopy.go (99%) delete mode 100644 pkg/apis/ops/v1alpha1/types.go delete mode 100644 pkg/apis/ops/v1alpha1/zz_generated.deepcopy.go rename pkg/client/clientset/versioned/typed/{security => crd}/v1alpha1/clusternetworkpolicy.go (97%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/crd_client.go rename pkg/client/clientset/versioned/typed/{ops => crd}/v1alpha1/doc.go (95%) rename pkg/client/clientset/versioned/typed/{core/v1alpha2 => crd/v1alpha1}/fake/doc.go (95%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_clusternetworkpolicy.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_crd_client.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_networkpolicy.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_tier.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_traceflow.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha1/generated_expansion.go rename pkg/client/clientset/versioned/typed/{security => crd}/v1alpha1/networkpolicy.go (97%) rename pkg/client/clientset/versioned/typed/{security => crd}/v1alpha1/tier.go (97%) rename pkg/client/clientset/versioned/typed/{ops => crd}/v1alpha1/traceflow.go (97%) rename pkg/client/clientset/versioned/typed/{core => crd}/v1alpha2/clustergroup.go (98%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go rename pkg/client/clientset/versioned/typed/{core => crd}/v1alpha2/doc.go (95%) rename pkg/client/clientset/versioned/typed/{core => crd}/v1alpha2/externalentity.go (97%) rename pkg/client/clientset/versioned/typed/{ops/v1alpha1 => crd/v1alpha2}/fake/doc.go (95%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_clustergroup.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_externalentity.go rename pkg/client/clientset/versioned/typed/{core => crd}/v1alpha2/generated_expansion.go (95%) rename pkg/client/clientset/versioned/typed/{clusterinformation => crd}/v1beta1/antreaagentinfo.go (96%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/antreacontrollerinfo.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go rename pkg/client/clientset/versioned/typed/{clusterinformation => crd}/v1beta1/doc.go (95%) rename pkg/client/clientset/versioned/typed/{security/v1alpha1 => crd/v1beta1}/fake/doc.go (95%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreaagentinfo.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreacontrollerinfo.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go rename pkg/client/clientset/versioned/typed/{clusterinformation => crd}/v1beta1/generated_expansion.go (95%) create mode 100644 pkg/client/informers/externalversions/crd/interface.go create mode 100644 pkg/client/informers/externalversions/crd/v1alpha1/clusternetworkpolicy.go create mode 100644 pkg/client/informers/externalversions/crd/v1alpha1/interface.go create mode 100644 pkg/client/informers/externalversions/crd/v1alpha1/networkpolicy.go create mode 100644 pkg/client/informers/externalversions/crd/v1alpha1/tier.go rename pkg/client/informers/externalversions/{ops => crd}/v1alpha1/traceflow.go (89%) create mode 100644 pkg/client/informers/externalversions/crd/v1alpha2/clustergroup.go create mode 100644 pkg/client/informers/externalversions/crd/v1alpha2/externalentity.go rename pkg/client/informers/externalversions/{core => crd}/v1alpha2/interface.go (98%) create mode 100644 pkg/client/informers/externalversions/crd/v1beta1/antreaagentinfo.go create mode 100644 pkg/client/informers/externalversions/crd/v1beta1/antreacontrollerinfo.go rename pkg/client/informers/externalversions/{clusterinformation => crd}/v1beta1/interface.go (98%) rename pkg/client/listers/{security => crd}/v1alpha1/clusternetworkpolicy.go (95%) create mode 100644 pkg/client/listers/crd/v1alpha1/expansion_generated.go rename pkg/client/listers/{security => crd}/v1alpha1/networkpolicy.go (97%) rename pkg/client/listers/{security => crd}/v1alpha1/tier.go (94%) rename pkg/client/listers/{ops => crd}/v1alpha1/traceflow.go (95%) rename pkg/client/listers/{core => crd}/v1alpha2/clustergroup.go (95%) rename pkg/client/listers/{core => crd}/v1alpha2/expansion_generated.go (97%) rename pkg/client/listers/{core => crd}/v1alpha2/externalentity.go (97%) rename pkg/client/listers/{clusterinformation => crd}/v1beta1/antreaagentinfo.go (95%) rename pkg/client/listers/{clusterinformation => crd}/v1beta1/antreacontrollerinfo.go (95%) rename pkg/client/listers/{clusterinformation => crd}/v1beta1/expansion_generated.go (96%) create mode 100644 pkg/controller/crdmirroring/crdhandler/clustergroup.go create mode 100644 pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go create mode 100644 pkg/controller/crdmirroring/crdhandler/externalentity.go create mode 100644 pkg/controller/crdmirroring/crdhandler/networkpolicy.go create mode 100644 pkg/controller/crdmirroring/crdhandler/ops.go create mode 100644 pkg/controller/crdmirroring/crdhandler/tier.go create mode 100644 pkg/controller/crdmirroring/crdhandler/utils.go create mode 100644 pkg/controller/crdmirroring/crdmirroring_controller.go create mode 100644 pkg/controller/crdmirroring/crdmirroring_controller_test.go create mode 100644 pkg/controller/crdmirroring/crdmirroring_handlers.go create mode 100644 pkg/controller/crdmirroring/types/interface.go create mode 100644 pkg/controller/crdmirroring/types/types.go rename pkg/{apis => legacyapis}/clusterinformation/v1beta1/doc.go (100%) rename pkg/{apis => legacyapis}/clusterinformation/v1beta1/register.go (100%) create mode 100644 pkg/legacyapis/clusterinformation/v1beta1/types.go create mode 100644 pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go create mode 100644 pkg/legacyapis/controlplane/doc.go create mode 100644 pkg/legacyapis/controlplane/install/install.go create mode 100644 pkg/legacyapis/controlplane/register.go create mode 100644 pkg/legacyapis/controlplane/v1beta1/doc.go create mode 100644 pkg/legacyapis/controlplane/v1beta1/register.go rename pkg/{apis/networking/v1beta1 => legacyapis/controlplane/v1beta2}/conversion.go (98%) create mode 100644 pkg/legacyapis/controlplane/v1beta2/doc.go create mode 100644 pkg/legacyapis/controlplane/v1beta2/register.go rename pkg/{apis => legacyapis}/core/doc.go (100%) rename pkg/{apis => legacyapis}/core/register.go (100%) rename pkg/{apis => legacyapis}/core/v1alpha2/doc.go (95%) rename pkg/{apis => legacyapis}/core/v1alpha2/register.go (100%) create mode 100644 pkg/legacyapis/core/v1alpha2/types.go rename pkg/{apis => legacyapis}/core/v1alpha2/webhook.go (100%) create mode 100644 pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go rename pkg/{apis => legacyapis}/networking/doc.go (100%) rename pkg/{apis => legacyapis}/networking/install/install.go (88%) rename pkg/{apis => legacyapis}/networking/register.go (100%) rename pkg/{apis => legacyapis}/networking/v1beta1/doc.go (100%) rename pkg/{apis => legacyapis}/networking/v1beta1/register.go (100%) rename pkg/{apis => legacyapis}/ops/v1alpha1/doc.go (100%) rename pkg/{apis => legacyapis}/ops/v1alpha1/register.go (100%) create mode 100644 pkg/legacyapis/ops/v1alpha1/types.go create mode 100644 pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go rename pkg/{apis => legacyapis}/security/doc.go (100%) rename pkg/{apis => legacyapis}/security/register.go (100%) rename pkg/{apis => legacyapis}/security/v1alpha1/doc.go (100%) rename pkg/{apis => legacyapis}/security/v1alpha1/register.go (100%) create mode 100644 pkg/legacyapis/security/v1alpha1/types.go create mode 100644 pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go create mode 100644 pkg/legacyapis/stats/doc.go create mode 100644 pkg/legacyapis/stats/install/install.go create mode 100644 pkg/legacyapis/stats/register.go create mode 100644 pkg/legacyapis/stats/v1alpha1/doc.go create mode 100644 pkg/legacyapis/stats/v1alpha1/register.go create mode 100644 pkg/legacyapis/system/doc.go create mode 100644 pkg/legacyapis/system/install/install.go create mode 100644 pkg/legacyapis/system/v1beta1/doc.go create mode 100644 pkg/legacyapis/system/v1beta1/register.go create mode 100644 pkg/legacyclient/clientset/versioned/clientset.go create mode 100644 pkg/legacyclient/clientset/versioned/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/fake/clientset_generated.go create mode 100644 pkg/legacyclient/clientset/versioned/fake/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/fake/register.go create mode 100644 pkg/legacyclient/clientset/versioned/scheme/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/scheme/register.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go (96%) rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go (93%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go (95%) rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go (97%) rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go (97%) rename pkg/{client => legacyclient}/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go (89%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go rename pkg/{client => legacyclient}/clientset/versioned/typed/core/v1alpha2/core_client.go (93%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go rename pkg/{client => legacyclient}/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go (98%) rename pkg/{client => legacyclient}/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go (90%) rename pkg/{client => legacyclient}/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go (98%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go rename pkg/{client/clientset/versioned/typed/security => legacyclient/clientset/versioned/typed/ops}/v1alpha1/doc.go (95%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go rename pkg/{client => legacyclient}/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go (88%) rename pkg/{client => legacyclient}/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go (98%) rename pkg/{client => legacyclient}/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go (95%) rename pkg/{client => legacyclient}/clientset/versioned/typed/ops/v1alpha1/ops_client.go (92%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go (98%) rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go (98%) rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go (90%) rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go (97%) rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/generated_expansion.go (95%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go rename pkg/{client => legacyclient}/clientset/versioned/typed/security/v1alpha1/security_client.go (93%) create mode 100644 pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go create mode 100644 pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go rename pkg/{client => legacyclient}/informers/externalversions/clusterinformation/interface.go (84%) rename pkg/{client => legacyclient}/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go (88%) rename pkg/{client => legacyclient}/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go (89%) create mode 100644 pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go rename pkg/{client => legacyclient}/informers/externalversions/core/interface.go (85%) rename pkg/{client => legacyclient}/informers/externalversions/core/v1alpha2/clustergroup.go (89%) rename pkg/{client => legacyclient}/informers/externalversions/core/v1alpha2/externalentity.go (90%) create mode 100644 pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go create mode 100644 pkg/legacyclient/informers/externalversions/factory.go create mode 100644 pkg/legacyclient/informers/externalversions/generic.go create mode 100644 pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go rename pkg/{client => legacyclient}/informers/externalversions/ops/interface.go (85%) rename pkg/{client => legacyclient}/informers/externalversions/ops/v1alpha1/interface.go (90%) create mode 100644 pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go rename pkg/{client => legacyclient}/informers/externalversions/security/interface.go (84%) rename pkg/{client => legacyclient}/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go (89%) rename pkg/{client => legacyclient}/informers/externalversions/security/v1alpha1/interface.go (93%) rename pkg/{client => legacyclient}/informers/externalversions/security/v1alpha1/networkpolicy.go (89%) rename pkg/{client => legacyclient}/informers/externalversions/security/v1alpha1/tier.go (88%) create mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go create mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go create mode 100644 pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go create mode 100644 pkg/legacyclient/listers/core/v1alpha2/clustergroup.go create mode 100644 pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go create mode 100644 pkg/legacyclient/listers/core/v1alpha2/externalentity.go rename pkg/{client => legacyclient}/listers/ops/v1alpha1/expansion_generated.go (95%) create mode 100644 pkg/legacyclient/listers/ops/v1alpha1/traceflow.go create mode 100644 pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go rename pkg/{client => legacyclient}/listers/security/v1alpha1/expansion_generated.go (97%) create mode 100644 pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go create mode 100644 pkg/legacyclient/listers/security/v1alpha1/tier.go create mode 100644 test/e2e/legacyantreapolicy_test.go create mode 100644 test/e2e/legacyclustergroup_test.go diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index 390858aeba6..829b105b2c5 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -6,6 +6,30 @@ metadata: name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaAgentInfo + plural: antreaagentinfos + shortNames: + - laai + singular: antreaagentinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaAgentInfo plural: antreaagentinfos @@ -30,6 +54,30 @@ metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaControllerInfo + plural: antreacontrollerinfos + shortNames: + - laci + singular: antreacontrollerinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaControllerInfo plural: antreacontrollerinfos @@ -54,6 +102,70 @@ metadata: name: clustergroups.core.antrea.tanzu.vmware.com spec: group: core.antrea.tanzu.vmware.com + names: + kind: ClusterGroup + plural: clustergroups + shortNames: + - lcg + singular: group + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + serviceReference: + properties: + name: + type: string + namespace: + type: string + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io names: kind: ClusterGroup plural: clustergroups @@ -115,14 +227,13 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: ClusterNetworkPolicy plural: clusternetworkpolicies shortNames: - - cnp - acnp singular: clusternetworkpolicy scope: Cluster @@ -311,80 +422,23 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.security.antrea.tanzu.vmware.com spec: group: security.antrea.tanzu.vmware.com names: - kind: NetworkPolicy - plural: networkpolicies + kind: ClusterNetworkPolicy + plural: clusternetworkpolicies shortNames: - - netpol - - anp - singular: networkpolicy - scope: Namespaced + - lacnp + singular: clusternetworkpolicy + scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. + - description: The Tier to which this ClusterNetworkPolicy belongs to. jsonPath: .spec.tier name: Tier type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. + - description: The Priority of this ClusterNetworkPolicy relative to other policies. format: float jsonPath: .spec.priority name: Priority @@ -411,8 +465,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -428,8 +485,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -451,8 +511,8 @@ spec: to: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -481,8 +541,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -491,8 +554,8 @@ spec: from: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -507,42 +570,796 @@ spec: type: array name: type: string - ports: + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.core.antrea.tanzu.vmware.com +spec: + group: core.antrea.tanzu.vmware.com + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - lee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - anp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - lanp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Tier + plural: tiers + shortNames: + - tr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: Tier + plural: tiers + shortNames: + - ltr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Traceflow + plural: traceflows + shortNames: + - tf + singular: traceflow + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The phase of the Traceflow. + jsonPath: .status.phase + name: Phase + type: string + - description: The name of the source Pod. + jsonPath: .spec.source.pod + name: Source-Pod + priority: 10 + type: string + - description: The name of the destination Pod. + jsonPath: .spec.destination.pod + name: Destination-Pod + priority: 10 + type: string + - description: The IP address of the destination. + jsonPath: .spec.destination.ip + name: Destination-IP + priority: 10 + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + destination: + oneOf: + - required: + - pod + - namespace + - required: + - service + - namespace + - required: + - ip + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + namespace: + type: string + pod: + type: string + service: + type: string + type: object + packet: + properties: + ipHeader: + properties: + flags: + type: integer + protocol: + type: integer + srcIP: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + ttl: + type: integer + type: object + ipv6Header: + properties: + hopLimit: + type: integer + nextHeader: + type: integer + srcIP: + format: ipv6 + type: string + type: object + transportHeader: + properties: + icmp: + properties: + id: + type: integer + sequence: + type: integer + type: object + tcp: + properties: + dstPort: + type: integer + flags: + type: integer + srcPort: + type: integer + type: object + udp: + properties: + dstPort: + type: integer + srcPort: + type: integer + type: object + type: object + type: object + source: + properties: + namespace: + type: string + pod: + type: string + required: + - pod + - namespace + type: object + required: + - source + - destination + type: object + status: + properties: + dataplaneTag: + type: integer + phase: + type: string + reason: + type: string + results: + items: + properties: + node: + type: string + observations: items: properties: - endPort: + action: + type: string + component: + type: string + componentInfo: + type: string + dstMAC: + type: string + networkPolicy: + type: string + pod: + type: string + translatedDstIP: + type: string + translatedSrcIP: + type: string + ttl: type: integer - port: - x-kubernetes-int-or-string: true - protocol: + tunnelDstIP: type: string type: object type: array - required: - - action + role: + type: string + timestamp: + type: integer type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object + required: + - spec type: object served: true storage: true @@ -551,49 +1368,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer - required: - - priority - type: object - type: object - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -604,7 +1378,7 @@ spec: kind: Traceflow plural: traceflows shortNames: - - tf + - ltf singular: traceflow scope: Cluster versions: @@ -821,6 +1595,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -838,6 +1624,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -861,6 +1655,19 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -879,6 +1686,15 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -901,6 +1717,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -918,6 +1746,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -929,6 +1765,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -938,6 +1775,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -947,6 +1785,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -954,6 +1793,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -961,6 +1801,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: @@ -1020,6 +1861,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -1030,6 +1872,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -1040,12 +1883,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -1085,6 +1930,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status @@ -1140,7 +1986,69 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - "" + resourceNames: + - extension-apiserver-authentication + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resourceNames: + - antrea-ca + - antrea-cluster-identity + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - apiregistration.k8s.io + resourceNames: + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com + - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io + resources: + - apiservices + verbs: + - get + - update +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - crdmutator.antrea.tanzu.vmware.com + - crdvalidator.antrea.tanzu.vmware.com + - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - update +- apiGroups: + - crd.antrea.io resources: - antreacontrollerinfos verbs: @@ -1149,75 +2057,92 @@ rules: - update - delete - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: - list - delete - apiGroups: - - authentication.k8s.io + - crd.antrea.io resources: - - tokenreviews + - clusternetworkpolicies + - networkpolicies verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - authorization.k8s.io + - crd.antrea.io resources: - - subjectaccessreviews + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update +- apiGroups: + - crd.antrea.io + resources: + - tiers verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - "" - resourceNames: - - extension-apiserver-authentication + - crd.antrea.io resources: - - configmaps + - traceflows + - traceflows/status verbs: - get - - list - watch + - list + - update + - patch + - create + - delete - apiGroups: - - "" - resourceNames: - - antrea-ca - - antrea-cluster-identity + - crd.antrea.io resources: - - configmaps + - externalentities + - clustergroups verbs: - get + - watch + - list - update + - patch + - create + - delete - apiGroups: - - "" + - crd.antrea.io resources: - - configmaps + - clustergroups/status verbs: - - create + - update - apiGroups: - - apiregistration.k8s.io - resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - - v1beta1.controlplane.antrea.tanzu.vmware.com - - v1beta1.networking.antrea.tanzu.vmware.com + - clusterinformation.antrea.tanzu.vmware.com resources: - - apiservices + - antreacontrollerinfos verbs: - get + - create - update + - delete - apiGroups: - - admissionregistration.k8s.io - resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - - labelsmutator.antrea.io + - clusterinformation.antrea.tanzu.vmware.com resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations + - antreaagentinfos verbs: - - get - - update + - list + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1227,6 +2152,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1242,8 +2171,10 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -1266,6 +2197,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - core.antrea.tanzu.vmware.com resources: @@ -1320,6 +2255,22 @@ subjects: namespace: kube-system --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-ca + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-cluster-identity + namespace: kube-system +--- +apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. @@ -1525,12 +2476,24 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + + # If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be + # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and + # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API + # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy + # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new + # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized + # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. + # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be + # annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through + # the new API group. + #legacyCRDMirroring: true kind: ConfigMap metadata: annotations: {} labels: app: antrea - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 namespace: kube-system --- apiVersion: v1 @@ -1650,7 +2613,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 name: antrea-config - name: antrea-controller-tls secret: @@ -1664,6 +2627,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1alpha1.stats.antrea.io +spec: + group: stats.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1alpha1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1709,6 +2687,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta1.system.antrea.io +spec: + group: system.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1724,6 +2717,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta2.controlplane.antrea.io +spec: + group: controlplane.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta2 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1914,7 +2922,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -1948,6 +2956,58 @@ spec: --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdmutator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/acnp + name: acnpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/anp + name: anpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration metadata: labels: app: antrea @@ -2000,6 +3060,104 @@ webhooks: --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdvalidator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/tier + name: tiervalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tiers + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/acnp + name: acnpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/anp + name: anpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/clustergroup + name: clustergroupvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clustergroups + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration metadata: labels: app: antrea diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index 6f65c402c9b..ffbdfd2c92e 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -6,6 +6,30 @@ metadata: name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaAgentInfo + plural: antreaagentinfos + shortNames: + - laai + singular: antreaagentinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaAgentInfo plural: antreaagentinfos @@ -30,6 +54,30 @@ metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaControllerInfo + plural: antreacontrollerinfos + shortNames: + - laci + singular: antreacontrollerinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaControllerInfo plural: antreacontrollerinfos @@ -54,6 +102,70 @@ metadata: name: clustergroups.core.antrea.tanzu.vmware.com spec: group: core.antrea.tanzu.vmware.com + names: + kind: ClusterGroup + plural: clustergroups + shortNames: + - lcg + singular: group + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + serviceReference: + properties: + name: + type: string + namespace: + type: string + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io names: kind: ClusterGroup plural: clustergroups @@ -115,14 +227,13 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: ClusterNetworkPolicy plural: clusternetworkpolicies shortNames: - - cnp - acnp singular: clusternetworkpolicy scope: Cluster @@ -311,80 +422,23 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.security.antrea.tanzu.vmware.com spec: group: security.antrea.tanzu.vmware.com names: - kind: NetworkPolicy - plural: networkpolicies + kind: ClusterNetworkPolicy + plural: clusternetworkpolicies shortNames: - - netpol - - anp - singular: networkpolicy - scope: Namespaced + - lacnp + singular: clusternetworkpolicy + scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. + - description: The Tier to which this ClusterNetworkPolicy belongs to. jsonPath: .spec.tier name: Tier type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. + - description: The Priority of this ClusterNetworkPolicy relative to other policies. format: float jsonPath: .spec.priority name: Priority @@ -411,8 +465,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -428,8 +485,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -451,8 +511,8 @@ spec: to: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -481,8 +541,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -491,8 +554,8 @@ spec: from: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -507,42 +570,796 @@ spec: type: array name: type: string - ports: + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.core.antrea.tanzu.vmware.com +spec: + group: core.antrea.tanzu.vmware.com + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - lee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - anp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - lanp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Tier + plural: tiers + shortNames: + - tr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: Tier + plural: tiers + shortNames: + - ltr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Traceflow + plural: traceflows + shortNames: + - tf + singular: traceflow + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The phase of the Traceflow. + jsonPath: .status.phase + name: Phase + type: string + - description: The name of the source Pod. + jsonPath: .spec.source.pod + name: Source-Pod + priority: 10 + type: string + - description: The name of the destination Pod. + jsonPath: .spec.destination.pod + name: Destination-Pod + priority: 10 + type: string + - description: The IP address of the destination. + jsonPath: .spec.destination.ip + name: Destination-IP + priority: 10 + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + destination: + oneOf: + - required: + - pod + - namespace + - required: + - service + - namespace + - required: + - ip + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + namespace: + type: string + pod: + type: string + service: + type: string + type: object + packet: + properties: + ipHeader: + properties: + flags: + type: integer + protocol: + type: integer + srcIP: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + ttl: + type: integer + type: object + ipv6Header: + properties: + hopLimit: + type: integer + nextHeader: + type: integer + srcIP: + format: ipv6 + type: string + type: object + transportHeader: + properties: + icmp: + properties: + id: + type: integer + sequence: + type: integer + type: object + tcp: + properties: + dstPort: + type: integer + flags: + type: integer + srcPort: + type: integer + type: object + udp: + properties: + dstPort: + type: integer + srcPort: + type: integer + type: object + type: object + type: object + source: + properties: + namespace: + type: string + pod: + type: string + required: + - pod + - namespace + type: object + required: + - source + - destination + type: object + status: + properties: + dataplaneTag: + type: integer + phase: + type: string + reason: + type: string + results: + items: + properties: + node: + type: string + observations: items: properties: - endPort: + action: + type: string + component: + type: string + componentInfo: + type: string + dstMAC: + type: string + networkPolicy: + type: string + pod: + type: string + translatedDstIP: + type: string + translatedSrcIP: + type: string + ttl: type: integer - port: - x-kubernetes-int-or-string: true - protocol: + tunnelDstIP: type: string type: object type: array - required: - - action + role: + type: string + timestamp: + type: integer type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object + required: + - spec type: object served: true storage: true @@ -551,49 +1368,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer - required: - - priority - type: object - type: object - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -604,7 +1378,7 @@ spec: kind: Traceflow plural: traceflows shortNames: - - tf + - ltf singular: traceflow scope: Cluster versions: @@ -821,6 +1595,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -838,6 +1624,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -861,6 +1655,19 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -879,6 +1686,15 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -901,6 +1717,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -918,6 +1746,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -929,6 +1765,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -938,6 +1775,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -947,6 +1785,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -954,6 +1793,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -961,6 +1801,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: @@ -1020,6 +1861,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -1030,6 +1872,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -1040,12 +1883,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -1085,6 +1930,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status @@ -1140,7 +1986,69 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - "" + resourceNames: + - extension-apiserver-authentication + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resourceNames: + - antrea-ca + - antrea-cluster-identity + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - apiregistration.k8s.io + resourceNames: + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com + - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io + resources: + - apiservices + verbs: + - get + - update +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - crdmutator.antrea.tanzu.vmware.com + - crdvalidator.antrea.tanzu.vmware.com + - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - update +- apiGroups: + - crd.antrea.io resources: - antreacontrollerinfos verbs: @@ -1149,75 +2057,92 @@ rules: - update - delete - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: - list - delete - apiGroups: - - authentication.k8s.io + - crd.antrea.io resources: - - tokenreviews + - clusternetworkpolicies + - networkpolicies verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - authorization.k8s.io + - crd.antrea.io resources: - - subjectaccessreviews + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update +- apiGroups: + - crd.antrea.io + resources: + - tiers verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - "" - resourceNames: - - extension-apiserver-authentication + - crd.antrea.io resources: - - configmaps + - traceflows + - traceflows/status verbs: - get - - list - watch + - list + - update + - patch + - create + - delete - apiGroups: - - "" - resourceNames: - - antrea-ca - - antrea-cluster-identity + - crd.antrea.io resources: - - configmaps + - externalentities + - clustergroups verbs: - get + - watch + - list - update + - patch + - create + - delete - apiGroups: - - "" + - crd.antrea.io resources: - - configmaps + - clustergroups/status verbs: - - create + - update - apiGroups: - - apiregistration.k8s.io - resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - - v1beta1.controlplane.antrea.tanzu.vmware.com - - v1beta1.networking.antrea.tanzu.vmware.com + - clusterinformation.antrea.tanzu.vmware.com resources: - - apiservices + - antreacontrollerinfos verbs: - get + - create - update + - delete - apiGroups: - - admissionregistration.k8s.io - resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - - labelsmutator.antrea.io + - clusterinformation.antrea.tanzu.vmware.com resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations + - antreaagentinfos verbs: - - get - - update + - list + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1227,6 +2152,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1242,8 +2171,10 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -1266,6 +2197,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - core.antrea.tanzu.vmware.com resources: @@ -1320,6 +2255,22 @@ subjects: namespace: kube-system --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-ca + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-cluster-identity + namespace: kube-system +--- +apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. @@ -1525,12 +2476,24 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + + # If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be + # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and + # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API + # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy + # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new + # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized + # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. + # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be + # annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through + # the new API group. + #legacyCRDMirroring: true kind: ConfigMap metadata: annotations: {} labels: app: antrea - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 namespace: kube-system --- apiVersion: v1 @@ -1650,7 +2613,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 name: antrea-config - name: antrea-controller-tls secret: @@ -1664,6 +2627,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1alpha1.stats.antrea.io +spec: + group: stats.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1alpha1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1709,6 +2687,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta1.system.antrea.io +spec: + group: system.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1724,6 +2717,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta2.controlplane.antrea.io +spec: + group: controlplane.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta2 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1916,7 +2924,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-h7cktb4h6k + name: antrea-config-tcdhh9dhh9 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -1950,6 +2958,58 @@ spec: --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdmutator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/acnp + name: acnpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/anp + name: anpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration metadata: labels: app: antrea @@ -2002,6 +3062,104 @@ webhooks: --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdvalidator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/tier + name: tiervalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tiers + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/acnp + name: acnpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/anp + name: anpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/clustergroup + name: clustergroupvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clustergroups + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration metadata: labels: app: antrea diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index 4b52f19c649..8dfa448640a 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -6,6 +6,30 @@ metadata: name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaAgentInfo + plural: antreaagentinfos + shortNames: + - laai + singular: antreaagentinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaAgentInfo plural: antreaagentinfos @@ -30,6 +54,30 @@ metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaControllerInfo + plural: antreacontrollerinfos + shortNames: + - laci + singular: antreacontrollerinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaControllerInfo plural: antreacontrollerinfos @@ -54,6 +102,70 @@ metadata: name: clustergroups.core.antrea.tanzu.vmware.com spec: group: core.antrea.tanzu.vmware.com + names: + kind: ClusterGroup + plural: clustergroups + shortNames: + - lcg + singular: group + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + serviceReference: + properties: + name: + type: string + namespace: + type: string + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io names: kind: ClusterGroup plural: clustergroups @@ -115,14 +227,13 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: ClusterNetworkPolicy plural: clusternetworkpolicies shortNames: - - cnp - acnp singular: clusternetworkpolicy scope: Cluster @@ -311,80 +422,23 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.security.antrea.tanzu.vmware.com spec: group: security.antrea.tanzu.vmware.com names: - kind: NetworkPolicy - plural: networkpolicies + kind: ClusterNetworkPolicy + plural: clusternetworkpolicies shortNames: - - netpol - - anp - singular: networkpolicy - scope: Namespaced + - lacnp + singular: clusternetworkpolicy + scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. + - description: The Tier to which this ClusterNetworkPolicy belongs to. jsonPath: .spec.tier name: Tier type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. + - description: The Priority of this ClusterNetworkPolicy relative to other policies. format: float jsonPath: .spec.priority name: Priority @@ -411,8 +465,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -428,8 +485,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -451,8 +511,8 @@ spec: to: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -481,8 +541,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -491,8 +554,8 @@ spec: from: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -507,42 +570,796 @@ spec: type: array name: type: string - ports: + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.core.antrea.tanzu.vmware.com +spec: + group: core.antrea.tanzu.vmware.com + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - lee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - anp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - lanp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Tier + plural: tiers + shortNames: + - tr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: Tier + plural: tiers + shortNames: + - ltr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Traceflow + plural: traceflows + shortNames: + - tf + singular: traceflow + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The phase of the Traceflow. + jsonPath: .status.phase + name: Phase + type: string + - description: The name of the source Pod. + jsonPath: .spec.source.pod + name: Source-Pod + priority: 10 + type: string + - description: The name of the destination Pod. + jsonPath: .spec.destination.pod + name: Destination-Pod + priority: 10 + type: string + - description: The IP address of the destination. + jsonPath: .spec.destination.ip + name: Destination-IP + priority: 10 + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + destination: + oneOf: + - required: + - pod + - namespace + - required: + - service + - namespace + - required: + - ip + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + namespace: + type: string + pod: + type: string + service: + type: string + type: object + packet: + properties: + ipHeader: + properties: + flags: + type: integer + protocol: + type: integer + srcIP: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + ttl: + type: integer + type: object + ipv6Header: + properties: + hopLimit: + type: integer + nextHeader: + type: integer + srcIP: + format: ipv6 + type: string + type: object + transportHeader: + properties: + icmp: + properties: + id: + type: integer + sequence: + type: integer + type: object + tcp: + properties: + dstPort: + type: integer + flags: + type: integer + srcPort: + type: integer + type: object + udp: + properties: + dstPort: + type: integer + srcPort: + type: integer + type: object + type: object + type: object + source: + properties: + namespace: + type: string + pod: + type: string + required: + - pod + - namespace + type: object + required: + - source + - destination + type: object + status: + properties: + dataplaneTag: + type: integer + phase: + type: string + reason: + type: string + results: + items: + properties: + node: + type: string + observations: items: properties: - endPort: + action: + type: string + component: + type: string + componentInfo: + type: string + dstMAC: + type: string + networkPolicy: + type: string + pod: + type: string + translatedDstIP: + type: string + translatedSrcIP: + type: string + ttl: type: integer - port: - x-kubernetes-int-or-string: true - protocol: + tunnelDstIP: type: string type: object type: array - required: - - action + role: + type: string + timestamp: + type: integer type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object + required: + - spec type: object served: true storage: true @@ -551,49 +1368,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer - required: - - priority - type: object - type: object - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -604,7 +1378,7 @@ spec: kind: Traceflow plural: traceflows shortNames: - - tf + - ltf singular: traceflow scope: Cluster versions: @@ -821,6 +1595,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -838,6 +1624,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -861,6 +1655,19 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -879,6 +1686,15 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -901,6 +1717,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -918,6 +1746,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -929,6 +1765,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -938,6 +1775,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -947,6 +1785,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -954,6 +1793,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -961,6 +1801,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: @@ -1020,6 +1861,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -1030,6 +1872,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -1040,12 +1883,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -1085,6 +1930,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status @@ -1140,7 +1986,69 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - "" + resourceNames: + - extension-apiserver-authentication + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resourceNames: + - antrea-ca + - antrea-cluster-identity + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - apiregistration.k8s.io + resourceNames: + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com + - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io + resources: + - apiservices + verbs: + - get + - update +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - crdmutator.antrea.tanzu.vmware.com + - crdvalidator.antrea.tanzu.vmware.com + - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - update +- apiGroups: + - crd.antrea.io resources: - antreacontrollerinfos verbs: @@ -1149,75 +2057,92 @@ rules: - update - delete - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: - list - delete - apiGroups: - - authentication.k8s.io + - crd.antrea.io resources: - - tokenreviews + - clusternetworkpolicies + - networkpolicies verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - authorization.k8s.io + - crd.antrea.io resources: - - subjectaccessreviews + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update +- apiGroups: + - crd.antrea.io + resources: + - tiers verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - "" - resourceNames: - - extension-apiserver-authentication + - crd.antrea.io resources: - - configmaps + - traceflows + - traceflows/status verbs: - get - - list - watch + - list + - update + - patch + - create + - delete - apiGroups: - - "" - resourceNames: - - antrea-ca - - antrea-cluster-identity + - crd.antrea.io resources: - - configmaps + - externalentities + - clustergroups verbs: - get + - watch + - list - update + - patch + - create + - delete - apiGroups: - - "" + - crd.antrea.io resources: - - configmaps + - clustergroups/status verbs: - - create + - update - apiGroups: - - apiregistration.k8s.io - resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - - v1beta1.controlplane.antrea.tanzu.vmware.com - - v1beta1.networking.antrea.tanzu.vmware.com + - clusterinformation.antrea.tanzu.vmware.com resources: - - apiservices + - antreacontrollerinfos verbs: - get + - create - update + - delete - apiGroups: - - admissionregistration.k8s.io - resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - - labelsmutator.antrea.io + - clusterinformation.antrea.tanzu.vmware.com resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations + - antreaagentinfos verbs: - - get - - update + - list + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1227,6 +2152,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1242,8 +2171,10 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -1266,6 +2197,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - core.antrea.tanzu.vmware.com resources: @@ -1320,6 +2255,22 @@ subjects: namespace: kube-system --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-ca + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-cluster-identity + namespace: kube-system +--- +apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. @@ -1525,12 +2476,24 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + + # If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be + # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and + # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API + # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy + # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new + # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized + # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. + # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be + # annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through + # the new API group. + #legacyCRDMirroring: true kind: ConfigMap metadata: annotations: {} labels: app: antrea - name: antrea-config-ck9cm44gbk + name: antrea-config-cbk8gdb2b7 namespace: kube-system --- apiVersion: v1 @@ -1650,7 +2613,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-ck9cm44gbk + name: antrea-config-cbk8gdb2b7 name: antrea-config - name: antrea-controller-tls secret: @@ -1664,6 +2627,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1alpha1.stats.antrea.io +spec: + group: stats.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1alpha1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1709,6 +2687,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta1.system.antrea.io +spec: + group: system.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1724,6 +2717,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta2.controlplane.antrea.io +spec: + group: controlplane.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta2 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1917,7 +2925,7 @@ spec: path: /home/kubernetes/bin name: host-cni-bin - configMap: - name: antrea-config-ck9cm44gbk + name: antrea-config-cbk8gdb2b7 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -1948,6 +2956,58 @@ spec: --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdmutator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/acnp + name: acnpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/anp + name: anpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration metadata: labels: app: antrea @@ -2000,6 +3060,104 @@ webhooks: --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdvalidator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/tier + name: tiervalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tiers + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/acnp + name: acnpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/anp + name: anpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/clustergroup + name: clustergroupvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clustergroups + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration metadata: labels: app: antrea diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index 2d0481e0b67..a48db940388 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -6,6 +6,30 @@ metadata: name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaAgentInfo + plural: antreaagentinfos + shortNames: + - laai + singular: antreaagentinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaAgentInfo plural: antreaagentinfos @@ -30,6 +54,30 @@ metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaControllerInfo + plural: antreacontrollerinfos + shortNames: + - laci + singular: antreacontrollerinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaControllerInfo plural: antreacontrollerinfos @@ -54,6 +102,70 @@ metadata: name: clustergroups.core.antrea.tanzu.vmware.com spec: group: core.antrea.tanzu.vmware.com + names: + kind: ClusterGroup + plural: clustergroups + shortNames: + - lcg + singular: group + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + serviceReference: + properties: + name: + type: string + namespace: + type: string + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io names: kind: ClusterGroup plural: clustergroups @@ -115,14 +227,13 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: ClusterNetworkPolicy plural: clusternetworkpolicies shortNames: - - cnp - acnp singular: clusternetworkpolicy scope: Cluster @@ -311,80 +422,23 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.security.antrea.tanzu.vmware.com spec: group: security.antrea.tanzu.vmware.com names: - kind: NetworkPolicy - plural: networkpolicies + kind: ClusterNetworkPolicy + plural: clusternetworkpolicies shortNames: - - netpol - - anp - singular: networkpolicy - scope: Namespaced + - lacnp + singular: clusternetworkpolicy + scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. + - description: The Tier to which this ClusterNetworkPolicy belongs to. jsonPath: .spec.tier name: Tier type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. + - description: The Priority of this ClusterNetworkPolicy relative to other policies. format: float jsonPath: .spec.priority name: Priority @@ -411,8 +465,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -428,8 +485,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -451,8 +511,8 @@ spec: to: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -481,8 +541,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -491,8 +554,8 @@ spec: from: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -507,42 +570,796 @@ spec: type: array name: type: string - ports: + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.core.antrea.tanzu.vmware.com +spec: + group: core.antrea.tanzu.vmware.com + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - lee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - anp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - lanp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Tier + plural: tiers + shortNames: + - tr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: Tier + plural: tiers + shortNames: + - ltr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Traceflow + plural: traceflows + shortNames: + - tf + singular: traceflow + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The phase of the Traceflow. + jsonPath: .status.phase + name: Phase + type: string + - description: The name of the source Pod. + jsonPath: .spec.source.pod + name: Source-Pod + priority: 10 + type: string + - description: The name of the destination Pod. + jsonPath: .spec.destination.pod + name: Destination-Pod + priority: 10 + type: string + - description: The IP address of the destination. + jsonPath: .spec.destination.ip + name: Destination-IP + priority: 10 + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + destination: + oneOf: + - required: + - pod + - namespace + - required: + - service + - namespace + - required: + - ip + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + namespace: + type: string + pod: + type: string + service: + type: string + type: object + packet: + properties: + ipHeader: + properties: + flags: + type: integer + protocol: + type: integer + srcIP: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + ttl: + type: integer + type: object + ipv6Header: + properties: + hopLimit: + type: integer + nextHeader: + type: integer + srcIP: + format: ipv6 + type: string + type: object + transportHeader: + properties: + icmp: + properties: + id: + type: integer + sequence: + type: integer + type: object + tcp: + properties: + dstPort: + type: integer + flags: + type: integer + srcPort: + type: integer + type: object + udp: + properties: + dstPort: + type: integer + srcPort: + type: integer + type: object + type: object + type: object + source: + properties: + namespace: + type: string + pod: + type: string + required: + - pod + - namespace + type: object + required: + - source + - destination + type: object + status: + properties: + dataplaneTag: + type: integer + phase: + type: string + reason: + type: string + results: + items: + properties: + node: + type: string + observations: items: properties: - endPort: + action: + type: string + component: + type: string + componentInfo: + type: string + dstMAC: + type: string + networkPolicy: + type: string + pod: + type: string + translatedDstIP: + type: string + translatedSrcIP: + type: string + ttl: type: integer - port: - x-kubernetes-int-or-string: true - protocol: + tunnelDstIP: type: string type: object type: array - required: - - action + role: + type: string + timestamp: + type: integer type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object + required: + - spec type: object served: true storage: true @@ -551,49 +1368,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer - required: - - priority - type: object - type: object - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -604,7 +1378,7 @@ spec: kind: Traceflow plural: traceflows shortNames: - - tf + - ltf singular: traceflow scope: Cluster versions: @@ -821,6 +1595,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -838,6 +1624,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -861,6 +1655,19 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -879,6 +1686,15 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -901,6 +1717,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -918,6 +1746,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -929,6 +1765,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -938,6 +1775,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -947,6 +1785,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -954,6 +1793,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -961,6 +1801,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: @@ -1020,6 +1861,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -1030,6 +1872,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -1040,12 +1883,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -1085,6 +1930,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status @@ -1140,7 +1986,69 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - "" + resourceNames: + - extension-apiserver-authentication + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resourceNames: + - antrea-ca + - antrea-cluster-identity + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - apiregistration.k8s.io + resourceNames: + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com + - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io + resources: + - apiservices + verbs: + - get + - update +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - crdmutator.antrea.tanzu.vmware.com + - crdvalidator.antrea.tanzu.vmware.com + - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - update +- apiGroups: + - crd.antrea.io resources: - antreacontrollerinfos verbs: @@ -1149,75 +2057,92 @@ rules: - update - delete - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: - list - delete - apiGroups: - - authentication.k8s.io + - crd.antrea.io resources: - - tokenreviews + - clusternetworkpolicies + - networkpolicies verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - authorization.k8s.io + - crd.antrea.io resources: - - subjectaccessreviews + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update +- apiGroups: + - crd.antrea.io + resources: + - tiers verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - "" - resourceNames: - - extension-apiserver-authentication + - crd.antrea.io resources: - - configmaps + - traceflows + - traceflows/status verbs: - get - - list - watch + - list + - update + - patch + - create + - delete - apiGroups: - - "" - resourceNames: - - antrea-ca - - antrea-cluster-identity + - crd.antrea.io resources: - - configmaps + - externalentities + - clustergroups verbs: - get + - watch + - list - update + - patch + - create + - delete - apiGroups: - - "" + - crd.antrea.io resources: - - configmaps + - clustergroups/status verbs: - - create + - update - apiGroups: - - apiregistration.k8s.io - resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - - v1beta1.controlplane.antrea.tanzu.vmware.com - - v1beta1.networking.antrea.tanzu.vmware.com + - clusterinformation.antrea.tanzu.vmware.com resources: - - apiservices + - antreacontrollerinfos verbs: - get + - create - update + - delete - apiGroups: - - admissionregistration.k8s.io - resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - - labelsmutator.antrea.io + - clusterinformation.antrea.tanzu.vmware.com resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations + - antreaagentinfos verbs: - - get - - update + - list + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1227,6 +2152,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1242,8 +2171,10 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -1266,6 +2197,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - core.antrea.tanzu.vmware.com resources: @@ -1320,6 +2255,22 @@ subjects: namespace: kube-system --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-ca + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-cluster-identity + namespace: kube-system +--- +apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. @@ -1530,12 +2481,24 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + + # If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be + # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and + # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API + # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy + # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new + # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized + # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. + # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be + # annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through + # the new API group. + #legacyCRDMirroring: true kind: ConfigMap metadata: annotations: {} labels: app: antrea - name: antrea-config-gd8b5282d2 + name: antrea-config-dm25c5ghfm namespace: kube-system --- apiVersion: v1 @@ -1664,7 +2627,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-gd8b5282d2 + name: antrea-config-dm25c5ghfm name: antrea-config - name: antrea-controller-tls secret: @@ -1678,6 +2641,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1alpha1.stats.antrea.io +spec: + group: stats.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1alpha1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1723,6 +2701,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta1.system.antrea.io +spec: + group: system.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1738,6 +2731,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta2.controlplane.antrea.io +spec: + group: controlplane.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta2 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1963,7 +2971,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-gd8b5282d2 + name: antrea-config-dm25c5ghfm name: antrea-config - hostPath: path: /etc/cni/net.d @@ -1997,6 +3005,58 @@ spec: --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdmutator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/acnp + name: acnpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/anp + name: anpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration metadata: labels: app: antrea @@ -2049,6 +3109,104 @@ webhooks: --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdvalidator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/tier + name: tiervalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tiers + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/acnp + name: acnpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/anp + name: anpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/clustergroup + name: clustergroupvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clustergroups + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration metadata: labels: app: antrea diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index 8e3e40629c7..bb92a31202c 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -6,6 +6,30 @@ metadata: name: antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaAgentInfo + plural: antreaagentinfos + shortNames: + - laai + singular: antreaagentinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaAgentInfo plural: antreaagentinfos @@ -30,6 +54,30 @@ metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: group: clusterinformation.antrea.tanzu.vmware.com + names: + kind: AntreaControllerInfo + plural: antreacontrollerinfos + shortNames: + - laci + singular: antreacontrollerinfo + scope: Cluster + versions: + - name: v1beta1 + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io names: kind: AntreaControllerInfo plural: antreacontrollerinfos @@ -54,6 +102,70 @@ metadata: name: clustergroups.core.antrea.tanzu.vmware.com spec: group: core.antrea.tanzu.vmware.com + names: + kind: ClusterGroup + plural: clustergroups + shortNames: + - lcg + singular: group + scope: Cluster + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + serviceReference: + properties: + name: + type: string + namespace: + type: string + type: object + type: object + status: + properties: + conditions: + items: + properties: + lastTransitionTime: + type: string + status: + type: string + type: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io names: kind: ClusterGroup plural: clustergroups @@ -115,14 +227,13 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: clusternetworkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.crd.antrea.io spec: - group: security.antrea.tanzu.vmware.com + group: crd.antrea.io names: kind: ClusterNetworkPolicy plural: clusternetworkpolicies shortNames: - - cnp - acnp singular: clusternetworkpolicy scope: Cluster @@ -311,80 +422,23 @@ kind: CustomResourceDefinition metadata: labels: app: antrea - name: externalentities.core.antrea.tanzu.vmware.com -spec: - group: core.antrea.tanzu.vmware.com - names: - kind: ExternalEntity - plural: externalentities - shortNames: - - ee - singular: externalentity - scope: Namespaced - versions: - - name: v1alpha2 - schema: - openAPIV3Schema: - properties: - spec: - properties: - endpoints: - items: - properties: - ip: - pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ - type: string - name: - type: string - type: object - type: array - externalNode: - type: string - ports: - items: - properties: - name: - type: string - port: - x-kubernetes-int-or-string: true - protocol: - type: string - type: object - type: array - type: object - type: object - served: true - storage: true - - name: v1alpha1 - schema: - openAPIV3Schema: - type: object - served: false - storage: false ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: networkpolicies.security.antrea.tanzu.vmware.com + name: clusternetworkpolicies.security.antrea.tanzu.vmware.com spec: group: security.antrea.tanzu.vmware.com names: - kind: NetworkPolicy - plural: networkpolicies + kind: ClusterNetworkPolicy + plural: clusternetworkpolicies shortNames: - - netpol - - anp - singular: networkpolicy - scope: Namespaced + - lacnp + singular: clusternetworkpolicy + scope: Cluster versions: - additionalPrinterColumns: - - description: The Tier to which this Antrea NetworkPolicy belongs to. + - description: The Tier to which this ClusterNetworkPolicy belongs to. jsonPath: .spec.tier name: Tier type: string - - description: The Priority of this Antrea NetworkPolicy relative to other policies. + - description: The Priority of this ClusterNetworkPolicy relative to other policies. format: float jsonPath: .spec.priority name: Priority @@ -411,8 +465,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -428,8 +485,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -451,8 +511,8 @@ spec: to: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -481,8 +541,11 @@ spec: appliedTo: items: properties: + group: + type: string + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true podSelector: - type: object x-kubernetes-preserve-unknown-fields: true type: object type: array @@ -491,8 +554,8 @@ spec: from: items: properties: - externalEntitySelector: - x-kubernetes-preserve-unknown-fields: true + group: + type: string ipBlock: properties: cidr: @@ -507,42 +570,796 @@ spec: type: array name: type: string - ports: + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.core.antrea.tanzu.vmware.com +spec: + group: core.antrea.tanzu.vmware.com + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - lee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: ExternalEntity + plural: externalentities + shortNames: + - ee + singular: externalentity + scope: Namespaced + versions: + - name: v1alpha2 + schema: + openAPIV3Schema: + properties: + spec: + properties: + endpoints: + items: + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + name: + type: string + type: object + type: array + externalNode: + type: string + ports: + items: + properties: + name: + type: string + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + - name: v1alpha1 + schema: + openAPIV3Schema: + type: object + served: false + storage: false +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - anp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: networkpolicies.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: NetworkPolicy + plural: networkpolicies + shortNames: + - lanp + singular: networkpolicy + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + name: Tier + type: string + - description: The Priority of this Antrea NetworkPolicy relative to other policies. + format: float + jsonPath: .spec.priority + name: Priority + type: number + - description: The total number of Nodes that should realize the NetworkPolicy. + format: int32 + jsonPath: .status.desiredNodesRealized + name: Desired Nodes + type: number + - description: The number of Nodes that have realized the NetworkPolicy. + format: int32 + jsonPath: .status.currentNodesRealized + name: Current Nodes + type: number + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + egress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + to: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + required: + - action + type: object + type: array + ingress: + items: + properties: + action: + enum: + - Allow + - Drop + - Reject + type: string + appliedTo: + items: + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + enableLogging: + type: boolean + from: + items: + properties: + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + properties: + cidr: + format: cidr + type: string + type: object + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + type: object + type: array + name: + type: string + ports: + items: + properties: + endPort: + type: integer + port: + x-kubernetes-int-or-string: true + protocol: + type: string + type: object + type: array + required: + - action + type: object + type: array + priority: + format: float + maximum: 10000 + minimum: 1 + type: number + tier: + type: string + required: + - priority + type: object + status: + properties: + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + observedGeneration: + type: integer + phase: + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Tier + plural: tiers + shortNames: + - tr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: tiers.security.antrea.tanzu.vmware.com +spec: + group: security.antrea.tanzu.vmware.com + names: + kind: Tier + plural: tiers + shortNames: + - ltr + singular: tier + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + name: Priority + type: integer + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + description: + type: string + priority: + maximum: 255 + minimum: 0 + type: integer + required: + - priority + type: object + type: object + served: true + storage: true +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + labels: + app: antrea + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + names: + kind: Traceflow + plural: traceflows + shortNames: + - tf + singular: traceflow + scope: Cluster + versions: + - additionalPrinterColumns: + - description: The phase of the Traceflow. + jsonPath: .status.phase + name: Phase + type: string + - description: The name of the source Pod. + jsonPath: .spec.source.pod + name: Source-Pod + priority: 10 + type: string + - description: The name of the destination Pod. + jsonPath: .spec.destination.pod + name: Destination-Pod + priority: 10 + type: string + - description: The IP address of the destination. + jsonPath: .spec.destination.ip + name: Destination-IP + priority: 10 + type: string + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + name: v1alpha1 + schema: + openAPIV3Schema: + properties: + spec: + properties: + destination: + oneOf: + - required: + - pod + - namespace + - required: + - service + - namespace + - required: + - ip + properties: + ip: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + namespace: + type: string + pod: + type: string + service: + type: string + type: object + packet: + properties: + ipHeader: + properties: + flags: + type: integer + protocol: + type: integer + srcIP: + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + type: string + ttl: + type: integer + type: object + ipv6Header: + properties: + hopLimit: + type: integer + nextHeader: + type: integer + srcIP: + format: ipv6 + type: string + type: object + transportHeader: + properties: + icmp: + properties: + id: + type: integer + sequence: + type: integer + type: object + tcp: + properties: + dstPort: + type: integer + flags: + type: integer + srcPort: + type: integer + type: object + udp: + properties: + dstPort: + type: integer + srcPort: + type: integer + type: object + type: object + type: object + source: + properties: + namespace: + type: string + pod: + type: string + required: + - pod + - namespace + type: object + required: + - source + - destination + type: object + status: + properties: + dataplaneTag: + type: integer + phase: + type: string + reason: + type: string + results: + items: + properties: + node: + type: string + observations: items: properties: - endPort: + action: + type: string + component: + type: string + componentInfo: + type: string + dstMAC: + type: string + networkPolicy: + type: string + pod: + type: string + translatedDstIP: + type: string + translatedSrcIP: + type: string + ttl: type: integer - port: - x-kubernetes-int-or-string: true - protocol: + tunnelDstIP: type: string type: object type: array - required: - - action + role: + type: string + timestamp: + type: integer type: object type: array - priority: - format: float - maximum: 10000 - minimum: 1 - type: number - tier: - type: string - required: - - priority - type: object - status: - properties: - currentNodesRealized: - type: integer - desiredNodesRealized: - type: integer - observedGeneration: - type: integer - phase: - type: string type: object + required: + - spec type: object served: true storage: true @@ -551,49 +1368,6 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition -metadata: - labels: - app: antrea - name: tiers.security.antrea.tanzu.vmware.com -spec: - group: security.antrea.tanzu.vmware.com - names: - kind: Tier - plural: tiers - shortNames: - - tr - singular: tier - scope: Cluster - versions: - - additionalPrinterColumns: - - description: The Priority of this Tier relative to other Tiers. - jsonPath: .spec.priority - name: Priority - type: integer - - jsonPath: .metadata.creationTimestamp - name: Age - type: date - name: v1alpha1 - schema: - openAPIV3Schema: - properties: - spec: - properties: - description: - type: string - priority: - maximum: 255 - minimum: 0 - type: integer - required: - - priority - type: object - type: object - served: true - storage: true ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition metadata: labels: app: antrea @@ -604,7 +1378,7 @@ spec: kind: Traceflow plural: traceflows shortNames: - - tf + - ltf singular: traceflow scope: Cluster versions: @@ -821,6 +1595,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -838,6 +1624,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clustergroups + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -861,6 +1655,19 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -879,6 +1686,15 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -901,6 +1717,18 @@ rules: - update - patch - delete +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch + - create + - update + - patch + - delete --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -918,6 +1746,14 @@ rules: - get - list - watch +- apiGroups: + - crd.antrea.io + resources: + - traceflows + verbs: + - get + - list + - watch --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -929,6 +1765,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -938,6 +1775,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -947,6 +1785,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -954,6 +1793,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -961,6 +1801,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: @@ -1020,6 +1861,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -1030,6 +1872,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -1040,12 +1883,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -1085,6 +1930,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status @@ -1140,7 +1986,69 @@ rules: - watch - list - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +- apiGroups: + - "" + resourceNames: + - extension-apiserver-authentication + resources: + - configmaps + verbs: + - get + - list + - watch +- apiGroups: + - "" + resourceNames: + - antrea-ca + - antrea-cluster-identity + resources: + - configmaps + verbs: + - get + - update +- apiGroups: + - apiregistration.k8s.io + resourceNames: + - v1alpha1.stats.antrea.tanzu.vmware.com + - v1beta1.system.antrea.tanzu.vmware.com + - v1beta2.controlplane.antrea.tanzu.vmware.com + - v1beta1.controlplane.antrea.tanzu.vmware.com + - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io + resources: + - apiservices + verbs: + - get + - update +- apiGroups: + - admissionregistration.k8s.io + resourceNames: + - crdmutator.antrea.tanzu.vmware.com + - crdvalidator.antrea.tanzu.vmware.com + - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + resources: + - mutatingwebhookconfigurations + - validatingwebhookconfigurations + verbs: + - get + - update +- apiGroups: + - crd.antrea.io resources: - antreacontrollerinfos verbs: @@ -1149,75 +2057,92 @@ rules: - update - delete - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: - list - delete - apiGroups: - - authentication.k8s.io + - crd.antrea.io resources: - - tokenreviews + - clusternetworkpolicies + - networkpolicies verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - authorization.k8s.io + - crd.antrea.io resources: - - subjectaccessreviews + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update +- apiGroups: + - crd.antrea.io + resources: + - tiers verbs: + - get + - watch + - list + - update + - patch - create + - delete - apiGroups: - - "" - resourceNames: - - extension-apiserver-authentication + - crd.antrea.io resources: - - configmaps + - traceflows + - traceflows/status verbs: - get - - list - watch + - list + - update + - patch + - create + - delete - apiGroups: - - "" - resourceNames: - - antrea-ca - - antrea-cluster-identity + - crd.antrea.io resources: - - configmaps + - externalentities + - clustergroups verbs: - get + - watch + - list - update + - patch + - create + - delete - apiGroups: - - "" + - crd.antrea.io resources: - - configmaps + - clustergroups/status verbs: - - create + - update - apiGroups: - - apiregistration.k8s.io - resourceNames: - - v1alpha1.stats.antrea.tanzu.vmware.com - - v1beta1.system.antrea.tanzu.vmware.com - - v1beta2.controlplane.antrea.tanzu.vmware.com - - v1beta1.controlplane.antrea.tanzu.vmware.com - - v1beta1.networking.antrea.tanzu.vmware.com + - clusterinformation.antrea.tanzu.vmware.com resources: - - apiservices + - antreacontrollerinfos verbs: - get + - create - update + - delete - apiGroups: - - admissionregistration.k8s.io - resourceNames: - - crdmutator.antrea.tanzu.vmware.com - - crdvalidator.antrea.tanzu.vmware.com - - labelsmutator.antrea.io + - clusterinformation.antrea.tanzu.vmware.com resources: - - mutatingwebhookconfigurations - - validatingwebhookconfigurations + - antreaagentinfos verbs: - - get - - update + - list + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1227,6 +2152,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -1242,8 +2171,10 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -1266,6 +2197,10 @@ rules: - get - watch - list + - update + - patch + - create + - delete - apiGroups: - core.antrea.tanzu.vmware.com resources: @@ -1320,6 +2255,22 @@ subjects: namespace: kube-system --- apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-ca + namespace: kube-system +--- +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + app: antrea + name: antrea-cluster-identity + namespace: kube-system +--- +apiVersion: v1 data: antrea-agent.conf: | # FeatureGates is a map of feature names to bools that enable or disable experimental features. @@ -1530,12 +2481,24 @@ data: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + + # If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be + # enabled, otherwise the CRDs created with the legacy API groups will not take any effect and + # work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API + # groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy + # CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new + # CRD automatically. In addition, the modification of Status in new CRD will also be synchronized + # to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. + # Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be + # annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through + # the new API group. + #legacyCRDMirroring: true kind: ConfigMap metadata: annotations: {} labels: app: antrea - name: antrea-config-7ghm8d9bm9 + name: antrea-config-428bbdkgm2 namespace: kube-system --- apiVersion: v1 @@ -1655,7 +2618,7 @@ spec: key: node-role.kubernetes.io/master volumes: - configMap: - name: antrea-config-7ghm8d9bm9 + name: antrea-config-428bbdkgm2 name: antrea-config - name: antrea-controller-tls secret: @@ -1669,6 +2632,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1alpha1.stats.antrea.io +spec: + group: stats.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1alpha1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1714,6 +2692,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta1.system.antrea.io +spec: + group: system.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta1 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1729,6 +2722,21 @@ spec: --- apiVersion: apiregistration.k8s.io/v1 kind: APIService +metadata: + labels: + app: antrea + name: v1beta2.controlplane.antrea.io +spec: + group: controlplane.antrea.io + groupPriorityMinimum: 100 + service: + name: antrea + namespace: kube-system + version: v1beta2 + versionPriority: 100 +--- +apiVersion: apiregistration.k8s.io/v1 +kind: APIService metadata: labels: app: antrea @@ -1919,7 +2927,7 @@ spec: operator: Exists volumes: - configMap: - name: antrea-config-7ghm8d9bm9 + name: antrea-config-428bbdkgm2 name: antrea-config - hostPath: path: /etc/cni/net.d @@ -1953,6 +2961,58 @@ spec: --- apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdmutator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/acnp + name: acnpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /mutate/anp + name: anpmutator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration metadata: labels: app: antrea @@ -2005,6 +3065,104 @@ webhooks: --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration +metadata: + labels: + app: antrea + name: crdvalidator.antrea.io +webhooks: +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/tier + name: tiervalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - tiers + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/acnp + name: acnpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - clusternetworkpolicies + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/anp + name: anpvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - networkpolicies + scope: Namespaced + sideEffects: None + timeoutSeconds: 5 +- admissionReviewVersions: + - v1 + - v1beta1 + clientConfig: + service: + name: antrea + namespace: kube-system + path: /validate/clustergroup + name: clustergroupvalidator.antrea.io + rules: + - apiGroups: + - crd.antrea.io + apiVersions: + - v1alpha2 + operations: + - CREATE + - UPDATE + - DELETE + resources: + - clustergroups + scope: Cluster + sideEffects: None + timeoutSeconds: 5 +--- +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration metadata: labels: app: antrea diff --git a/build/yamls/base/agent-rbac.yml b/build/yamls/base/agent-rbac.yml index 28bc15d3942..26bc173aa06 100644 --- a/build/yamls/base/agent-rbac.yml +++ b/build/yamls/base/agent-rbac.yml @@ -46,6 +46,7 @@ rules: - list - apiGroups: - clusterinformation.antrea.tanzu.vmware.com + - crd.antrea.io resources: - antreaagentinfos verbs: @@ -56,6 +57,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -66,12 +68,14 @@ rules: - list - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - nodestatssummaries verbs: - create - apiGroups: - controlplane.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies/status verbs: @@ -117,6 +121,7 @@ rules: - list - apiGroups: - ops.antrea.tanzu.vmware.com + - crd.antrea.io resources: - traceflows - traceflows/status diff --git a/build/yamls/base/antctl.yml b/build/yamls/base/antctl.yml index de515fdb9d9..199a60aaac1 100644 --- a/build/yamls/base/antctl.yml +++ b/build/yamls/base/antctl.yml @@ -13,6 +13,7 @@ rules: - apiGroups: - controlplane.antrea.tanzu.vmware.com - networking.antrea.tanzu.vmware.com + - controlplane.antrea.io resources: - networkpolicies - appliedtogroups @@ -22,6 +23,7 @@ rules: - list - apiGroups: - stats.antrea.tanzu.vmware.com + - stats.antrea.io resources: - networkpolicystats - antreaclusternetworkpolicystats @@ -31,6 +33,7 @@ rules: - list - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - controllerinfos - agentinfos @@ -38,6 +41,7 @@ rules: - get - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles verbs: @@ -45,6 +49,7 @@ rules: - post - apiGroups: - system.antrea.tanzu.vmware.com + - system.antrea.io resources: - supportbundles/download verbs: diff --git a/build/yamls/base/conf/antrea-controller.conf b/build/yamls/base/conf/antrea-controller.conf index d6ec73e8bd4..21d33d8c791 100644 --- a/build/yamls/base/conf/antrea-controller.conf +++ b/build/yamls/base/conf/antrea-controller.conf @@ -36,3 +36,15 @@ featureGates: # TLS min version from: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. #tlsMinVersion: + +# If Antrea is upgraded from version <= v0.13 and legacy CRDs is used, this option should be +# enabled, otherwise the CRDs created with the legacy API groups will not take any effect and +# work as expected. When the mirroring is enabled, if a legacy CRD is created with legacy API +# groups, mirroring-controller will create a new CRD with the Spec and Labels from the legacy +# CRD. Afterwards, the modification of Spec and Label in legacy CRD will be synchronized to new +# CRD automatically. In addition, the modification of Status in new CRD will also be synchronized +# to legacy CRD automatically. If a legacy CRD is deleted, the corresponding new CRD will be deleted. +# Note that: to decouple a new CRD from the corresponding legacy CRD, the legacy CRD should be +# annotated with "crd.antrea.io/stop-mirror". Afterwards, CRUD of new CRDs should be done through +# the new API group. +#legacyCRDMirroring: true diff --git a/build/yamls/base/controller-rbac.yml b/build/yamls/base/controller-rbac.yml index 7ed421b98cd..75774d08955 100644 --- a/build/yamls/base/controller-rbac.yml +++ b/build/yamls/base/controller-rbac.yml @@ -29,22 +29,6 @@ rules: - get - watch - list - - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreacontrollerinfos - verbs: - - get - - create - - update - - delete - - apiGroups: - - clusterinformation.antrea.tanzu.vmware.com - resources: - - antreaagentinfos - verbs: - - list - - delete - apiGroups: - authentication.k8s.io resources: @@ -99,6 +83,9 @@ rules: - v1beta2.controlplane.antrea.tanzu.vmware.com - v1beta1.controlplane.antrea.tanzu.vmware.com - v1beta1.networking.antrea.tanzu.vmware.com + - v1alpha1.stats.antrea.io + - v1beta1.system.antrea.io + - v1beta2.controlplane.antrea.io verbs: - get - update @@ -111,9 +98,110 @@ rules: - crdmutator.antrea.tanzu.vmware.com - crdvalidator.antrea.tanzu.vmware.com - labelsmutator.antrea.io + - crdmutator.antrea.io + - crdvalidator.antrea.io + verbs: + - get + - update + - apiGroups: + - crd.antrea.io + resources: + - antreacontrollerinfos + verbs: + - get + - create + - update + - delete + - apiGroups: + - crd.antrea.io + resources: + - antreaagentinfos + verbs: + - list + - delete + - apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies + - networkpolicies verbs: - get + - watch + - list - update + - patch + - create + - delete + - apiGroups: + - crd.antrea.io + resources: + - clusternetworkpolicies/status + - networkpolicies/status + verbs: + - update + - apiGroups: + - crd.antrea.io + resources: + - tiers + verbs: + - get + - watch + - list + - update + - patch + - create + - delete + - apiGroups: + - crd.antrea.io + resources: + - traceflows + - traceflows/status + verbs: + - get + - watch + - list + - update + - patch + - create + - delete + - apiGroups: + - crd.antrea.io + resources: + - externalentities + - clustergroups + verbs: + - get + - watch + - list + - update + - patch + - create + - delete + - apiGroups: + - crd.antrea.io + resources: + - clustergroups/status + verbs: + - update + # Deprecated in v1.0.0. + - apiGroups: + - clusterinformation.antrea.tanzu.vmware.com + resources: + - antreacontrollerinfos + verbs: + - get + - create + - update + - delete + # Deprecated in v1.0.0. + - apiGroups: + - clusterinformation.antrea.tanzu.vmware.com + resources: + - antreaagentinfos + verbs: + - list + - delete + # Deprecated in v1.0.0. - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -123,6 +211,11 @@ rules: - get - watch - list + - update + - patch + - create + - delete + # Deprecated in v1.0.0. - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -130,6 +223,7 @@ rules: - networkpolicies/status verbs: - update + # Deprecated in v1.0.0. - apiGroups: - security.antrea.tanzu.vmware.com resources: @@ -138,8 +232,11 @@ rules: - get - watch - list - - create - update + - patch + - create + - delete + # Deprecated in v1.0.0. - apiGroups: - ops.antrea.tanzu.vmware.com resources: @@ -153,8 +250,9 @@ rules: - patch - create - delete + # Deprecated in v1.0.0. - apiGroups: - - core.antrea.tanzu.vmware.com + - core.antrea.tanzu.vmware.com resources: - externalentities - clustergroups @@ -162,8 +260,13 @@ rules: - get - watch - list + - update + - patch + - create + - delete + # Deprecated in v1.0.0. - apiGroups: - - core.antrea.tanzu.vmware.com + - core.antrea.tanzu.vmware.com resources: - clustergroups/status verbs: diff --git a/build/yamls/base/controller.yml b/build/yamls/base/controller.yml index c22290b840c..03e81350b9e 100644 --- a/build/yamls/base/controller.yml +++ b/build/yamls/base/controller.yml @@ -14,9 +14,9 @@ spec: apiVersion: apiregistration.k8s.io/v1 kind: APIService metadata: - name: v1beta2.controlplane.antrea.tanzu.vmware.com + name: v1beta2.controlplane.antrea.io spec: - group: controlplane.antrea.tanzu.vmware.com + group: controlplane.antrea.io groupPriorityMinimum: 100 version: v1beta2 versionPriority: 100 @@ -27,36 +27,9 @@ spec: apiVersion: apiregistration.k8s.io/v1 kind: APIService metadata: - name: v1beta1.controlplane.antrea.tanzu.vmware.com -spec: - group: controlplane.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - version: v1beta1 - versionPriority: 100 - service: - name: antrea - namespace: kube-system ---- -# Deprecated in v0.10, planned for removal in v0.12. -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta1.networking.antrea.tanzu.vmware.com + name: v1beta1.system.antrea.io spec: - group: networking.antrea.tanzu.vmware.com - groupPriorityMinimum: 100 - version: v1beta1 - versionPriority: 100 - service: - name: antrea - namespace: kube-system ---- -apiVersion: apiregistration.k8s.io/v1 -kind: APIService -metadata: - name: v1beta1.system.antrea.tanzu.vmware.com -spec: - group: system.antrea.tanzu.vmware.com + group: system.antrea.io groupPriorityMinimum: 100 version: v1beta1 versionPriority: 100 @@ -67,9 +40,9 @@ spec: apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - name: "crdmutator.antrea.tanzu.vmware.com" + name: "crdmutator.antrea.io" webhooks: - - name: "acnpmutator.antrea.tanzu.vmware.com" + - name: "acnpmutator.antrea.io" clientConfig: service: name: "antrea" @@ -77,14 +50,14 @@ webhooks: path: "/mutate/acnp" rules: - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] + apiGroups: ["crd.antrea.io"] apiVersions: ["v1alpha1"] resources: ["clusternetworkpolicies"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] sideEffects: None timeoutSeconds: 5 - - name: "anpmutator.antrea.tanzu.vmware.com" + - name: "anpmutator.antrea.io" clientConfig: service: name: "antrea" @@ -92,7 +65,7 @@ webhooks: path: "/mutate/anp" rules: - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] + apiGroups: ["crd.antrea.io"] apiVersions: ["v1alpha1"] resources: ["networkpolicies"] scope: "Namespaced" @@ -103,75 +76,75 @@ webhooks: apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - name: "crdvalidator.antrea.tanzu.vmware.com" + name: "crdvalidator.antrea.io" webhooks: -- name: "tiervalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/tier" - rules: - - operations: ["CREATE", "UPDATE", "DELETE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["tiers"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 -- name: "acnpvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/acnp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["clusternetworkpolicies"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 -- name: "anpvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/anp" - rules: - - operations: ["CREATE", "UPDATE"] - apiGroups: ["security.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha1"] - resources: ["networkpolicies"] - scope: "Namespaced" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 -- name: "clustergroupvalidator.antrea.tanzu.vmware.com" - clientConfig: - service: - name: "antrea" - namespace: "kube-system" - path: "/validate/clustergroup" - rules: - - operations: ["CREATE", "UPDATE", "DELETE"] - apiGroups: ["core.antrea.tanzu.vmware.com"] - apiVersions: ["v1alpha2"] - resources: ["clustergroups"] - scope: "Cluster" - admissionReviewVersions: ["v1", "v1beta1"] - sideEffects: None - timeoutSeconds: 5 + - name: "tiervalidator.antrea.io" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/tier" + rules: + - operations: ["CREATE", "UPDATE", "DELETE"] + apiGroups: ["crd.antrea.io"] + apiVersions: ["v1alpha1"] + resources: ["tiers"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "acnpvalidator.antrea.io" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/acnp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["crd.antrea.io"] + apiVersions: ["v1alpha1"] + resources: ["clusternetworkpolicies"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "anpvalidator.antrea.io" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/anp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["crd.antrea.io"] + apiVersions: ["v1alpha1"] + resources: ["networkpolicies"] + scope: "Namespaced" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "clustergroupvalidator.antrea.io" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/clustergroup" + rules: + - operations: ["CREATE", "UPDATE", "DELETE"] + apiGroups: ["crd.antrea.io"] + apiVersions: ["v1alpha2"] + resources: ["clustergroups"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 --- apiVersion: apiregistration.k8s.io/v1 kind: APIService metadata: - name: v1alpha1.stats.antrea.tanzu.vmware.com + name: v1alpha1.stats.antrea.io spec: - group: stats.antrea.tanzu.vmware.com + group: stats.antrea.io groupPriorityMinimum: 100 version: v1alpha1 versionPriority: 100 @@ -283,4 +256,178 @@ spec: hostPath: path: /var/log/antrea type: DirectoryOrCreate - +--- +# Deprecated in v1.0.0. +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1beta2.controlplane.antrea.tanzu.vmware.com +spec: + group: controlplane.antrea.tanzu.vmware.com + groupPriorityMinimum: 100 + version: v1beta2 + versionPriority: 100 + service: + name: antrea + namespace: kube-system +--- +# Deprecated in v1.0.0. +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1beta1.controlplane.antrea.tanzu.vmware.com +spec: + group: controlplane.antrea.tanzu.vmware.com + groupPriorityMinimum: 100 + version: v1beta1 + versionPriority: 100 + service: + name: antrea + namespace: kube-system +--- +# Deprecated in v0.10 +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1beta1.networking.antrea.tanzu.vmware.com +spec: + group: networking.antrea.tanzu.vmware.com + groupPriorityMinimum: 100 + version: v1beta1 + versionPriority: 100 + service: + name: antrea + namespace: kube-system +--- +# Deprecated in v1.0.0. +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1beta1.system.antrea.tanzu.vmware.com +spec: + group: system.antrea.tanzu.vmware.com + groupPriorityMinimum: 100 + version: v1beta1 + versionPriority: 100 + service: + name: antrea + namespace: kube-system +--- +# Deprecated in v1.0.0. +apiVersion: admissionregistration.k8s.io/v1 +kind: MutatingWebhookConfiguration +metadata: + name: "crdmutator.antrea.tanzu.vmware.com" +webhooks: + - name: "acnpmutator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/mutate/acnp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["security.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha1"] + resources: ["clusternetworkpolicies"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "anpmutator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/mutate/anp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["security.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha1"] + resources: ["networkpolicies"] + scope: "Namespaced" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 +--- +# Deprecated in v1.0.0. +apiVersion: admissionregistration.k8s.io/v1 +kind: ValidatingWebhookConfiguration +metadata: + name: "crdvalidator.antrea.tanzu.vmware.com" +webhooks: + - name: "tiervalidator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/tier" + rules: + - operations: ["CREATE", "UPDATE", "DELETE"] + apiGroups: ["security.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha1"] + resources: ["tiers"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "acnpvalidator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/acnp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["security.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha1"] + resources: ["clusternetworkpolicies"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "anpvalidator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/anp" + rules: + - operations: ["CREATE", "UPDATE"] + apiGroups: ["security.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha1"] + resources: ["networkpolicies"] + scope: "Namespaced" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 + - name: "clustergroupvalidator.antrea.tanzu.vmware.com" + clientConfig: + service: + name: "antrea" + namespace: "kube-system" + path: "/validate/clustergroup" + rules: + - operations: ["CREATE", "UPDATE", "DELETE"] + apiGroups: ["core.antrea.tanzu.vmware.com"] + apiVersions: ["v1alpha2"] + resources: ["clustergroups"] + scope: "Cluster" + admissionReviewVersions: ["v1", "v1beta1"] + sideEffects: None + timeoutSeconds: 5 +--- +# Deprecated in v1.0.0. +apiVersion: apiregistration.k8s.io/v1 +kind: APIService +metadata: + name: v1alpha1.stats.antrea.tanzu.vmware.com +spec: + group: stats.antrea.tanzu.vmware.com + groupPriorityMinimum: 100 + version: v1alpha1 + versionPriority: 100 + service: + name: antrea + namespace: kube-system +--- diff --git a/build/yamls/base/crds-rbac.yml b/build/yamls/base/crds-rbac.yml index 942dc99e49d..c34c33e11c9 100644 --- a/build/yamls/base/crds-rbac.yml +++ b/build/yamls/base/crds-rbac.yml @@ -11,6 +11,9 @@ rules: - apiGroups: ["security.antrea.tanzu.vmware.com"] resources: ["clusternetworkpolicies", "networkpolicies"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["crd.antrea.io"] + resources: ["clusternetworkpolicies", "networkpolicies"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -23,6 +26,9 @@ rules: - apiGroups: ["security.antrea.tanzu.vmware.com"] resources: ["clusternetworkpolicies", "networkpolicies"] verbs: ["get", "list", "watch"] +- apiGroups: ["crd.antrea.io"] + resources: ["clusternetworkpolicies", "networkpolicies"] + verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -36,6 +42,9 @@ rules: - apiGroups: ["ops.antrea.tanzu.vmware.com"] resources: ["traceflows"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["crd.antrea.io"] + resources: ["traceflows"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -48,6 +57,9 @@ rules: - apiGroups: ["ops.antrea.tanzu.vmware.com"] resources: ["traceflows"] verbs: ["get", "list", "watch"] +- apiGroups: ["crd.antrea.io"] + resources: ["traceflows"] + verbs: ["get", "list", "watch"] --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole @@ -61,6 +73,9 @@ rules: - apiGroups: ["core.antrea.tanzu.vmware.com"] resources: ["clustergroups"] verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] +- apiGroups: ["crd.antrea.io"] + resources: ["clustergroups"] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -73,4 +88,7 @@ rules: - apiGroups: ["core.antrea.tanzu.vmware.com"] resources: ["clustergroups"] verbs: ["get", "list", "watch"] +- apiGroups: ["crd.antrea.io"] + resources: ["clustergroups"] + verbs: ["get", "list", "watch"] --- diff --git a/build/yamls/base/crds.yml b/build/yamls/base/crds.yml index cdae4d8aeeb..33768c32698 100644 --- a/build/yamls/base/crds.yml +++ b/build/yamls/base/crds.yml @@ -1,6 +1,764 @@ --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: antreacontrollerinfos.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + scope: Cluster + names: + plural: antreacontrollerinfos + singular: antreacontrollerinfo + kind: AntreaControllerInfo + shortNames: + - aci +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: antreaagentinfos.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + x-kubernetes-preserve-unknown-fields: true + scope: Cluster + names: + plural: antreaagentinfos + singular: antreaagentinfo + kind: AntreaAgentInfo + shortNames: + - aai +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: traceflows.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha1 + served: true + storage: true + additionalPrinterColumns: + - jsonPath: .status.phase + description: The phase of the Traceflow. + name: Phase + type: string + - jsonPath: .spec.source.pod + description: The name of the source Pod. + name: Source-Pod + type: string + priority: 10 + - jsonPath: .spec.destination.pod + description: The name of the destination Pod. + name: Destination-Pod + type: string + priority: 10 + - jsonPath: .spec.destination.ip + description: The IP address of the destination. + name: Destination-IP + type: string + priority: 10 + - jsonPath: .metadata.creationTimestamp + name: Age + type: date + schema: + openAPIV3Schema: + type: object + required: + - spec + properties: + spec: + type: object + required: + - source + - destination + properties: + source: + type: object + required: + - pod + - namespace + properties: + pod: + type: string + namespace: + type: string + destination: + type: object + properties: + pod: + type: string + service: + type: string + namespace: + type: string + ip: + type: string + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + oneOf: + - required: ["pod", "namespace"] + - required: ["service", "namespace"] + - required: ["ip"] + packet: + type: object + properties: + ipHeader: + type: object + properties: + srcIP: + type: string + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + protocol: + type: integer + ttl: + type: integer + flags: + type: integer + ipv6Header: + type: object + properties: + srcIP: + type: string + format: ipv6 + nextHeader: + type: integer + hopLimit: + type: integer + transportHeader: + type: object + properties: + icmp: + type: object + properties: + id: + type: integer + sequence: + type: integer + udp: + type: object + properties: + srcPort: + type: integer + dstPort: + type: integer + tcp: + type: object + properties: + srcPort: + type: integer + dstPort: + type: integer + flags: + type: integer + status: + type: object + properties: + reason: + type: string + dataplaneTag: + type: integer + phase: + type: string + results: + type: array + items: + type: object + properties: + node: + type: string + role: + type: string + timestamp: + type: integer + observations: + type: array + items: + type: object + properties: + component: + type: string + componentInfo: + type: string + action: + type: string + pod: + type: string + dstMAC: + type: string + networkPolicy: + type: string + ttl: + type: integer + translatedSrcIP: + type: string + translatedDstIP: + type: string + tunnelDstIP: + type: string + subresources: + status: {} + scope: Cluster + names: + plural: traceflows + singular: traceflow + kind: Traceflow + shortNames: + - tf +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: tiers.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha1 + served: true + storage: true + additionalPrinterColumns: + - name: Priority + type: integer + description: The Priority of this Tier relative to other Tiers. + jsonPath: .spec.priority + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + schema: + openAPIV3Schema: + type: object + properties: + spec: + required: + - priority + type: object + properties: + priority: + type: integer + minimum: 0 + maximum: 255 + description: + type: string + scope: Cluster + names: + plural: tiers + singular: tier + kind: Tier + shortNames: + - tr +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clusternetworkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha1 + served: true + storage: true + additionalPrinterColumns: + - name: Tier + type: string + description: The Tier to which this ClusterNetworkPolicy belongs to. + jsonPath: .spec.tier + - name: Priority + type: number + format: float + description: The Priority of this ClusterNetworkPolicy relative to other policies. + jsonPath: .spec.priority + - name: Desired Nodes + type: number + format: int32 + description: The total number of Nodes that should realize the NetworkPolicy. + jsonPath: .status.desiredNodesRealized + - name: Current Nodes + type: number + format: int32 + description: The number of Nodes that have realized the NetworkPolicy. + jsonPath: .status.currentNodesRealized + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + schema: + openAPIV3Schema: + type: object + properties: + spec: + # Ensure that Spec.Priority field is set + required: + - priority + type: object + properties: + tier: + type: string + priority: + type: number + format: float + # Ensure that Spec.Priority field is between 1 and 10000 + minimum: 1.0 + maximum: 10000.0 + appliedTo: + type: array + items: + type: object + # Ensure that Spec.AppliedTo does not allow IPBlock field + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + group: + type: string + ingress: + type: array + items: + type: object + required: + - action + properties: + appliedTo: + type: array + items: + type: object + # Ensure that rule AppliedTo does not allow IPBlock field + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + group: + type: string + # Ensure that Action field allows only ALLOW, DROP and REJECT values + action: + type: string + enum: ['Allow', 'Drop', 'Reject'] + ports: + type: array + items: + type: object + properties: + protocol: + type: string + port: + x-kubernetes-int-or-string: true + endPort: + type: integer + from: + type: array + items: + type: object + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + type: object + properties: + cidr: + type: string + format: cidr + group: + type: string + name: + type: string + enableLogging: + type: boolean + egress: + type: array + items: + type: object + required: + - action + properties: + appliedTo: + type: array + items: + type: object + # Ensure that rule AppliedTo does not allow IPBlock field + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + group: + type: string + # Ensure that Action field allows only ALLOW, DROP and REJECT values + action: + type: string + enum: ['Allow', 'Drop', 'Reject'] + ports: + type: array + items: + type: object + properties: + protocol: + type: string + port: + x-kubernetes-int-or-string: true + endPort: + type: integer + to: + type: array + items: + type: object + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + type: object + properties: + cidr: + type: string + format: cidr + group: + type: string + name: + type: string + enableLogging: + type: boolean + status: + type: object + properties: + phase: + type: string + observedGeneration: + type: integer + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + subresources: + status: {} + scope: Cluster + names: + plural: clusternetworkpolicies + singular: clusternetworkpolicy + kind: ClusterNetworkPolicy + shortNames: + - acnp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: networkpolicies.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha1 + served: true + storage: true + additionalPrinterColumns: + - name: Tier + type: string + description: The Tier to which this Antrea NetworkPolicy belongs to. + jsonPath: .spec.tier + - name: Priority + type: number + format: float + description: The Priority of this Antrea NetworkPolicy relative to other policies. + jsonPath: .spec.priority + - name: Desired Nodes + type: number + format: int32 + description: The total number of Nodes that should realize the NetworkPolicy. + jsonPath: .status.desiredNodesRealized + - name: Current Nodes + type: number + format: int32 + description: The number of Nodes that have realized the NetworkPolicy. + jsonPath: .status.currentNodesRealized + - name: Age + type: date + jsonPath: .metadata.creationTimestamp + schema: + openAPIV3Schema: + type: object + properties: + spec: + # Ensure that Spec.Priority field is set + required: + - priority + type: object + properties: + tier: + type: string + priority: + type: number + format: float + # Ensure that Spec.Priority field is between 1 and 10000 + minimum: 1.0 + maximum: 10000.0 + appliedTo: + type: array + items: + type: object + # Ensure that Spec.AppliedTo does not allow NamespaceSelector/IPBlock field + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + ingress: + type: array + items: + type: object + required: + - action + properties: + appliedTo: + type: array + items: + type: object + # Ensure that rule AppliedTo does not allow NamespaceSelector/IPBlock field + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + # Ensure that Action field allows only ALLOW, DROP and REJECT values + action: + type: string + enum: ['Allow', 'Drop', 'Reject'] + ports: + type: array + items: + type: object + properties: + protocol: + type: string + port: + x-kubernetes-int-or-string: true + endPort: + type: integer + from: + type: array + items: + type: object + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + type: object + properties: + cidr: + type: string + format: cidr + name: + type: string + enableLogging: + type: boolean + egress: + type: array + items: + type: object + required: + - action + properties: + appliedTo: + type: array + items: + type: object + # Ensure that rule AppliedTo does not allow NamespaceSelector/IPBlock field + properties: + podSelector: + type: object + x-kubernetes-preserve-unknown-fields: true + # Ensure that Action field allows only ALLOW, DROP and REJECT values + action: + type: string + enum: ['Allow', 'Drop', 'Reject'] + ports: + type: array + items: + type: object + properties: + protocol: + type: string + port: + x-kubernetes-int-or-string: true + endPort: + type: integer + to: + type: array + items: + type: object + properties: + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + type: object + properties: + cidr: + type: string + format: cidr + name: + type: string + enableLogging: + type: boolean + status: + type: object + properties: + phase: + type: string + observedGeneration: + type: integer + currentNodesRealized: + type: integer + desiredNodesRealized: + type: integer + subresources: + status: {} + scope: Namespaced + names: + plural: networkpolicies + singular: networkpolicy + kind: NetworkPolicy + shortNames: + - anp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: externalentities.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + endpoints: + type: array + items: + type: object + properties: + ip: + type: string + pattern: ^(((([1]?\d)?\d|2[0-4]\d|25[0-5])\.){3}(([1]?\d)?\d|2[0-4]\d|25[0-5]))|([\da-fA-F]{1,4}(\:[\da-fA-F]{1,4}){7})|(([\da-fA-F]{1,4}:){0,5}::([\da-fA-F]{1,4}:){0,5}[\da-fA-F]{1,4})$ + name: + type: string + ports: + type: array + items: + type: object + properties: + protocol: + type: string + port: + x-kubernetes-int-or-string: true + name: + type: string + externalNode: + type: string + - name: v1alpha1 + served: false + storage: false + schema: + openAPIV3Schema: + type: object + scope: Namespaced + names: + plural: externalentities + singular: externalentity + kind: ExternalEntity + shortNames: + - ee +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: clustergroups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha2 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + x-kubernetes-preserve-unknown-fields: true + podSelector: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + x-kubernetes-preserve-unknown-fields: true + ipBlock: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + scope: Cluster + names: + plural: clustergroups + singular: group + kind: ClusterGroup + shortNames: + - cg +--- +# Deprecated in v1.0.0. +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com spec: @@ -19,8 +777,9 @@ spec: singular: antreacontrollerinfo kind: AntreaControllerInfo shortNames: - - aci + - laci --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -41,8 +800,9 @@ spec: singular: antreaagentinfo kind: AntreaAgentInfo shortNames: - - aai + - laai --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -218,8 +978,9 @@ spec: singular: traceflow kind: Traceflow shortNames: - - tf + - ltf --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -259,8 +1020,9 @@ spec: singular: tier kind: Tier shortNames: - - tr + - ltr --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -453,10 +1215,9 @@ spec: singular: clusternetworkpolicy kind: ClusterNetworkPolicy shortNames: - # Short name cnp is deprecated and will be removed in 0.12 release - - cnp - - acnp + - lacnp --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -640,10 +1401,9 @@ spec: singular: networkpolicy kind: NetworkPolicy shortNames: - # Short name netpol is deprecated and will be removed in 0.12 release - - netpol - - anp + - lanp --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -696,8 +1456,9 @@ spec: singular: externalentity kind: ExternalEntity shortNames: - - ee + - lee --- +# Deprecated in v1.0.0. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: @@ -749,7 +1510,7 @@ spec: status: type: string lastTransitionTime: - type: string + type: string subresources: status: {} scope: Cluster @@ -758,5 +1519,5 @@ spec: singular: group kind: ClusterGroup shortNames: - - cg + - lcg --- diff --git a/ci/kind/test-e2e-kind.sh b/ci/kind/test-e2e-kind.sh index 101dbcb7075..2fcc4222b59 100755 --- a/ci/kind/test-e2e-kind.sh +++ b/ci/kind/test-e2e-kind.sh @@ -23,12 +23,12 @@ function echoerr { } _usage="Usage: $0 [--encap-mode ] [--no-proxy] [--np] [--coverage] [--help|-h] - --encap-mode Traffic encapsulation mode. (default is 'encap') + --encap-mode Traffic encapsulation mode. (default is 'encap'). --no-proxy Disables Antrea proxy. - --endpointslice Enables Antrea proxy and EndpointSlice support + --endpointslice Enables Antrea proxy and EndpointSlice support. --np Enables Namespaced Antrea NetworkPolicy CRDs and ClusterNetworkPolicy related CRDs. --coverage Enables measure Antrea code coverage when run e2e tests on kind. - --help, -h Print this message and exit + --help, -h Print this message and exit. " function print_usage { @@ -132,9 +132,9 @@ function run_test { fi sleep 1 if $coverage; then - go test -v -timeout=50m github.com/vmware-tanzu/antrea/test/e2e -provider=kind --logs-export-dir=$ANTREA_LOG_DIR --coverage --coverage-dir $ANTREA_COV_DIR + go test -v -timeout=70m github.com/vmware-tanzu/antrea/test/e2e -provider=kind --logs-export-dir=$ANTREA_LOG_DIR --coverage --coverage-dir $ANTREA_COV_DIR else - go test -v -timeout=45m github.com/vmware-tanzu/antrea/test/e2e -provider=kind --logs-export-dir=$ANTREA_LOG_DIR + go test -v -timeout=65m github.com/vmware-tanzu/antrea/test/e2e -provider=kind --logs-export-dir=$ANTREA_LOG_DIR fi $TESTBED_CMD destroy kind } diff --git a/cmd/antrea-agent/agent.go b/cmd/antrea-agent/agent.go index 209de4b0d4e..bda122fa644 100644 --- a/cmd/antrea-agent/agent.go +++ b/cmd/antrea-agent/agent.go @@ -69,7 +69,7 @@ func run(o *Options) error { } informerFactory := informers.NewSharedInformerFactory(k8sClient, informerDefaultResync) crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, informerDefaultResync) - traceflowInformer := crdInformerFactory.Ops().V1alpha1().Traceflows() + traceflowInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() // Create Antrea Clientset for the given config. antreaClientProvider := agent.NewAntreaClientProvider(o.config.AntreaClientConnection, k8sClient) diff --git a/cmd/antrea-controller/config.go b/cmd/antrea-controller/config.go index a58320f6689..3ae14c9f6ed 100644 --- a/cmd/antrea-controller/config.go +++ b/cmd/antrea-controller/config.go @@ -43,4 +43,6 @@ type ControllerConfig struct { TLSCipherSuites string `yaml:"tlsCipherSuites,omitempty"` // TLS min version. TLSMinVersion string `yaml:"tlsMinVersion,omitempty"` + // Legacy CRD mirroring. + LegacyCRDMirroring bool `yaml:"legacyCRDMirroring,omitempty"` } diff --git a/cmd/antrea-controller/controller.go b/cmd/antrea-controller/controller.go index a043251fa3c..70e5135773e 100644 --- a/cmd/antrea-controller/controller.go +++ b/cmd/antrea-controller/controller.go @@ -36,6 +36,8 @@ import ( "github.com/vmware-tanzu/antrea/pkg/apiserver/storage" crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" "github.com/vmware-tanzu/antrea/pkg/clusteridentity" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/crdhandler" "github.com/vmware-tanzu/antrea/pkg/controller/grouping" "github.com/vmware-tanzu/antrea/pkg/controller/metrics" "github.com/vmware-tanzu/antrea/pkg/controller/networkpolicy" @@ -45,6 +47,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/controller/traceflow" "github.com/vmware-tanzu/antrea/pkg/features" "github.com/vmware-tanzu/antrea/pkg/k8s" + legacycrdinformers "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions" "github.com/vmware-tanzu/antrea/pkg/log" "github.com/vmware-tanzu/antrea/pkg/monitor" "github.com/vmware-tanzu/antrea/pkg/signals" @@ -102,12 +105,12 @@ func run(o *Options) error { serviceInformer := informerFactory.Core().V1().Services() networkPolicyInformer := informerFactory.Networking().V1().NetworkPolicies() nodeInformer := informerFactory.Core().V1().Nodes() - cnpInformer := crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() - externalEntityInformer := crdInformerFactory.Core().V1alpha2().ExternalEntities() - anpInformer := crdInformerFactory.Security().V1alpha1().NetworkPolicies() - tierInformer := crdInformerFactory.Security().V1alpha1().Tiers() - traceflowInformer := crdInformerFactory.Ops().V1alpha1().Traceflows() - cgInformer := crdInformerFactory.Core().V1alpha2().ClusterGroups() + cnpInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() + eeInformer := crdInformerFactory.Crd().V1alpha2().ExternalEntities() + anpInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() + tierInformer := crdInformerFactory.Crd().V1alpha1().Tiers() + tfInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() + cgInformer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() clusterIdentityAllocator := clusteridentity.NewClusterIdentityAllocator( env.GetAntreaNamespace(), @@ -121,7 +124,20 @@ func run(o *Options) error { networkPolicyStore := store.NewNetworkPolicyStore() groupStore := store.NewGroupStore() groupEntityIndex := grouping.NewGroupEntityIndex() - groupEntityController := grouping.NewGroupEntityController(groupEntityIndex, podInformer, namespaceInformer, externalEntityInformer) + groupEntityController := grouping.NewGroupEntityController(groupEntityIndex, podInformer, namespaceInformer, eeInformer) + + legacyCRDClient, err := k8s.CreateLegacyCRDClient(o.config.ClientConnection, "") + if err != nil { + return fmt.Errorf("error creating legacy CRD client: %v", err) + } + + legacyCRDInformerFactory := legacycrdinformers.NewSharedInformerFactory(legacyCRDClient, informerDefaultResync) + legacyANPInformer := legacyCRDInformerFactory.Security().V1alpha1().NetworkPolicies() + legacyCNPInformer := legacyCRDInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() + legacyTierInformer := legacyCRDInformerFactory.Security().V1alpha1().Tiers() + legacyCGInformer := legacyCRDInformerFactory.Core().V1alpha2().ClusterGroups() + legacyEEInformer := legacyCRDInformerFactory.Core().V1alpha2().ExternalEntities() + legacyTFInformer := legacyCRDInformerFactory.Ops().V1alpha1().Traceflows() networkPolicyController := networkpolicy.NewNetworkPolicyController(client, crdClient, @@ -142,6 +158,25 @@ func run(o *Options) error { networkPolicyStatusController = networkpolicy.NewStatusController(crdClient, networkPolicyStore, cnpInformer, anpInformer) } + var anpMirroringController *crdmirroring.Controller + var cnpMirroringController *crdmirroring.Controller + var tierMirroringController *crdmirroring.Controller + var cgMirroringController *crdmirroring.Controller + var eeMirroringController *crdmirroring.Controller + if features.DefaultFeatureGate.Enabled(features.AntreaPolicy) && o.config.LegacyCRDMirroring { + anpMirroringHandler := crdhandler.NewNetworkPolicyHandler(anpInformer.Lister(), legacyANPInformer.Lister(), crdClient, legacyCRDClient) + cnpMirroringHandler := crdhandler.NewClusterNetworkPolicyHandler(cnpInformer.Lister(), legacyCNPInformer.Lister(), crdClient, legacyCRDClient) + tierMirroringHandler := crdhandler.NewTierHandler(tierInformer.Lister(), legacyTierInformer.Lister(), crdClient, legacyCRDClient) + cgMirroringHandler := crdhandler.NewClusterGroupHandler(cgInformer.Lister(), legacyCGInformer.Lister(), crdClient, legacyCRDClient) + eeMirroringHandler := crdhandler.NewExternalEntityHandler(eeInformer.Lister(), legacyEEInformer.Lister(), crdClient, legacyCRDClient) + + anpMirroringController = crdmirroring.NewController(anpInformer.Informer(), legacyANPInformer.Informer(), anpMirroringHandler, "NetworkPolicy") + cnpMirroringController = crdmirroring.NewController(cnpInformer.Informer(), legacyCNPInformer.Informer(), cnpMirroringHandler, "ClusterNetworkPolicy") + tierMirroringController = crdmirroring.NewController(tierInformer.Informer(), legacyTierInformer.Informer(), tierMirroringHandler, "Tier") + cgMirroringController = crdmirroring.NewController(cgInformer.Informer(), legacyCGInformer.Informer(), cgMirroringHandler, "ClusterGroup") + eeMirroringController = crdmirroring.NewController(eeInformer.Informer(), legacyEEInformer.Informer(), eeMirroringHandler, "ExternalEntity") + } + endpointQuerier := networkpolicy.NewEndpointQuerier(networkPolicyController) controllerQuerier := querier.NewControllerQuerier(networkPolicyController, o.config.APIPort) @@ -150,7 +185,13 @@ func run(o *Options) error { var traceflowController *traceflow.Controller if features.DefaultFeatureGate.Enabled(features.Traceflow) { - traceflowController = traceflow.NewTraceflowController(crdClient, podInformer, traceflowInformer) + traceflowController = traceflow.NewTraceflowController(crdClient, podInformer, tfInformer) + } + + var traceflowMirroringController *crdmirroring.Controller + if features.DefaultFeatureGate.Enabled(features.Traceflow) && o.config.LegacyCRDMirroring { + tfMirroringHandler := crdhandler.NewTraceflowHandler(tfInformer.Lister(), legacyTFInformer.Lister(), crdClient, legacyCRDClient) + traceflowMirroringController = crdmirroring.NewController(tfInformer.Informer(), legacyTFInformer.Informer(), tfMirroringHandler, "Traceflow") } // statsAggregator takes stats summaries from antrea-agents, aggregates them, and serves the Stats APIs with the @@ -204,6 +245,7 @@ func run(o *Options) error { informerFactory.Start(stopCh) crdInformerFactory.Start(stopCh) + legacyCRDInformerFactory.Start(stopCh) go clusterIdentityAllocator.Run(stopCh) @@ -231,6 +273,19 @@ func run(o *Options) error { go networkPolicyStatusController.Run(stopCh) } + if o.config.LegacyCRDMirroring { + if features.DefaultFeatureGate.Enabled(features.Traceflow) { + go traceflowMirroringController.Run(stopCh) + } + if features.DefaultFeatureGate.Enabled(features.AntreaPolicy) { + go anpMirroringController.Run(stopCh) + go cnpMirroringController.Run(stopCh) + go tierMirroringController.Run(stopCh) + go cgMirroringController.Run(stopCh) + go eeMirroringController.Run(stopCh) + } + } + <-stopCh klog.Info("Stopping Antrea controller") return nil diff --git a/cmd/antrea-controller/options.go b/cmd/antrea-controller/options.go index 483f25cad4c..7e3b92471bc 100644 --- a/cmd/antrea-controller/options.go +++ b/cmd/antrea-controller/options.go @@ -37,6 +37,7 @@ func newOptions() *Options { config: &ControllerConfig{ EnablePrometheusMetrics: true, SelfSignedCert: true, + LegacyCRDMirroring: true, }, } } diff --git a/docs/api.md b/docs/api.md index 4e37a02107b..8e45bd7e8b8 100644 --- a/docs/api.md +++ b/docs/api.md @@ -11,20 +11,26 @@ For information about the Antrea API versioning policy, please refer to this These are the API group versions which are curently available when using Antrea. -| API group | API version | API Service? | Introduced in | Deprecated in / Planned Deprecation | Planned Removal | -|---|---|---|---|---|---| -| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | N/A | N/A | -| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | N/A | N/A | -| `controlplane.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.10.0 | v0.11.0 | Aug 2021 | -| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | N/A | N/A | -| `networking.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.3.0 | v0.10.0 | Jun 2021 | -| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | N/A | N/A | -| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | N/A | N/A | -| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | N/A | N/A | -| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | N/A | N/A | +| API group | API version | API Service? | Introduced in | Deprecated in / Planned Deprecation | Planned Removal | +| -------------------------------------------- | ----------- | ------------ | ------------- | ----------------------------------- | --------------- | +| `clusterinformation.antrea.tanzu.vmware.com` | `v1beta1` | No | v0.3.0 | v1.0.0 | Dec 2021 | +| `core.antrea.tanzu.vmware.com` | `v1alpha2` | No | v0.11.0 | v1.0.0 | Dec 2021 | +| `controlplane.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.10.0 | v0.11.0 | Aug 2021 | +| `controlplane.antrea.tanzu.vmware.com` | `v1beta2` | Yes | v0.11.0 | v1.0.0 | Dec 2021 | +| `networking.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.3.0 | v0.10.0 | Jun 2021 | +| `ops.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | +| `security.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v1.0.0 | Dec 2021 | +| `stats.antrea.tanzu.vmware.com` | `v1alpha1` | Yes | v0.10.0 | v1.0.0 | Dec 2021 | +| `system.antrea.tanzu.vmware.com` | `v1beta1` | Yes | v0.5.0 | v1.0.0 | Dec 2021 | +| `crd.antrea.io` | `v1alpha1` | No | v1.0.0 | N/A | N/A | +| `crd.antrea.io` | `v1alpha2` | No | v1.0.0 | N/A | N/A | +| `crd.antrea.io` | `v1beta1` | No | v1.0.0 | N/A | N/A | +| `controlplane.antrea.io` | `v1beta2` | Yes | v1.0.0 | N/A | N/A | +| `stats.antrea.io` | `v1alpha1` | Yes | v1.0.0 | N/A | N/A | +| `system.antrea.io` | `v1beta1` | Yes | v1.0.0 | N/A | N/A | ## Previously-supported -| API group | API version | API Service? | Introduced in | Deprecated in | Removed in | -|---|---|---|---|---|---| -| `core.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v0.11.0 | v0.11.0 | +| API group | API version | API Service? | Introduced in | Deprecated in | Removed in | +| -------------------------------------------- | ----------- | ------------ | ------------- | ----------------------------------- | --------------- | +| `core.antrea.tanzu.vmware.com` | `v1alpha1` | No | v0.8.0 | v0.11.0 | v0.11.0 | diff --git a/hack/generate-manifest.sh b/hack/generate-manifest.sh index 14e69cb2525..9d53da18b5b 100755 --- a/hack/generate-manifest.sh +++ b/hack/generate-manifest.sh @@ -29,6 +29,7 @@ Generate a YAML manifest for Antrea using Kustomize and print it to stdout. --ipsec Generate a manifest with IPSec encryption of tunnel traffic enabled --all-features Generate a manifest with all alpha features enabled --no-proxy Generate a manifest with Antrea proxy disabled + --no-legacy-crd Generate a manifest without legacy CRD mirroring support enabled --endpointslice Generate a manifest with EndpointSlice support enabled --np Generate a manifest with ClusterNetworkPolicy and Antrea NetworkPolicy features enabled --k8s-1.15 Generates a manifest which supports Kubernetes 1.15. @@ -64,6 +65,7 @@ KIND=false IPSEC=false ALLFEATURES=false PROXY=true +LEGACY_CRD=true ENDPOINTSLICE=false NP=false KEEP=false @@ -110,6 +112,10 @@ case $key in PROXY=false shift ;; + --no-legacy-crd) + LEGACY_CRD=false + shift + ;; --endpointslice) PROXY=true ENDPOINTSLICE=true @@ -256,6 +262,10 @@ if ! $PROXY; then sed -i.bak -E "s/^[[:space:]]*#[[:space:]]*AntreaProxy[[:space:]]*:[[:space:]]*[a-z]+[[:space:]]*$/ AntreaProxy: false/" antrea-agent.conf fi +if ! $LEGACY_CRD; then + sed -i.bak -E "s/^#legacyCRDMirroring[[:space:]]*:[[:space:]]*[a-z]+[[:space:]]*$/legacyCRDMirroring: false/" antrea-controller.conf +fi + if $ENDPOINTSLICE; then sed -i.bak -E "s/^[[:space:]]*#[[:space:]]*EndpointSlice[[:space:]]*:[[:space:]]*[a-z]+[[:space:]]*$/ EndpointSlice: true/" antrea-agent.conf fi diff --git a/hack/update-codegen-dockerized.sh b/hack/update-codegen-dockerized.sh index 06ffd0cd3ef..77e7cb5efc9 100755 --- a/hack/update-codegen-dockerized.sh +++ b/hack/update-codegen-dockerized.sh @@ -29,13 +29,12 @@ protoc --go_out=plugins=grpc:. pkg/apis/cni/v1beta1/cni.proto $GOPATH/bin/client-gen \ --clientset-name versioned \ --input-base "${ANTREA_PKG}/pkg/apis/" \ - --input "clusterinformation/v1beta1" \ --input "controlplane/v1beta1" \ --input "controlplane/v1beta2" \ --input "system/v1beta1" \ - --input "security/v1alpha1" \ - --input "core/v1alpha2" \ - --input "ops/v1alpha1" \ + --input "crd/v1alpha1" \ + --input "crd/v1alpha2" \ + --input "crd/v1beta1" \ --input "stats/v1alpha1" \ --output-package "${ANTREA_PKG}/pkg/client/clientset" \ --plural-exceptions "NetworkPolicyStats:NetworkPolicyStats" \ @@ -45,31 +44,30 @@ $GOPATH/bin/client-gen \ # Generate listers with K8s codegen tools. $GOPATH/bin/lister-gen \ - --input-dirs "${ANTREA_PKG}/pkg/apis/security/v1alpha1,${ANTREA_PKG}/pkg/apis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/ops/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/clusterinformation/v1beta1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1beta1" \ --output-package "${ANTREA_PKG}/pkg/client/listers" \ --go-header-file hack/boilerplate/license_header.go.txt # Generate informers with K8s codegen tools. $GOPATH/bin/informer-gen \ - --input-dirs "${ANTREA_PKG}/pkg/apis/security/v1alpha1,${ANTREA_PKG}/pkg/apis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/ops/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/clusterinformation/v1beta1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1beta1" \ --versioned-clientset-package "${ANTREA_PKG}/pkg/client/clientset/versioned" \ --listers-package "${ANTREA_PKG}/pkg/client/listers" \ --output-package "${ANTREA_PKG}/pkg/client/informers" \ --go-header-file hack/boilerplate/license_header.go.txt $GOPATH/bin/deepcopy-gen \ - --input-dirs "${ANTREA_PKG}/pkg/apis/clusterinformation/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/controlplane" \ --input-dirs "${ANTREA_PKG}/pkg/apis/controlplane/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/controlplane/v1beta2" \ --input-dirs "${ANTREA_PKG}/pkg/apis/system/v1beta1" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/security/v1alpha1" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/core/v1alpha2" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/ops/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/stats" \ --input-dirs "${ANTREA_PKG}/pkg/apis/stats/v1alpha1" \ -O zz_generated.deepcopy \ @@ -84,15 +82,61 @@ $GOPATH/bin/conversion-gen \ $GOPATH/bin/openapi-gen \ --input-dirs "${ANTREA_PKG}/pkg/apis/controlplane/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/controlplane/v1beta2" \ - --input-dirs "${ANTREA_PKG}/pkg/apis/clusterinformation/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/system/v1beta1" \ --input-dirs "${ANTREA_PKG}/pkg/apis/stats/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/apis/crd/v1beta1" \ --input-dirs "k8s.io/apimachinery/pkg/apis/meta/v1,k8s.io/apimachinery/pkg/runtime,k8s.io/apimachinery/pkg/util/intstr" \ --input-dirs "k8s.io/api/core/v1" \ --output-package "${ANTREA_PKG}/pkg/apiserver/openapi" \ -O zz_generated.openapi \ --go-header-file hack/boilerplate/license_header.go.txt +# Generate legacy clientset and apis code with K8s codegen tools. +$GOPATH/bin/client-gen \ + --clientset-name versioned \ + --input-base "${ANTREA_PKG}/pkg/legacyapis/" \ + --input "clusterinformation/v1beta1" \ + --input "controlplane/v1beta1" \ + --input "controlplane/v1beta2" \ + --input "system/v1beta1" \ + --input "security/v1alpha1" \ + --input "core/v1alpha2" \ + --input "ops/v1alpha1" \ + --input "stats/v1alpha1" \ + --output-package "${ANTREA_PKG}/pkg/legacyclient/clientset" \ + --plural-exceptions "NetworkPolicyStats:NetworkPolicyStats" \ + --plural-exceptions "AntreaNetworkPolicyStats:AntreaNetworkPolicyStats" \ + --plural-exceptions "AntreaClusterNetworkPolicyStats:AntreaClusterNetworkPolicyStats" \ + --go-header-file hack/boilerplate/license_header.go.txt + +# Generate legacy listers with K8s codegen tools. +$GOPATH/bin/lister-gen \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ + --output-package "${ANTREA_PKG}/pkg/legacyclient/listers" \ + --go-header-file hack/boilerplate/license_header.go.txt + +# Generate legacy informers with K8s codegen tools. +$GOPATH/bin/informer-gen \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ + --versioned-clientset-package "${ANTREA_PKG}/pkg/legacyclient/clientset/versioned" \ + --listers-package "${ANTREA_PKG}/pkg/legacyclient/listers" \ + --output-package "${ANTREA_PKG}/pkg/legacyclient/informers" \ + --go-header-file hack/boilerplate/license_header.go.txt + +$GOPATH/bin/deepcopy-gen \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/clusterinformation/v1beta1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/security/v1alpha1" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/core/v1alpha2" \ + --input-dirs "${ANTREA_PKG}/pkg/legacyapis/ops/v1alpha1" \ + -O zz_generated.deepcopy \ + --go-header-file hack/boilerplate/license_header.go.txt + # Generate mocks for testing with mockgen. MOCKGEN_TARGETS=( "pkg/agent/cniserver/ipam IPAMDriver testing" diff --git a/hack/update-codegen.sh b/hack/update-codegen.sh index a9ea01f71cd..adcd42fcaf8 100755 --- a/hack/update-codegen.sh +++ b/hack/update-codegen.sh @@ -18,7 +18,7 @@ set -o errexit set -o nounset set -o pipefail -ANTREA_ROOT=$(dirname "${BASH_SOURCE[0]}")/.. +ANTREA_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"/.. IMAGE_NAME="antrea/codegen:kubernetes-1.18.4" function docker_run() { diff --git a/pkg/agent/apiserver/handlers/agentinfo/handler.go b/pkg/agent/apiserver/handlers/agentinfo/handler.go index 80c994ebae0..5b804558087 100644 --- a/pkg/agent/apiserver/handlers/agentinfo/handler.go +++ b/pkg/agent/apiserver/handlers/agentinfo/handler.go @@ -23,7 +23,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/querier" "github.com/vmware-tanzu/antrea/pkg/antctl/transform/common" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) // AntreaAgentInfoResponse is the struct for the response of agentinfo command. diff --git a/pkg/agent/controller/networkpolicy/cache.go b/pkg/agent/controller/networkpolicy/cache.go index 066d8b6d235..b65cb206196 100644 --- a/pkg/agent/controller/networkpolicy/cache.go +++ b/pkg/agent/controller/networkpolicy/cache.go @@ -30,7 +30,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/metrics" antreatypes "github.com/vmware-tanzu/antrea/pkg/agent/types" v1beta "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/querier" ) @@ -64,7 +64,7 @@ type rule struct { // Name of this rule. Empty for k8s NetworkPolicy. Name string // Action of this rule. nil for k8s NetworkPolicy. - Action *secv1alpha1.RuleAction + Action *crdv1alpha1.RuleAction // Priority of this rule within the NetworkPolicy. Defaults to -1 for K8s NetworkPolicy. Priority int32 // The highest rule Priority within the NetworkPolicy. Defaults to -1 for K8s NetworkPolicy. diff --git a/pkg/agent/controller/traceflow/packetin.go b/pkg/agent/controller/traceflow/packetin.go index 37373a58491..e0baf2d9dda 100644 --- a/pkg/agent/controller/traceflow/packetin.go +++ b/pkg/agent/controller/traceflow/packetin.go @@ -30,7 +30,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/config" "github.com/vmware-tanzu/antrea/pkg/agent/openflow" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" ) @@ -52,7 +52,7 @@ func (c *Controller) HandlePacketIn(pktIn *ofctrl.PacketIn) error { } update := tf.DeepCopy() update.Status.Results = append(update.Status.Results, *nodeResult) - _, err = c.traceflowClient.OpsV1alpha1().Traceflows().UpdateStatus(context.TODO(), update, v1.UpdateOptions{}) + _, err = c.traceflowClient.CrdV1alpha1().Traceflows().UpdateStatus(context.TODO(), update, v1.UpdateOptions{}) if err != nil { klog.Warningf("Update traceflow failed: %+v", err) return err @@ -288,7 +288,7 @@ func getCTDstValue(matchers *ofctrl.Matchers, isIPv6 bool) (string, error) { func getNetworkPolicyObservation(tableID uint8, ingress bool) *opsv1alpha1.Observation { ob := new(opsv1alpha1.Observation) - ob.Component = opsv1alpha1.NetworkPolicy + ob.Component = opsv1alpha1.ComponentNetworkPolicy if ingress { switch tableID { case uint8(openflow.IngressMetricTable), uint8(openflow.IngressDefaultTable): diff --git a/pkg/agent/controller/traceflow/packetin_test.go b/pkg/agent/controller/traceflow/packetin_test.go index 4c78d26b564..fa435d503e3 100644 --- a/pkg/agent/controller/traceflow/packetin_test.go +++ b/pkg/agent/controller/traceflow/packetin_test.go @@ -19,7 +19,7 @@ import ( "testing" "github.com/vmware-tanzu/antrea/pkg/agent/openflow" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) func Test_getNetworkPolicyObservation(t *testing.T) { @@ -30,7 +30,7 @@ func Test_getNetworkPolicyObservation(t *testing.T) { tests := []struct { name string args args - want *opsv1alpha1.Observation + want *crdv1alpha1.Observation }{ { name: "ingress metric drop", @@ -38,10 +38,10 @@ func Test_getNetworkPolicyObservation(t *testing.T) { tableID: uint8(openflow.IngressMetricTable), ingress: true, }, - want: &opsv1alpha1.Observation{ - Component: opsv1alpha1.NetworkPolicy, + want: &crdv1alpha1.Observation{ + Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", - Action: opsv1alpha1.Dropped, + Action: crdv1alpha1.Dropped, }, }, { @@ -50,10 +50,10 @@ func Test_getNetworkPolicyObservation(t *testing.T) { tableID: uint8(openflow.L2ForwardingOutTable), ingress: true, }, - want: &opsv1alpha1.Observation{ - Component: opsv1alpha1.NetworkPolicy, + want: &crdv1alpha1.Observation{ + Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressRule", - Action: opsv1alpha1.Forwarded, + Action: crdv1alpha1.Forwarded, }, }, { @@ -62,10 +62,10 @@ func Test_getNetworkPolicyObservation(t *testing.T) { tableID: uint8(openflow.EgressDefaultTable), ingress: false, }, - want: &opsv1alpha1.Observation{ - Component: opsv1alpha1.NetworkPolicy, + want: &crdv1alpha1.Observation{ + Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressDefaultRule", - Action: opsv1alpha1.Dropped, + Action: crdv1alpha1.Dropped, }, }, { @@ -74,10 +74,10 @@ func Test_getNetworkPolicyObservation(t *testing.T) { tableID: uint8(openflow.L2ForwardingOutTable), ingress: false, }, - want: &opsv1alpha1.Observation{ - Component: opsv1alpha1.NetworkPolicy, + want: &crdv1alpha1.Observation{ + Component: crdv1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", - Action: opsv1alpha1.Forwarded, + Action: crdv1alpha1.Forwarded, }, }, } diff --git a/pkg/agent/controller/traceflow/traceflow_controller.go b/pkg/agent/controller/traceflow/traceflow_controller.go index e1a2d0b9b93..97e8cb43326 100644 --- a/pkg/agent/controller/traceflow/traceflow_controller.go +++ b/pkg/agent/controller/traceflow/traceflow_controller.go @@ -38,10 +38,10 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore" "github.com/vmware-tanzu/antrea/pkg/agent/openflow" "github.com/vmware-tanzu/antrea/pkg/agent/util" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" clientsetversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - opsinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/ops/v1alpha1" - opslisters "github.com/vmware-tanzu/antrea/pkg/client/listers/ops/v1alpha1" + crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" + crdlisters "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/features" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsconfig" "github.com/vmware-tanzu/antrea/pkg/querier" @@ -75,8 +75,8 @@ type Controller struct { serviceLister corelisters.ServiceLister serviceListerSynced cache.InformerSynced traceflowClient clientsetversioned.Interface - traceflowInformer opsinformers.TraceflowInformer - traceflowLister opslisters.TraceflowLister + traceflowInformer crdinformers.TraceflowInformer + traceflowLister crdlisters.TraceflowLister traceflowListerSynced cache.InformerSynced ovsBridgeClient ovsconfig.OVSBridgeClient ofClient openflow.Client @@ -98,7 +98,7 @@ func NewTraceflowController( kubeClient clientset.Interface, informerFactory informers.SharedInformerFactory, traceflowClient clientsetversioned.Interface, - traceflowInformer opsinformers.TraceflowInformer, + traceflowInformer crdinformers.TraceflowInformer, client openflow.Client, npQuerier querier.AgentNetworkPolicyInfoQuerier, ovsBridgeClient ovsconfig.OVSBridgeClient, @@ -143,7 +143,7 @@ func NewTraceflowController( } // enqueueTraceflow adds an object to the controller work queue. -func (c *Controller) enqueueTraceflow(tf *opsv1alpha1.Traceflow) { +func (c *Controller) enqueueTraceflow(tf *crdv1alpha1.Traceflow) { c.queue.Add(tf.Name) } @@ -170,19 +170,19 @@ func (c *Controller) Run(stopCh <-chan struct{}) { } func (c *Controller) addTraceflow(obj interface{}) { - tf := obj.(*opsv1alpha1.Traceflow) + tf := obj.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s ADD event", tf.Name) c.enqueueTraceflow(tf) } func (c *Controller) updateTraceflow(_, curObj interface{}) { - tf := curObj.(*opsv1alpha1.Traceflow) + tf := curObj.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s UPDATE event", tf.Name) c.enqueueTraceflow(tf) } func (c *Controller) deleteTraceflow(old interface{}) { - tf := old.(*opsv1alpha1.Traceflow) + tf := old.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s DELETE event", tf.Name) c.deallocateTag(tf) } @@ -242,7 +242,7 @@ func (c *Controller) syncTraceflow(traceflowName string) error { return err } switch tf.Status.Phase { - case opsv1alpha1.Running: + case crdv1alpha1.Running: if tf.Status.DataplaneTag != 0 { start := false c.runningTraceflowsMutex.Lock() @@ -265,7 +265,7 @@ func (c *Controller) syncTraceflow(traceflowName string) error { // startTraceflow deploys OVS flow entries for Traceflow and inject packet if current Node // is Sender Node. -func (c *Controller) startTraceflow(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) startTraceflow(tf *crdv1alpha1.Traceflow) error { err := c.validateTraceflow(tf) defer func() { if err != nil { @@ -294,7 +294,7 @@ func (c *Controller) startTraceflow(tf *opsv1alpha1.Traceflow) error { return err } -func (c *Controller) validateTraceflow(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) validateTraceflow(tf *crdv1alpha1.Traceflow) error { if tf.Spec.Destination.Service != "" && !features.DefaultFeatureGate.Enabled(features.AntreaProxy) { return errors.New("using Service destination requires AntreaProxy feature enabled") } @@ -312,7 +312,7 @@ func (c *Controller) validateTraceflow(tf *opsv1alpha1.Traceflow) error { return nil } -func (c *Controller) injectPacket(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) injectPacket(tf *crdv1alpha1.Traceflow) error { podInterfaces := c.interfaceStore.GetContainerInterfacesByPod(tf.Spec.Source.Pod, tf.Spec.Source.Namespace) // Update Traceflow phase to Running. klog.V(2).Infof("Injecting packet for Traceflow %s", tf.Name) @@ -452,19 +452,19 @@ func (c *Controller) injectPacket(tf *opsv1alpha1.Traceflow) error { -1) } -func (c *Controller) errorTraceflowCRD(tf *opsv1alpha1.Traceflow, reason string) (*opsv1alpha1.Traceflow, error) { - tf.Status.Phase = opsv1alpha1.Failed +func (c *Controller) errorTraceflowCRD(tf *crdv1alpha1.Traceflow, reason string) (*crdv1alpha1.Traceflow, error) { + tf.Status.Phase = crdv1alpha1.Failed type Traceflow struct { - Status opsv1alpha1.TraceflowStatus `json:"status,omitempty"` + Status crdv1alpha1.TraceflowStatus `json:"status,omitempty"` } - patchData := Traceflow{Status: opsv1alpha1.TraceflowStatus{Phase: tf.Status.Phase, Reason: reason}} + patchData := Traceflow{Status: crdv1alpha1.TraceflowStatus{Phase: tf.Status.Phase, Reason: reason}} payloads, _ := json.Marshal(patchData) - return c.traceflowClient.OpsV1alpha1().Traceflows().Patch(context.TODO(), tf.Name, types.MergePatchType, payloads, metav1.PatchOptions{}, "status") + return c.traceflowClient.CrdV1alpha1().Traceflows().Patch(context.TODO(), tf.Name, types.MergePatchType, payloads, metav1.PatchOptions{}, "status") } // Deallocate tag from cache. -func (c *Controller) deallocateTag(tf *opsv1alpha1.Traceflow) { +func (c *Controller) deallocateTag(tf *crdv1alpha1.Traceflow) { dataplaneTag := uint8(0) c.runningTraceflowsMutex.Lock() // Controller could have deallocated the tag and cleared the DataplaneTag @@ -503,7 +503,7 @@ func (c *Controller) isSender(tag uint8) bool { } // getTraceflowCRD gets traceflow CRD by data plane tag. -func (c *Controller) GetRunningTraceflowCRD(tag uint8) (*opsv1alpha1.Traceflow, error) { +func (c *Controller) GetRunningTraceflowCRD(tag uint8) (*crdv1alpha1.Traceflow, error) { c.runningTraceflowsMutex.RLock() defer c.runningTraceflowsMutex.RUnlock() if traceflowName, ok := c.runningTraceflows[tag]; ok { diff --git a/pkg/agent/openflow/network_policy.go b/pkg/agent/openflow/network_policy.go index 76d0adf893d..bb632dd050e 100644 --- a/pkg/agent/openflow/network_policy.go +++ b/pkg/agent/openflow/network_policy.go @@ -24,7 +24,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/types" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" thirdpartynp "github.com/vmware-tanzu/antrea/third_party/networkpolicy" ) @@ -867,10 +867,10 @@ func (c *client) calculateActionFlowChangesForRule(rule *types.PolicyRule) *poli // Install action flows. var actionFlows []binding.Flow var metricFlows []binding.Flow - if rule.IsAntreaNetworkPolicyRule() && *rule.Action == secv1alpha1.RuleActionDrop { + if rule.IsAntreaNetworkPolicyRule() && *rule.Action == crdv1alpha1.RuleActionDrop { metricFlows = append(metricFlows, c.denyRuleMetricFlow(ruleOfID, isIngress)) actionFlows = append(actionFlows, c.conjunctionActionDenyFlow(ruleOfID, ruleTable.GetID(), rule.Priority, DispositionDrop, rule.EnableLogging)) - } else if rule.IsAntreaNetworkPolicyRule() && *rule.Action == secv1alpha1.RuleActionReject { + } else if rule.IsAntreaNetworkPolicyRule() && *rule.Action == crdv1alpha1.RuleActionReject { metricFlows = append(metricFlows, c.denyRuleMetricFlow(ruleOfID, isIngress)) actionFlows = append(actionFlows, c.conjunctionActionDenyFlow(ruleOfID, ruleTable.GetID(), rule.Priority, DispositionRej, rule.EnableLogging)) } else { diff --git a/pkg/agent/openflow/network_policy_test.go b/pkg/agent/openflow/network_policy_test.go index 1f15cffe50a..22a4fdb924b 100644 --- a/pkg/agent/openflow/network_policy_test.go +++ b/pkg/agent/openflow/network_policy_test.go @@ -32,7 +32,7 @@ import ( oftest "github.com/vmware-tanzu/antrea/pkg/agent/openflow/testing" "github.com/vmware-tanzu/antrea/pkg/agent/types" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" mocks "github.com/vmware-tanzu/antrea/pkg/ovs/openflow/testing" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsconfig" @@ -147,7 +147,7 @@ func TestInstallPolicyRuleFlows(t *testing.T) { c = prepareClient(ctrl) c.nodeConfig = &config.NodeConfig{PodIPv4CIDR: podIPv4CIDR, PodIPv6CIDR: nil} c.ipProtocols = []binding.Protocol{binding.ProtocolIP} - defaultAction := secv1alpha1.RuleActionAllow + defaultAction := crdv1alpha1.RuleActionAllow ruleID1 := uint32(101) rule1 := &types.PolicyRule{ Direction: v1beta2.DirectionOut, @@ -288,7 +288,7 @@ func TestBatchInstallPolicyRuleFlows(t *testing.T) { c = prepareClient(ctrl) c.nodeConfig = &config.NodeConfig{PodIPv4CIDR: podIPv4CIDR, PodIPv6CIDR: nil} c.ipProtocols = []binding.Protocol{binding.ProtocolIP} - defaultAction := secv1alpha1.RuleActionAllow + defaultAction := crdv1alpha1.RuleActionAllow priorityRule2 := uint16(10000) ruleID1 := uint32(10) @@ -417,7 +417,7 @@ func TestInstallPolicyRuleFlowsInDualStackCluster(t *testing.T) { c = prepareClient(ctrl) c.nodeConfig = &config.NodeConfig{PodIPv4CIDR: podIPv4CIDR, PodIPv6CIDR: podIPv6CIDR} c.ipProtocols = []binding.Protocol{binding.ProtocolIP, binding.ProtocolIPv6} - defaultAction := secv1alpha1.RuleActionAllow + defaultAction := crdv1alpha1.RuleActionAllow ruleID1 := uint32(101) rule1 := &types.PolicyRule{ Direction: v1beta2.DirectionOut, diff --git a/pkg/agent/querier/querier.go b/pkg/agent/querier/querier.go index 1ae546f802e..34058ae7e24 100644 --- a/pkg/agent/querier/querier.go +++ b/pkg/agent/querier/querier.go @@ -26,7 +26,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore" "github.com/vmware-tanzu/antrea/pkg/agent/openflow" "github.com/vmware-tanzu/antrea/pkg/agent/proxy" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsconfig" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl" "github.com/vmware-tanzu/antrea/pkg/querier" diff --git a/pkg/agent/querier/querier_test.go b/pkg/agent/querier/querier_test.go index 6eb3bc3b50c..d2d8ae9cb02 100644 --- a/pkg/agent/querier/querier_test.go +++ b/pkg/agent/querier/querier_test.go @@ -26,7 +26,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/config" interfacestoretest "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore/testing" openflowtest "github.com/vmware-tanzu/antrea/pkg/agent/openflow/testing" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" ovsconfigtest "github.com/vmware-tanzu/antrea/pkg/ovs/ovsconfig/testing" queriertest "github.com/vmware-tanzu/antrea/pkg/querier/testing" diff --git a/pkg/agent/querier/testing/mock_querier.go b/pkg/agent/querier/testing/mock_querier.go index 3a77b8f9538..29688a60cc3 100644 --- a/pkg/agent/querier/testing/mock_querier.go +++ b/pkg/agent/querier/testing/mock_querier.go @@ -25,7 +25,7 @@ import ( interfacestore "github.com/vmware-tanzu/antrea/pkg/agent/interfacestore" openflow "github.com/vmware-tanzu/antrea/pkg/agent/openflow" proxy "github.com/vmware-tanzu/antrea/pkg/agent/proxy" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ovsctl "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl" querier "github.com/vmware-tanzu/antrea/pkg/querier" kubernetes "k8s.io/client-go/kubernetes" diff --git a/pkg/agent/types/networkpolicy.go b/pkg/agent/types/networkpolicy.go index fb4af899e64..c03828f941c 100644 --- a/pkg/agent/types/networkpolicy.go +++ b/pkg/agent/types/networkpolicy.go @@ -16,7 +16,7 @@ package types import ( "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" binding "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" ) diff --git a/pkg/antctl/command_definition_test.go b/pkg/antctl/command_definition_test.go index b752f0960ce..63f63f9a920 100644 --- a/pkg/antctl/command_definition_test.go +++ b/pkg/antctl/command_definition_test.go @@ -37,8 +37,8 @@ import ( "github.com/vmware-tanzu/antrea/pkg/antctl/transform/common" "github.com/vmware-tanzu/antrea/pkg/antctl/transform/controllerinfo" "github.com/vmware-tanzu/antrea/pkg/antctl/transform/networkpolicy" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" cpv1beta "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) type Foobar struct { diff --git a/pkg/antctl/raw/proxy/command.go b/pkg/antctl/raw/proxy/command.go index fb9ebca9d9e..124f88cb163 100644 --- a/pkg/antctl/raw/proxy/command.go +++ b/pkg/antctl/raw/proxy/command.go @@ -31,7 +31,7 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/controller/noderoute" "github.com/vmware-tanzu/antrea/pkg/antctl/runtime" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" antrea "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" ) @@ -169,7 +169,7 @@ func createAgentClientCfg(k8sClientset kubernetes.Interface, antreaClientset ant return nil, fmt.Errorf("error when looking up Node %s: %w", nodeName, err) } // TODO: filter by Node name, but that would require API support - agentInfoList, err := antreaClientset.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ResourceVersion: "0"}) + agentInfoList, err := antreaClientset.CrdV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ResourceVersion: "0"}) if err != nil { return nil, err } @@ -194,7 +194,7 @@ func createAgentClientCfg(k8sClientset kubernetes.Interface, antreaClientset ant } func createControllerClientCfg(k8sClientset kubernetes.Interface, antreaClientset antrea.Interface, cfgTmpl *rest.Config) (*rest.Config, error) { - controllerInfo, err := antreaClientset.ClusterinformationV1beta1().AntreaControllerInfos().Get(context.TODO(), "antrea-controller", metav1.GetOptions{}) + controllerInfo, err := antreaClientset.CrdV1beta1().AntreaControllerInfos().Get(context.TODO(), "antrea-controller", metav1.GetOptions{}) if err != nil { return nil, err } diff --git a/pkg/antctl/raw/supportbundle/command.go b/pkg/antctl/raw/supportbundle/command.go index 690f04e2a79..b1e2efb0bb0 100644 --- a/pkg/antctl/raw/supportbundle/command.go +++ b/pkg/antctl/raw/supportbundle/command.go @@ -290,7 +290,7 @@ func downloadAll(agentClients map[string]*rest.RESTClient, controllerClient *res func createAgentClients(k8sClientset kubernetes.Interface, antreaClientset antrea.Interface, cfgTmpl *rest.Config, nameFilter string, nameList []string) (map[string]*rest.RESTClient, error) { clients := map[string]*rest.RESTClient{} nodeAgentInfoMap := map[string]string{} - agentInfoList, err := antreaClientset.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ResourceVersion: "0"}) + agentInfoList, err := antreaClientset.CrdV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ResourceVersion: "0"}) if err != nil { return nil, err } @@ -344,7 +344,7 @@ func createAgentClients(k8sClientset kubernetes.Interface, antreaClientset antre } func createControllerClient(k8sClientset kubernetes.Interface, antreaClientset antrea.Interface, cfgTmpl *rest.Config) (*rest.RESTClient, error) { - controllerInfo, err := antreaClientset.ClusterinformationV1beta1().AntreaControllerInfos().Get(context.TODO(), "antrea-controller", metav1.GetOptions{}) + controllerInfo, err := antreaClientset.CrdV1beta1().AntreaControllerInfos().Get(context.TODO(), "antrea-controller", metav1.GetOptions{}) if err != nil { return nil, err } diff --git a/pkg/antctl/raw/traceflow/command.go b/pkg/antctl/raw/traceflow/command.go index def1ffbb352..c58936df499 100644 --- a/pkg/antctl/raw/traceflow/command.go +++ b/pkg/antctl/raw/traceflow/command.go @@ -35,7 +35,7 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/antctl/runtime" - "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" ) @@ -123,12 +123,12 @@ func runE(cmd *cobra.Command, _ []string) error { ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() - if _, err = client.OpsV1alpha1().Traceflows().Create(ctx, tf, metav1.CreateOptions{}); err != nil { + if _, err = client.CrdV1alpha1().Traceflows().Create(ctx, tf, metav1.CreateOptions{}); err != nil { return fmt.Errorf("error when creating Traceflow, is Traceflow feature gate enabled? %w", err) } defer func() { if option.waiting { - if err = client.OpsV1alpha1().Traceflows().Delete(context.TODO(), tf.Name, metav1.DeleteOptions{}); err != nil { + if err = client.CrdV1alpha1().Traceflows().Delete(context.TODO(), tf.Name, metav1.DeleteOptions{}); err != nil { klog.Errorf("error when deleting Traceflow: %+v", err) } } @@ -140,7 +140,7 @@ func runE(cmd *cobra.Command, _ []string) error { var res *v1alpha1.Traceflow err = wait.Poll(1*time.Second, 15*time.Second, func() (bool, error) { - res, err = client.OpsV1alpha1().Traceflows().Get(context.TODO(), tf.Name, metav1.GetOptions{}) + res, err = client.CrdV1alpha1().Traceflows().Get(context.TODO(), tf.Name, metav1.GetOptions{}) if err != nil { return false, err } diff --git a/pkg/antctl/raw/traceflow/command_test.go b/pkg/antctl/raw/traceflow/command_test.go index fff23b81f16..6582a3f0524 100644 --- a/pkg/antctl/raw/traceflow/command_test.go +++ b/pkg/antctl/raw/traceflow/command_test.go @@ -19,7 +19,7 @@ import ( "github.com/stretchr/testify/assert" - "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) var protocolTCP = int32(6) diff --git a/pkg/antctl/transform/controllerinfo/transform.go b/pkg/antctl/transform/controllerinfo/transform.go index a5ebca49328..3a9c49e1757 100644 --- a/pkg/antctl/transform/controllerinfo/transform.go +++ b/pkg/antctl/transform/controllerinfo/transform.go @@ -23,19 +23,19 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/antctl/transform/common" - clusterinfo "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) // Response includes all data fields of clusterinfo.AntreaControllerInfo, but // removes the resource meta fields. type Response struct { - Version string `json:"version,omitempty"` // Antrea binary version - PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Controller is running in - NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Controller is running in - ServiceRef corev1.ObjectReference `json:"serviceRef,omitempty"` // Antrea Controller Service - NetworkPolicyControllerInfo clusterinfo.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Controller NetworkPolicy information - ConnectedAgentNum int32 `json:"connectedAgentNum,omitempty"` // Number of agents which are connected to this controller - ControllerConditions []clusterinfo.ControllerCondition `json:"controllerConditions,omitempty"` // Controller condition contains types like ControllerHealthy + Version string `json:"version,omitempty"` // Antrea binary version + PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Controller is running in + NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Controller is running in + ServiceRef corev1.ObjectReference `json:"serviceRef,omitempty"` // Antrea Controller Service + NetworkPolicyControllerInfo crdv1beta1.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Controller NetworkPolicy information + ConnectedAgentNum int32 `json:"connectedAgentNum,omitempty"` // Number of agents which are connected to this controller + ControllerConditions []crdv1beta1.ControllerCondition `json:"controllerConditions,omitempty"` // Controller condition contains types like ControllerHealthy } func Transform(reader io.Reader, _ bool, _ map[string]string) (interface{}, error) { @@ -44,7 +44,7 @@ func Transform(reader io.Reader, _ bool, _ map[string]string) (interface{}, erro return nil, err } klog.Infof("version transform received: %s", string(b)) - controllerInfo := new(clusterinfo.AntreaControllerInfo) + controllerInfo := new(crdv1beta1.AntreaControllerInfo) err = json.Unmarshal(b, controllerInfo) if err != nil { return nil, err diff --git a/pkg/antctl/transform/version/transform.go b/pkg/antctl/transform/version/transform.go index bd4b839ede3..c19c26ba1de 100644 --- a/pkg/antctl/transform/version/transform.go +++ b/pkg/antctl/transform/version/transform.go @@ -22,7 +22,7 @@ import ( k8sversion "k8s.io/apimachinery/pkg/version" "k8s.io/klog" - clusterinfov1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + clusterinfov1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" antreaversion "github.com/vmware-tanzu/antrea/pkg/version" ) diff --git a/pkg/apis/controlplane/doc.go b/pkg/apis/controlplane/doc.go index ef2d47997be..afcbe2adb8f 100644 --- a/pkg/apis/controlplane/doc.go +++ b/pkg/apis/controlplane/doc.go @@ -13,7 +13,7 @@ // limitations under the License. // +k8s:deepcopy-gen=package -// +groupName=controlplane.antrea.tanzu.vmware.com +// +groupName=controlplane.antrea.io // Package controlplane contains the latest (or "internal") version of the Antrea // NetworkPolicy API messages. This is the API messages as represented in memory. diff --git a/pkg/apis/controlplane/register.go b/pkg/apis/controlplane/register.go index 8d0631e4f36..bc543e435ab 100644 --- a/pkg/apis/controlplane/register.go +++ b/pkg/apis/controlplane/register.go @@ -20,7 +20,7 @@ import ( ) // GroupName is the group name used in this package. -const GroupName = "controlplane.antrea.tanzu.vmware.com" +const GroupName = "controlplane.antrea.io" // SchemeGroupVersion is group version used to register these objects. var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} diff --git a/pkg/apis/controlplane/types.go b/pkg/apis/controlplane/types.go index 857c64720ed..a9fd4b93545 100644 --- a/pkg/apis/controlplane/types.go +++ b/pkg/apis/controlplane/types.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/intstr" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" ) @@ -206,7 +206,7 @@ type NetworkPolicyRule struct { // Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty // action “nil” defaults to Allow action, which would be the case for rules created for // K8s NetworkPolicy. - Action *secv1alpha1.RuleAction + Action *crdv1alpha1.RuleAction // EnableLogging is used to indicate if agent should generate logs // when rules are matched. Should be default to false. EnableLogging bool diff --git a/pkg/apis/controlplane/v1beta1/conversion.go b/pkg/apis/controlplane/v1beta1/conversion.go index 4c8152d0523..a0d7f9fe951 100644 --- a/pkg/apis/controlplane/v1beta1/conversion.go +++ b/pkg/apis/controlplane/v1beta1/conversion.go @@ -22,7 +22,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) func init() { diff --git a/pkg/apis/controlplane/v1beta1/doc.go b/pkg/apis/controlplane/v1beta1/doc.go index 73fe4910483..4b0dbe8d919 100644 --- a/pkg/apis/controlplane/v1beta1/doc.go +++ b/pkg/apis/controlplane/v1beta1/doc.go @@ -16,7 +16,7 @@ // +k8s:deepcopy-gen=package // +k8s:protobuf-gen=package // +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/controlplane -// +groupName=controlplane.antrea.tanzu.vmware.com +// +groupName=controlplane.antrea.io // Package v1beta1 is the v1beta1 version of the Antrea NetworkPolicy API messages. package v1beta1 diff --git a/pkg/apis/controlplane/v1beta1/generated.pb.go b/pkg/apis/controlplane/v1beta1/generated.pb.go index 84c8975a29c..7b634d5c1b8 100644 --- a/pkg/apis/controlplane/v1beta1/generated.pb.go +++ b/pkg/apis/controlplane/v1beta1/generated.pb.go @@ -23,7 +23,7 @@ import ( io "io" proto "github.com/gogo/protobuf/proto" - github_com_vmware_tanzu_antrea_pkg_apis_security_v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + github_com_vmware_tanzu_antrea_pkg_apis_crd_v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" math "math" @@ -692,113 +692,112 @@ func init() { } var fileDescriptor_345cd0a9074e5729 = []byte{ - // 1681 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xbd, 0x6f, 0x1b, 0x47, - 0x16, 0xd7, 0xf2, 0x43, 0x12, 0x47, 0xa4, 0x3e, 0x46, 0xe7, 0x33, 0xcf, 0xe7, 0x23, 0xe5, 0xbd, - 0x2b, 0x54, 0x9c, 0x97, 0x96, 0xcf, 0x97, 0x18, 0x88, 0x53, 0x88, 0x96, 0xec, 0x30, 0x91, 0x65, - 0x62, 0x24, 0x37, 0x41, 0x80, 0x64, 0xb5, 0x3b, 0xa4, 0xd6, 0x5a, 0xee, 0xac, 0x67, 0x87, 0xb2, - 0x15, 0x20, 0x41, 0x8c, 0x54, 0x71, 0x91, 0xcf, 0x26, 0x4d, 0xca, 0x34, 0x41, 0xfe, 0x81, 0xa4, - 0x4b, 0xe7, 0xd2, 0xa5, 0x9b, 0x10, 0x11, 0x8d, 0x18, 0xe9, 0xd2, 0x0b, 0x08, 0x10, 0xcc, 0xec, - 0xec, 0x17, 0x29, 0xda, 0x4a, 0x48, 0x09, 0x29, 0x5c, 0x49, 0x3b, 0xf3, 0xe6, 0xfd, 0x7e, 0xf3, - 0xde, 0x9b, 0xdf, 0xbe, 0x1d, 0x82, 0xb5, 0xa6, 0xc5, 0xb6, 0xdb, 0x5b, 0x9a, 0x41, 0x5a, 0x95, - 0xdd, 0xd6, 0x5d, 0x9d, 0xe2, 0xf3, 0x4c, 0x77, 0xde, 0x6d, 0x57, 0x74, 0x87, 0x51, 0xac, 0x57, + // 1679 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xcd, 0x73, 0x1b, 0x45, + 0x16, 0xf7, 0xe8, 0xc3, 0xb6, 0xda, 0x92, 0x3f, 0xda, 0x9b, 0x8d, 0x36, 0x9b, 0x95, 0x9c, 0xd9, + 0x3d, 0xf8, 0xb0, 0x19, 0xc5, 0xd9, 0x2c, 0xa4, 0x8a, 0x50, 0x94, 0x15, 0x3b, 0x41, 0xe0, 0x38, + 0xaa, 0xb6, 0x73, 0xa1, 0xa8, 0x82, 0xf1, 0x4c, 0x4b, 0x1e, 0x3c, 0x9a, 0x9e, 0xf4, 0xb4, 0x9c, + 0x98, 0x2a, 0x28, 0x52, 0x9c, 0xc8, 0x81, 0xcf, 0x0b, 0x17, 0x8e, 0x5c, 0x28, 0xfe, 0x01, 0xb8, + 0x71, 0xcb, 0x31, 0xc7, 0x5c, 0x50, 0x61, 0xa5, 0x48, 0x71, 0xe3, 0x4a, 0xf9, 0x44, 0x75, 0x4f, + 0xcf, 0x97, 0x64, 0x25, 0x06, 0xc9, 0x2e, 0x0e, 0x39, 0xd9, 0xd3, 0xfd, 0xfa, 0xfd, 0x7e, 0xfd, + 0xde, 0xeb, 0xdf, 0xbc, 0x69, 0x81, 0xb5, 0xa6, 0xc5, 0xb6, 0xdb, 0x5b, 0x9a, 0x41, 0x5a, 0x95, + 0xdd, 0xd6, 0x1d, 0x9d, 0xe2, 0xf3, 0x4c, 0x77, 0xde, 0x6d, 0x57, 0x74, 0x87, 0x51, 0xac, 0x57, 0xdc, 0x9d, 0x66, 0x45, 0x77, 0x2d, 0xaf, 0x62, 0x10, 0x87, 0x51, 0x62, 0xbb, 0xb6, 0xee, 0xe0, 0xca, 0xee, 0xd2, 0x16, 0x66, 0xfa, 0x52, 0xa5, 0x89, 0x1d, 0x4c, 0x75, 0x86, 0x4d, 0xcd, 0xa5, - 0x84, 0x11, 0x78, 0x25, 0xf2, 0xa6, 0xf9, 0xde, 0xde, 0x16, 0xde, 0x34, 0xdf, 0x9b, 0xe6, 0xee, + 0x84, 0x11, 0x78, 0x25, 0xf2, 0xa6, 0xf9, 0xde, 0xde, 0x12, 0xde, 0x34, 0xdf, 0x9b, 0xe6, 0xee, 0x34, 0x35, 0xee, 0x4d, 0x8b, 0x7b, 0xd3, 0xa4, 0xb7, 0x33, 0xe7, 0x63, 0x5c, 0x9a, 0xa4, 0x49, 0x2a, 0xc2, 0xe9, 0x56, 0xbb, 0x21, 0x9e, 0xc4, 0x83, 0xf8, 0xcf, 0x07, 0x3b, 0x73, 0xed, 0xa8, 0xd4, 0x3d, 0xa6, 0x33, 0xaf, 0xb2, 0xbb, 0xa4, 0xdb, 0xee, 0x76, 0x3f, 0xe9, 0x33, 0x97, 0x76, 0x2e, 0x7b, 0x9a, 0x45, 0xb8, 0x6d, 0x4b, 0x37, 0xb6, 0x2d, 0x07, 0xd3, 0xbd, 0x68, 0x71, 0x0b, 0x33, 0xbd, 0xb2, 0xdb, 0xbf, 0xaa, 0x32, 0x68, 0x15, 0x6d, 0x3b, 0xcc, 0x6a, 0xe1, 0xbe, 0x05, - 0x2f, 0x3d, 0x6f, 0x81, 0x67, 0x6c, 0xe3, 0x96, 0xde, 0xb7, 0xee, 0x7f, 0x83, 0xd6, 0xb5, 0x99, - 0x65, 0x57, 0x2c, 0x87, 0x79, 0x8c, 0xf6, 0x2e, 0x52, 0x9f, 0xa6, 0x40, 0x7e, 0xd9, 0x34, 0x29, - 0xf6, 0xbc, 0xeb, 0x94, 0xb4, 0x5d, 0xf8, 0x0e, 0x98, 0xe4, 0x3b, 0x31, 0x75, 0xa6, 0x17, 0x95, + 0x2f, 0x3c, 0x6b, 0x81, 0x67, 0x6c, 0xe3, 0x96, 0xde, 0xb7, 0xee, 0x7f, 0x83, 0xd6, 0xb5, 0x99, + 0x65, 0x57, 0x2c, 0x87, 0x79, 0x8c, 0xf6, 0x2e, 0x52, 0x9f, 0xa4, 0x40, 0x7e, 0xd9, 0x34, 0x29, + 0xf6, 0xbc, 0xeb, 0x94, 0xb4, 0x5d, 0xf8, 0x36, 0x98, 0xe4, 0x3b, 0x31, 0x75, 0xa6, 0x17, 0x95, 0x05, 0x65, 0x71, 0xea, 0xe2, 0x05, 0xcd, 0x77, 0xac, 0xc5, 0x1d, 0x47, 0x19, 0xe2, 0xd6, 0xda, - 0xee, 0x92, 0x76, 0x73, 0xeb, 0x36, 0x36, 0xd8, 0x0d, 0xcc, 0xf4, 0x2a, 0x7c, 0xd8, 0x29, 0x8f, - 0x75, 0x3b, 0x65, 0x10, 0x8d, 0xa1, 0xd0, 0x2b, 0x74, 0x40, 0xc6, 0x25, 0xa6, 0x57, 0x4c, 0x2d, - 0xa4, 0x17, 0xa7, 0x2e, 0xae, 0x69, 0xc3, 0x94, 0x82, 0x26, 0x48, 0xdf, 0xc0, 0xad, 0x2d, 0x4c, - 0xeb, 0xc4, 0xac, 0xe6, 0x25, 0x72, 0xa6, 0x4e, 0x4c, 0x0f, 0x09, 0x1c, 0xf8, 0xa1, 0x02, 0xf2, - 0xcd, 0xc8, 0xcc, 0x2b, 0xa6, 0x05, 0x70, 0x6d, 0x64, 0xc0, 0xd5, 0xbf, 0x49, 0xd4, 0x7c, 0x6c, - 0xd0, 0x43, 0x09, 0x50, 0x75, 0x5f, 0x01, 0xb3, 0xf1, 0x40, 0xaf, 0x59, 0x1e, 0x83, 0x6f, 0xf5, - 0x05, 0x5b, 0x3b, 0x5a, 0xb0, 0xf9, 0x6a, 0x11, 0xea, 0x59, 0x09, 0x3d, 0x19, 0x8c, 0xc4, 0x02, - 0x4d, 0x40, 0xd6, 0x62, 0xb8, 0x15, 0x44, 0xfa, 0xf5, 0xe1, 0x36, 0x1c, 0x27, 0x5f, 0x2d, 0x48, - 0xd8, 0x6c, 0x8d, 0x03, 0x20, 0x1f, 0x47, 0xfd, 0x26, 0x0b, 0xe6, 0xe2, 0x66, 0x75, 0x9d, 0x19, - 0xdb, 0x27, 0x50, 0x51, 0xef, 0x81, 0x9c, 0x6e, 0x9a, 0xd8, 0xac, 0x1f, 0x57, 0x59, 0xcd, 0x49, - 0xf8, 0xdc, 0x72, 0x00, 0x83, 0x22, 0x44, 0x5e, 0x60, 0x53, 0x14, 0xb7, 0xc8, 0xae, 0x64, 0x90, - 0x3e, 0x06, 0x06, 0xf3, 0x92, 0xc1, 0x14, 0x8a, 0x80, 0x50, 0x1c, 0x15, 0x7e, 0xae, 0x80, 0x39, - 0xc1, 0x29, 0x5e, 0x84, 0xc5, 0xcc, 0xa8, 0x6b, 0xfd, 0x1f, 0x92, 0xc8, 0xdc, 0x72, 0x2f, 0x16, - 0xea, 0x87, 0x87, 0x5f, 0x2a, 0x60, 0x5e, 0x92, 0x4c, 0xd0, 0xca, 0x8e, 0x9a, 0xd6, 0x3f, 0x25, - 0xad, 0x79, 0xd4, 0x8f, 0x86, 0x0e, 0xa3, 0xa0, 0xfe, 0x92, 0x02, 0xd3, 0xcb, 0xae, 0x6b, 0x5b, - 0xd8, 0xdc, 0x24, 0x2f, 0xb4, 0xef, 0x38, 0xb5, 0xef, 0x67, 0x05, 0xc0, 0x64, 0xa8, 0x4f, 0x40, - 0xfd, 0xee, 0x24, 0xd5, 0x6f, 0xc8, 0x58, 0x27, 0xe9, 0x0f, 0xd0, 0xbf, 0x6f, 0xb3, 0x60, 0x3e, - 0x69, 0xf8, 0x42, 0x01, 0x5f, 0x28, 0xe0, 0x5f, 0x56, 0x01, 0xbf, 0x52, 0xc0, 0xe4, 0xaa, 0x63, - 0xba, 0xc4, 0x72, 0x18, 0xfc, 0x37, 0x48, 0x59, 0xae, 0xa8, 0xce, 0x7c, 0x75, 0xbe, 0xdb, 0x29, - 0xa7, 0x6a, 0xf5, 0x83, 0x4e, 0x39, 0x57, 0xab, 0xcb, 0x17, 0x3a, 0x4a, 0x59, 0x2e, 0xb4, 0x41, - 0xd6, 0x25, 0x94, 0x05, 0x25, 0x76, 0x7d, 0x38, 0xf6, 0xeb, 0x7a, 0x8b, 0x67, 0x8e, 0xb2, 0xe8, - 0x38, 0xf1, 0x27, 0x0f, 0xf9, 0x20, 0xaa, 0x0d, 0x4e, 0xaf, 0xde, 0x63, 0x98, 0x3a, 0xba, 0xbd, - 0xea, 0x30, 0x8b, 0xed, 0x21, 0xdc, 0xc0, 0x14, 0x3b, 0x06, 0x86, 0x0b, 0x20, 0xe3, 0xe8, 0x2d, - 0x2c, 0xf8, 0xe6, 0x22, 0xe5, 0xe3, 0x1e, 0x91, 0x98, 0x81, 0x15, 0x90, 0xe3, 0x7f, 0x3d, 0x57, - 0x37, 0x70, 0x31, 0x25, 0xcc, 0xc2, 0x1a, 0x5e, 0x0f, 0x26, 0x50, 0x64, 0xa3, 0xde, 0x4f, 0x83, - 0xa9, 0x58, 0x78, 0x20, 0x06, 0x69, 0x97, 0x98, 0xf2, 0xbc, 0x0e, 0xd9, 0x3b, 0xd5, 0x89, 0x19, - 0x72, 0xaf, 0x4e, 0x74, 0x3b, 0xe5, 0x34, 0x1f, 0xe1, 0xfe, 0xe1, 0x67, 0x0a, 0x98, 0xc6, 0x89, - 0x5d, 0x0a, 0xb6, 0x53, 0x17, 0x6f, 0x0d, 0x07, 0x39, 0x20, 0x72, 0x55, 0xd8, 0xed, 0x94, 0xa7, - 0x7b, 0x26, 0x7b, 0x08, 0xc0, 0xbb, 0x20, 0x87, 0x65, 0x5d, 0x04, 0x67, 0xf9, 0xda, 0x90, 0x6c, - 0xa4, 0xbb, 0x28, 0x07, 0xc1, 0x88, 0x87, 0x22, 0x2c, 0xf5, 0x41, 0x0a, 0x4c, 0x27, 0x8f, 0xfd, - 0x49, 0xa5, 0xc1, 0x2f, 0xff, 0xd4, 0x11, 0xcb, 0x3f, 0x7d, 0x12, 0xe5, 0xff, 0xa3, 0x02, 0x26, - 0x6a, 0xf5, 0xaa, 0x4d, 0x8c, 0x1d, 0x88, 0x41, 0xc6, 0xb0, 0x4c, 0x2a, 0xc3, 0x70, 0x75, 0x38, - 0xe0, 0x5a, 0x7d, 0x1d, 0xb3, 0xe8, 0xd0, 0x5c, 0xad, 0xad, 0x20, 0x24, 0xdc, 0xc3, 0x1d, 0x30, - 0x8e, 0xef, 0x19, 0xd8, 0x65, 0xf2, 0x80, 0x8f, 0x04, 0x68, 0x5a, 0x02, 0x8d, 0xaf, 0x0a, 0xd7, - 0x48, 0x42, 0xa8, 0x0d, 0x90, 0x15, 0x06, 0x47, 0x93, 0x9e, 0xcb, 0x20, 0xef, 0x52, 0xdc, 0xb0, - 0xee, 0xad, 0x61, 0xa7, 0xc9, 0xb6, 0x45, 0xaa, 0xb2, 0x51, 0xf7, 0x51, 0x8f, 0xcd, 0xa1, 0x84, - 0xa5, 0xfa, 0x91, 0x02, 0x72, 0x61, 0xac, 0xb9, 0x72, 0xf0, 0xf0, 0x0a, 0xb8, 0x6c, 0xbc, 0x67, - 0xa2, 0x0c, 0x89, 0x99, 0x50, 0x5b, 0x52, 0x03, 0xb5, 0xe5, 0x32, 0x98, 0x14, 0x5f, 0xcf, 0x06, - 0xb1, 0x8b, 0x69, 0x61, 0x75, 0x36, 0x68, 0x44, 0xea, 0x72, 0xfc, 0x20, 0xf6, 0x3f, 0x0a, 0xad, - 0xd5, 0x07, 0x19, 0x50, 0x58, 0xc7, 0xec, 0x2e, 0xa1, 0x3b, 0x75, 0x62, 0x5b, 0xc6, 0xde, 0x09, - 0xf4, 0x06, 0x0c, 0x64, 0x69, 0xdb, 0xc6, 0x81, 0x68, 0xdf, 0x1c, 0xb2, 0x6a, 0xe3, 0xec, 0x51, - 0xdb, 0xc6, 0x51, 0xf5, 0xf2, 0x27, 0x0f, 0xf9, 0x60, 0xf0, 0x55, 0x30, 0xa3, 0x27, 0x5a, 0x21, - 0xff, 0xd4, 0xe4, 0x44, 0x86, 0x67, 0x92, 0x5d, 0x92, 0x87, 0x7a, 0x6d, 0xe1, 0x22, 0x0f, 0xb1, - 0x45, 0x28, 0xd7, 0xc3, 0xcc, 0x82, 0xb2, 0xa8, 0x54, 0xf3, 0x7e, 0x78, 0xfd, 0x31, 0x14, 0xce, - 0xc2, 0x4b, 0x20, 0xcf, 0x2c, 0x4c, 0x83, 0x99, 0x62, 0x56, 0x24, 0x76, 0x96, 0x17, 0xc5, 0x66, - 0x6c, 0x1c, 0x25, 0xac, 0xe0, 0x7d, 0x05, 0xe4, 0x3c, 0xd2, 0xa6, 0x06, 0x46, 0xb8, 0x51, 0x1c, - 0x17, 0x81, 0xdf, 0x1c, 0x65, 0x64, 0x42, 0x9d, 0x29, 0x70, 0xb5, 0xdb, 0x08, 0xa0, 0x50, 0x84, - 0xaa, 0x3e, 0x51, 0xc0, 0x5c, 0x62, 0xd1, 0x09, 0x74, 0xc5, 0x6e, 0xb2, 0x2b, 0x7e, 0x63, 0x84, - 0x5b, 0x1e, 0xd0, 0x14, 0xff, 0xd0, 0xbb, 0xcb, 0x3a, 0xc6, 0x14, 0xbe, 0x0c, 0x0a, 0x7a, 0xec, - 0xa6, 0xc0, 0x2b, 0x2a, 0xa2, 0x38, 0xe6, 0xba, 0x9d, 0x72, 0x21, 0x7e, 0x85, 0xe0, 0xa1, 0xa4, - 0x1d, 0xf4, 0xc0, 0xa4, 0xe5, 0x0a, 0x51, 0x0c, 0xf6, 0xb0, 0x3a, 0xac, 0x48, 0x09, 0x6f, 0x51, - 0xd4, 0xe4, 0x80, 0x87, 0x42, 0x20, 0xf5, 0xa9, 0x02, 0xfe, 0x7e, 0x78, 0x7a, 0xe1, 0xff, 0x41, - 0x86, 0xed, 0xb9, 0x41, 0x27, 0x72, 0x2e, 0x50, 0x8b, 0xcd, 0x3d, 0x17, 0x1f, 0x74, 0xca, 0xc9, - 0x9d, 0xf3, 0x41, 0x24, 0xcc, 0xff, 0x70, 0x7b, 0x12, 0xaa, 0x52, 0x7a, 0xa0, 0x2a, 0x55, 0x41, - 0xba, 0x6d, 0x99, 0xe2, 0xb4, 0xe4, 0xaa, 0x17, 0xa4, 0x41, 0xfa, 0x56, 0x6d, 0xe5, 0xa0, 0x53, - 0x3e, 0x37, 0xe8, 0x6e, 0x90, 0x93, 0xf1, 0xb4, 0x5b, 0xb5, 0x15, 0xc4, 0x17, 0xab, 0xbf, 0x65, - 0x7a, 0x92, 0xc5, 0xcf, 0x34, 0xbc, 0x02, 0x72, 0xa6, 0x45, 0xb1, 0xc1, 0x2c, 0xe2, 0xc8, 0x8d, - 0x96, 0x02, 0xb2, 0x2b, 0xc1, 0xc4, 0x41, 0xfc, 0x01, 0x45, 0x0b, 0xe0, 0x1d, 0x90, 0x69, 0x50, - 0xd2, 0x92, 0x6d, 0xcd, 0x28, 0xe5, 0x87, 0x57, 0x52, 0x14, 0x8a, 0x6b, 0x94, 0xb4, 0x90, 0x80, - 0x82, 0x3b, 0x20, 0xc5, 0x88, 0x08, 0xd5, 0x31, 0x00, 0x02, 0x09, 0x98, 0xda, 0x24, 0x28, 0xc5, - 0x08, 0xaf, 0x48, 0x0f, 0xd3, 0x5d, 0xcb, 0xc0, 0xc1, 0xc7, 0xc6, 0x90, 0x15, 0xb9, 0xe1, 0x7b, - 0x8b, 0x2a, 0x52, 0x0e, 0x78, 0x28, 0x04, 0x82, 0xff, 0x8d, 0xe9, 0xa3, 0x54, 0xbc, 0xe8, 0x15, - 0xd4, 0xa7, 0x91, 0xb7, 0xc1, 0xb8, 0xee, 0x67, 0x6f, 0x5c, 0x64, 0x0f, 0xf1, 0xd7, 0xf1, 0x72, - 0x90, 0xb6, 0x95, 0x23, 0xdf, 0x8f, 0x63, 0xa3, 0xcd, 0xfd, 0x85, 0x57, 0xe4, 0x1a, 0x2f, 0x0f, - 0xdf, 0x0f, 0x92, 0x08, 0xf0, 0x15, 0x50, 0xc0, 0x8e, 0xbe, 0x65, 0xe3, 0x35, 0xd2, 0x6c, 0x5a, - 0x4e, 0xb3, 0x38, 0xb1, 0xa0, 0x2c, 0x4e, 0x56, 0x4f, 0x49, 0x7a, 0x85, 0xd5, 0xf8, 0x24, 0x4a, - 0xda, 0xaa, 0xdf, 0xa5, 0x01, 0x4c, 0x44, 0x7c, 0x83, 0xe9, 0xcc, 0xe3, 0x4d, 0x72, 0xc1, 0x89, - 0x0f, 0x4b, 0x65, 0x3c, 0x1e, 0xc5, 0x0e, 0xa9, 0x26, 0xe7, 0x93, 0x0c, 0xe0, 0xfb, 0x20, 0xcf, - 0xa8, 0xde, 0x68, 0x58, 0x86, 0xe0, 0x28, 0xcb, 0x7b, 0xe5, 0xc8, 0x8c, 0xc4, 0x8f, 0x0d, 0x5a, - 0x18, 0xc9, 0xcd, 0x98, 0xaf, 0xa8, 0xad, 0x89, 0x8f, 0xa2, 0x04, 0x1e, 0xfc, 0x58, 0x01, 0xb3, - 0xfc, 0x55, 0x1b, 0x37, 0x91, 0x8d, 0xe9, 0x6b, 0x7f, 0x96, 0x04, 0xea, 0xf1, 0x57, 0x2d, 0x4a, - 0x22, 0xb3, 0xbd, 0x33, 0xa8, 0x0f, 0x5b, 0xfd, 0x35, 0x03, 0x66, 0xd7, 0x89, 0x89, 0xc5, 0xd3, - 0x46, 0xbb, 0xd5, 0xd2, 0xe9, 0x49, 0xb4, 0x37, 0x5f, 0x28, 0x60, 0x26, 0x9e, 0x19, 0x2b, 0xec, - 0x74, 0xea, 0x23, 0xac, 0x0e, 0x3f, 0x1c, 0xa7, 0x25, 0x93, 0x99, 0xf5, 0x24, 0x20, 0xea, 0x65, - 0x00, 0xbf, 0x57, 0xc0, 0x59, 0x1f, 0xe5, 0xaa, 0xdd, 0xf6, 0x18, 0xa6, 0x3d, 0x2b, 0x64, 0xa6, - 0x46, 0x4f, 0xf1, 0x3f, 0x92, 0xe2, 0xd9, 0xe5, 0x67, 0xa0, 0xa3, 0x67, 0x72, 0x83, 0x5f, 0x2b, - 0xe0, 0x94, 0x6f, 0xd0, 0xcb, 0x3a, 0x73, 0x4c, 0xac, 0xff, 0x25, 0x59, 0x9f, 0x5a, 0x3e, 0x0c, - 0x16, 0x1d, 0xce, 0x46, 0xd5, 0x41, 0x3e, 0xfe, 0x49, 0x77, 0x1c, 0xb7, 0x02, 0x9f, 0x28, 0x60, - 0x42, 0xca, 0x2f, 0xbc, 0x14, 0x6b, 0xfb, 0x7d, 0x88, 0xe2, 0xf3, 0x5b, 0x7e, 0xb8, 0x2e, 0x3f, - 0x38, 0x52, 0xcf, 0xa9, 0xfe, 0x36, 0xb3, 0x6c, 0xcd, 0xff, 0x95, 0x4e, 0xab, 0x39, 0xec, 0x26, - 0xdd, 0x60, 0xd4, 0x72, 0x9a, 0xd5, 0xc9, 0xe4, 0xe7, 0x49, 0xf5, 0xfc, 0xc3, 0xfd, 0xd2, 0xd8, - 0xa3, 0xfd, 0xd2, 0xd8, 0xe3, 0xfd, 0xd2, 0xd8, 0x07, 0xdd, 0x92, 0xf2, 0xb0, 0x5b, 0x52, 0x1e, - 0x75, 0x4b, 0xca, 0xe3, 0x6e, 0x49, 0xf9, 0xa9, 0x5b, 0x52, 0x3e, 0x7d, 0x52, 0x1a, 0x7b, 0x73, - 0x42, 0x06, 0xfb, 0xf7, 0x00, 0x00, 0x00, 0xff, 0xff, 0x7b, 0x59, 0x4d, 0x75, 0xb8, 0x1d, 0x00, - 0x00, + 0xee, 0x92, 0x76, 0x73, 0xeb, 0x1d, 0x6c, 0xb0, 0x1b, 0x98, 0xe9, 0x55, 0xf8, 0xa0, 0x53, 0x1e, + 0xeb, 0x76, 0xca, 0x20, 0x1a, 0x43, 0xa1, 0x57, 0xe8, 0x80, 0x8c, 0x4b, 0x4c, 0xaf, 0x98, 0x5a, + 0x48, 0x2f, 0x4e, 0x5d, 0x5c, 0xd3, 0x86, 0x29, 0x05, 0x4d, 0x90, 0xbe, 0x81, 0x5b, 0x5b, 0x98, + 0xd6, 0x89, 0x59, 0xcd, 0x4b, 0xe4, 0x4c, 0x9d, 0x98, 0x1e, 0x12, 0x38, 0xf0, 0x43, 0x05, 0xe4, + 0x9b, 0x91, 0x99, 0x57, 0x4c, 0x0b, 0xe0, 0xda, 0xc8, 0x80, 0xab, 0x7f, 0x93, 0xa8, 0xf9, 0xd8, + 0xa0, 0x87, 0x12, 0xa0, 0xea, 0xbe, 0x02, 0x66, 0xe3, 0x81, 0x5e, 0xb3, 0x3c, 0x06, 0xdf, 0xec, + 0x0b, 0xb6, 0x76, 0xb4, 0x60, 0xf3, 0xd5, 0x22, 0xd4, 0xb3, 0x12, 0x7a, 0x32, 0x18, 0x89, 0x05, + 0x9a, 0x80, 0xac, 0xc5, 0x70, 0x2b, 0x88, 0xf4, 0x6b, 0xc3, 0x6d, 0x38, 0x4e, 0xbe, 0x5a, 0x90, + 0xb0, 0xd9, 0x1a, 0x07, 0x40, 0x3e, 0x8e, 0xfa, 0x4d, 0x16, 0xcc, 0xc5, 0xcd, 0xea, 0x3a, 0x33, + 0xb6, 0x4f, 0xa0, 0xa2, 0xde, 0x03, 0x39, 0xdd, 0x34, 0xb1, 0x59, 0x3f, 0xae, 0xb2, 0x9a, 0x93, + 0xf0, 0xb9, 0xe5, 0x00, 0x06, 0x45, 0x88, 0xbc, 0xc0, 0xa6, 0x28, 0x6e, 0x91, 0x5d, 0xc9, 0x20, + 0x7d, 0x0c, 0x0c, 0xe6, 0x25, 0x83, 0x29, 0x14, 0x01, 0xa1, 0x38, 0x2a, 0xfc, 0x5c, 0x01, 0x73, + 0x82, 0x53, 0xbc, 0x08, 0x8b, 0x99, 0x51, 0xd7, 0xfa, 0x3f, 0x24, 0x91, 0xb9, 0xe5, 0x5e, 0x2c, + 0xd4, 0x0f, 0x0f, 0xbf, 0x54, 0xc0, 0xbc, 0x24, 0x99, 0xa0, 0x95, 0x1d, 0x35, 0xad, 0x7f, 0x4a, + 0x5a, 0xf3, 0xa8, 0x1f, 0x0d, 0x1d, 0x46, 0x41, 0xfd, 0x25, 0x05, 0xa6, 0x97, 0x5d, 0xd7, 0xb6, + 0xb0, 0xb9, 0x49, 0x9e, 0x6b, 0xdf, 0x71, 0x6a, 0xdf, 0xcf, 0x0a, 0x80, 0xc9, 0x50, 0x9f, 0x80, + 0xfa, 0xdd, 0x4e, 0xaa, 0xdf, 0x90, 0xb1, 0x4e, 0xd2, 0x1f, 0xa0, 0x7f, 0xdf, 0x66, 0xc1, 0x7c, + 0xd2, 0xf0, 0xb9, 0x02, 0x3e, 0x57, 0xc0, 0xbf, 0xac, 0x02, 0x7e, 0xa5, 0x80, 0xc9, 0x55, 0xc7, + 0x74, 0x89, 0xe5, 0x30, 0xf8, 0x6f, 0x90, 0xb2, 0x5c, 0x51, 0x9d, 0xf9, 0xea, 0x7c, 0xb7, 0x53, + 0x4e, 0xd5, 0xea, 0x07, 0x9d, 0x72, 0xae, 0x56, 0x97, 0x2f, 0x74, 0x94, 0xb2, 0x5c, 0x68, 0x83, + 0xac, 0x4b, 0x28, 0x0b, 0x4a, 0xec, 0xfa, 0x70, 0xec, 0xd7, 0xf5, 0x16, 0xcf, 0x1c, 0x65, 0xd1, + 0x71, 0xe2, 0x4f, 0x1e, 0xf2, 0x41, 0x54, 0x1b, 0x9c, 0x5e, 0xbd, 0xcb, 0x30, 0x75, 0x74, 0x7b, + 0xd5, 0x61, 0x16, 0xdb, 0x43, 0xb8, 0x81, 0x29, 0x76, 0x0c, 0x0c, 0x17, 0x40, 0xc6, 0xd1, 0x5b, + 0x58, 0xf0, 0xcd, 0x45, 0xca, 0xc7, 0x3d, 0x22, 0x31, 0x03, 0x2b, 0x20, 0xc7, 0xff, 0x7a, 0xae, + 0x6e, 0xe0, 0x62, 0x4a, 0x98, 0x85, 0x35, 0xbc, 0x1e, 0x4c, 0xa0, 0xc8, 0x46, 0xbd, 0x97, 0x06, + 0x53, 0xb1, 0xf0, 0x40, 0x0c, 0xd2, 0x2e, 0x31, 0xe5, 0x79, 0x1d, 0xb2, 0x77, 0xaa, 0x13, 0x33, + 0xe4, 0x5e, 0x9d, 0xe8, 0x76, 0xca, 0x69, 0x3e, 0xc2, 0xfd, 0xc3, 0xcf, 0x14, 0x30, 0x8d, 0x13, + 0xbb, 0x14, 0x6c, 0xa7, 0x2e, 0xde, 0x1a, 0x0e, 0x72, 0x40, 0xe4, 0xaa, 0xb0, 0xdb, 0x29, 0x4f, + 0xf7, 0x4c, 0xf6, 0x10, 0x80, 0x77, 0x40, 0x0e, 0xcb, 0xba, 0x08, 0xce, 0xf2, 0xb5, 0x21, 0xd9, + 0x48, 0x77, 0x51, 0x0e, 0x82, 0x11, 0x0f, 0x45, 0x58, 0xea, 0xfd, 0x14, 0x98, 0x4e, 0x1e, 0xfb, + 0x93, 0x4a, 0x83, 0x5f, 0xfe, 0xa9, 0x23, 0x96, 0x7f, 0xfa, 0x24, 0xca, 0xff, 0x47, 0x05, 0x4c, + 0xd4, 0xea, 0x55, 0x9b, 0x18, 0x3b, 0x10, 0x83, 0x8c, 0x61, 0x99, 0x54, 0x86, 0xe1, 0xea, 0x70, + 0xc0, 0xb5, 0xfa, 0x3a, 0x66, 0xd1, 0xa1, 0xb9, 0x5a, 0x5b, 0x41, 0x48, 0xb8, 0x87, 0x3b, 0x60, + 0x1c, 0xdf, 0x35, 0xb0, 0xcb, 0xe4, 0x01, 0x1f, 0x09, 0xd0, 0xb4, 0x04, 0x1a, 0x5f, 0x15, 0xae, + 0x91, 0x84, 0x50, 0x1b, 0x20, 0x2b, 0x0c, 0x8e, 0x26, 0x3d, 0x97, 0x41, 0xde, 0xa5, 0xb8, 0x61, + 0xdd, 0x5d, 0xc3, 0x4e, 0x93, 0x6d, 0x8b, 0x54, 0x65, 0xa3, 0xee, 0xa3, 0x1e, 0x9b, 0x43, 0x09, + 0x4b, 0xf5, 0x23, 0x05, 0xe4, 0xc2, 0x58, 0x73, 0xe5, 0xe0, 0xe1, 0x15, 0x70, 0xd9, 0x78, 0xcf, + 0x44, 0x19, 0x12, 0x33, 0xa1, 0xb6, 0xa4, 0x06, 0x6a, 0xcb, 0x65, 0x30, 0x29, 0xbe, 0x9e, 0x0d, + 0x62, 0x17, 0xd3, 0xc2, 0xea, 0x6c, 0xd0, 0x88, 0xd4, 0xe5, 0xf8, 0x41, 0xec, 0x7f, 0x14, 0x5a, + 0xab, 0xf7, 0x33, 0xa0, 0xb0, 0x8e, 0xd9, 0x1d, 0x42, 0x77, 0xea, 0xc4, 0xb6, 0x8c, 0xbd, 0x13, + 0xe8, 0x0d, 0x18, 0xc8, 0xd2, 0xb6, 0x8d, 0x03, 0xd1, 0xbe, 0x39, 0x64, 0xd5, 0xc6, 0xd9, 0xa3, + 0xb6, 0x8d, 0xa3, 0xea, 0xe5, 0x4f, 0x1e, 0xf2, 0xc1, 0xe0, 0xcb, 0x60, 0x46, 0x4f, 0xb4, 0x42, + 0xfe, 0xa9, 0xc9, 0x89, 0x0c, 0xcf, 0x24, 0xbb, 0x24, 0x0f, 0xf5, 0xda, 0xc2, 0x45, 0x1e, 0x62, + 0x8b, 0x50, 0xae, 0x87, 0x99, 0x05, 0x65, 0x51, 0xa9, 0xe6, 0xfd, 0xf0, 0xfa, 0x63, 0x28, 0x9c, + 0x85, 0x97, 0x40, 0x9e, 0x59, 0x98, 0x06, 0x33, 0xc5, 0xac, 0x48, 0xec, 0x2c, 0x2f, 0x8a, 0xcd, + 0xd8, 0x38, 0x4a, 0x58, 0xc1, 0x7b, 0x0a, 0xc8, 0x79, 0xa4, 0x4d, 0x0d, 0x8c, 0x70, 0xa3, 0x38, + 0x2e, 0x02, 0xbf, 0x39, 0xca, 0xc8, 0x84, 0x3a, 0x53, 0xe0, 0x6a, 0xb7, 0x11, 0x40, 0xa1, 0x08, + 0x55, 0x7d, 0xac, 0x80, 0xb9, 0xc4, 0xa2, 0x13, 0xe8, 0x8a, 0xdd, 0x64, 0x57, 0xfc, 0xfa, 0x08, + 0xb7, 0x3c, 0xa0, 0x29, 0xfe, 0xa1, 0x77, 0x97, 0x75, 0x8c, 0x29, 0x7c, 0x11, 0x14, 0xf4, 0xd8, + 0x4d, 0x81, 0x57, 0x54, 0x44, 0x71, 0xcc, 0x75, 0x3b, 0xe5, 0x42, 0xfc, 0x0a, 0xc1, 0x43, 0x49, + 0x3b, 0xe8, 0x81, 0x49, 0xcb, 0x15, 0xa2, 0x18, 0xec, 0x61, 0x75, 0x58, 0x91, 0x12, 0xde, 0xa2, + 0xa8, 0xc9, 0x01, 0x0f, 0x85, 0x40, 0xea, 0x13, 0x05, 0xfc, 0xfd, 0xf0, 0xf4, 0xc2, 0xff, 0x83, + 0x0c, 0xdb, 0x73, 0x83, 0x4e, 0xe4, 0x5c, 0xa0, 0x16, 0x9b, 0x7b, 0x2e, 0x3e, 0xe8, 0x94, 0x93, + 0x3b, 0xe7, 0x83, 0x48, 0x98, 0xff, 0xe1, 0xf6, 0x24, 0x54, 0xa5, 0xf4, 0x40, 0x55, 0xaa, 0x82, + 0x74, 0xdb, 0x32, 0xc5, 0x69, 0xc9, 0x55, 0x2f, 0x48, 0x83, 0xf4, 0xad, 0xda, 0xca, 0x41, 0xa7, + 0x7c, 0x6e, 0xd0, 0xdd, 0x20, 0x27, 0xe3, 0x69, 0xb7, 0x6a, 0x2b, 0x88, 0x2f, 0x56, 0x7f, 0xcb, + 0xf4, 0x24, 0x8b, 0x9f, 0x69, 0x78, 0x05, 0xe4, 0x4c, 0x8b, 0x62, 0x83, 0x59, 0xc4, 0x91, 0x1b, + 0x2d, 0x05, 0x64, 0x57, 0x82, 0x89, 0x83, 0xf8, 0x03, 0x8a, 0x16, 0xc0, 0xdb, 0x20, 0xd3, 0xa0, + 0xa4, 0x25, 0xdb, 0x9a, 0x51, 0xca, 0x0f, 0xaf, 0xa4, 0x28, 0x14, 0xd7, 0x28, 0x69, 0x21, 0x01, + 0x05, 0x77, 0x40, 0x8a, 0x11, 0x11, 0xaa, 0x63, 0x00, 0x04, 0x12, 0x30, 0xb5, 0x49, 0x50, 0x8a, + 0x11, 0x5e, 0x91, 0x1e, 0xa6, 0xbb, 0x96, 0x81, 0x83, 0x8f, 0x8d, 0x21, 0x2b, 0x72, 0xc3, 0xf7, + 0x16, 0x55, 0xa4, 0x1c, 0xf0, 0x50, 0x08, 0x04, 0xff, 0x1b, 0xd3, 0x47, 0xa9, 0x78, 0xd1, 0x2b, + 0xa8, 0x4f, 0x23, 0x31, 0x18, 0xd7, 0xfd, 0xec, 0x8d, 0x8b, 0xec, 0xdd, 0xe0, 0xaf, 0xe3, 0xe5, + 0x20, 0x6d, 0xaf, 0x1c, 0xf9, 0x6a, 0x9f, 0x9a, 0xe1, 0xed, 0xb8, 0xc6, 0x2b, 0xc3, 0x77, 0x81, + 0xa4, 0x73, 0xf8, 0x12, 0x28, 0x60, 0x47, 0xdf, 0xb2, 0xf1, 0x1a, 0x69, 0x36, 0x2d, 0xa7, 0x59, + 0x9c, 0x58, 0x50, 0x16, 0x27, 0xab, 0xa7, 0x24, 0xb3, 0xc2, 0x6a, 0x7c, 0x12, 0x25, 0x6d, 0xd5, + 0xef, 0xd2, 0x00, 0x26, 0x82, 0xbd, 0xc1, 0x74, 0xe6, 0xf1, 0xfe, 0xb8, 0xe0, 0xc4, 0x87, 0xa5, + 0x28, 0x1e, 0x8f, 0x58, 0x87, 0x54, 0x93, 0xf3, 0x49, 0x06, 0xf0, 0x7d, 0x90, 0x67, 0x54, 0x6f, + 0x34, 0x2c, 0x43, 0x70, 0x94, 0x95, 0xbd, 0x72, 0x64, 0x46, 0xe2, 0x77, 0x06, 0x2d, 0x8c, 0xe4, + 0x66, 0xcc, 0x57, 0xd4, 0xd1, 0xc4, 0x47, 0x51, 0x02, 0x0f, 0x7e, 0xac, 0x80, 0x59, 0xfe, 0x96, + 0x8d, 0x9b, 0xc8, 0x9e, 0xf4, 0xd5, 0x3f, 0x4b, 0x02, 0xf5, 0xf8, 0xab, 0x16, 0x25, 0x91, 0xd9, + 0xde, 0x19, 0xd4, 0x87, 0xad, 0xfe, 0x9a, 0x01, 0xb3, 0xeb, 0xc4, 0xc4, 0xe2, 0x69, 0xa3, 0xdd, + 0x6a, 0xe9, 0xf4, 0x24, 0x3a, 0x9b, 0x2f, 0x14, 0x30, 0x13, 0xcf, 0x8c, 0x15, 0x36, 0x39, 0xf5, + 0x11, 0x56, 0x87, 0x1f, 0x8e, 0xd3, 0x92, 0xc9, 0xcc, 0x7a, 0x12, 0x10, 0xf5, 0x32, 0x80, 0xdf, + 0x2b, 0xe0, 0xac, 0x8f, 0x72, 0xd5, 0x6e, 0x7b, 0x0c, 0xd3, 0x9e, 0x15, 0x32, 0x53, 0xa3, 0xa7, + 0xf8, 0x1f, 0x49, 0xf1, 0xec, 0xf2, 0x53, 0xd0, 0xd1, 0x53, 0xb9, 0xc1, 0xaf, 0x15, 0x70, 0xca, + 0x37, 0xe8, 0x65, 0x9d, 0x39, 0x26, 0xd6, 0xff, 0x92, 0xac, 0x4f, 0x2d, 0x1f, 0x06, 0x8b, 0x0e, + 0x67, 0xa3, 0xea, 0x20, 0x1f, 0xff, 0x9a, 0x3b, 0x8e, 0x0b, 0x81, 0x4f, 0x14, 0x30, 0x21, 0x95, + 0x17, 0x5e, 0x8a, 0x75, 0xfc, 0x3e, 0x44, 0xf1, 0xd9, 0xdd, 0x3e, 0x5c, 0x97, 0xdf, 0x1a, 0xa9, + 0x67, 0x54, 0x7f, 0x9b, 0x59, 0xb6, 0xe6, 0xff, 0x40, 0xa7, 0xd5, 0x1c, 0x76, 0x93, 0x6e, 0x30, + 0x6a, 0x39, 0xcd, 0xea, 0x64, 0xf2, 0xcb, 0xa4, 0x7a, 0xfe, 0xc1, 0x7e, 0x69, 0xec, 0xe1, 0x7e, + 0x69, 0xec, 0xd1, 0x7e, 0x69, 0xec, 0x83, 0x6e, 0x49, 0x79, 0xd0, 0x2d, 0x29, 0x0f, 0xbb, 0x25, + 0xe5, 0x51, 0xb7, 0xa4, 0xfc, 0xd4, 0x2d, 0x29, 0x9f, 0x3e, 0x2e, 0x8d, 0xbd, 0x31, 0x21, 0x83, + 0xfd, 0x7b, 0x00, 0x00, 0x00, 0xff, 0xff, 0x69, 0xde, 0x73, 0x4c, 0xb3, 0x1d, 0x00, 0x00, } func (m *AddressGroup) Marshal() (dAtA []byte, err error) { @@ -5653,7 +5652,7 @@ func (m *NetworkPolicyRule) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - s := github_com_vmware_tanzu_antrea_pkg_apis_security_v1alpha1.RuleAction(dAtA[iNdEx:postIndex]) + s := github_com_vmware_tanzu_antrea_pkg_apis_crd_v1alpha1.RuleAction(dAtA[iNdEx:postIndex]) m.Action = &s iNdEx = postIndex case 7: diff --git a/pkg/apis/controlplane/v1beta1/register.go b/pkg/apis/controlplane/v1beta1/register.go index ba58759c73f..b9f9cba3873 100644 --- a/pkg/apis/controlplane/v1beta1/register.go +++ b/pkg/apis/controlplane/v1beta1/register.go @@ -21,7 +21,7 @@ import ( ) // GroupName is the group name used in this package. -const GroupName = "controlplane.antrea.tanzu.vmware.com" +const GroupName = "controlplane.antrea.io" var ( // SchemeGroupVersion is group version used to register these objects. diff --git a/pkg/apis/controlplane/v1beta1/types.go b/pkg/apis/controlplane/v1beta1/types.go index 5cbb99e3ec8..1de71c53988 100644 --- a/pkg/apis/controlplane/v1beta1/types.go +++ b/pkg/apis/controlplane/v1beta1/types.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/intstr" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" ) @@ -219,7 +219,7 @@ type NetworkPolicyRule struct { // Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty // action “nil” defaults to Allow action, which would be the case for rules created for // K8s Network Policy. - Action *secv1alpha1.RuleAction `json:"action,omitempty" protobuf:"bytes,6,opt,name=action,casttype=github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1.RuleAction"` + Action *crdv1alpha1.RuleAction `json:"action,omitempty" protobuf:"bytes,6,opt,name=action,casttype=github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1.RuleAction"` // EnableLogging indicates whether or not to generate logs when rules are matched. Default to false. EnableLogging bool `json:"enableLogging" protobuf:"varint,7,opt,name=enableLogging"` } diff --git a/pkg/apis/controlplane/v1beta1/zz_generated.conversion.go b/pkg/apis/controlplane/v1beta1/zz_generated.conversion.go index d9b3f8a8f8c..0fe79c99467 100644 --- a/pkg/apis/controlplane/v1beta1/zz_generated.conversion.go +++ b/pkg/apis/controlplane/v1beta1/zz_generated.conversion.go @@ -22,7 +22,7 @@ import ( unsafe "unsafe" controlplane "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/apis/controlplane/v1beta1/zz_generated.deepcopy.go b/pkg/apis/controlplane/v1beta1/zz_generated.deepcopy.go index 1a60b1a01ef..22ded49e07a 100644 --- a/pkg/apis/controlplane/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/controlplane/v1beta1/zz_generated.deepcopy.go @@ -19,7 +19,7 @@ package v1beta1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" intstr "k8s.io/apimachinery/pkg/util/intstr" diff --git a/pkg/apis/controlplane/v1beta2/doc.go b/pkg/apis/controlplane/v1beta2/doc.go index 1acbfc59126..239556a7312 100644 --- a/pkg/apis/controlplane/v1beta2/doc.go +++ b/pkg/apis/controlplane/v1beta2/doc.go @@ -16,7 +16,7 @@ // +k8s:deepcopy-gen=package // +k8s:protobuf-gen=package // +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/controlplane -// +groupName=controlplane.antrea.tanzu.vmware.com +// +groupName=controlplane.antrea.io // Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages. package v1beta2 diff --git a/pkg/apis/controlplane/v1beta2/generated.pb.go b/pkg/apis/controlplane/v1beta2/generated.pb.go index 558adcd2ec8..8e3ebd8e5d5 100644 --- a/pkg/apis/controlplane/v1beta2/generated.pb.go +++ b/pkg/apis/controlplane/v1beta2/generated.pb.go @@ -23,7 +23,7 @@ import ( io "io" proto "github.com/gogo/protobuf/proto" - github_com_vmware_tanzu_antrea_pkg_apis_security_v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + github_com_vmware_tanzu_antrea_pkg_apis_crd_v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" math "math" @@ -808,119 +808,119 @@ func init() { } var fileDescriptor_d31898dc88dbbf6e = []byte{ - // 1792 bytes of a gzipped FileDescriptorProto + // 1790 bytes of a gzipped FileDescriptorProto 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xec, 0x59, 0xcb, 0x6f, 0x23, 0x49, 0x19, 0x4f, 0xfb, 0x91, 0xc4, 0x5f, 0x9c, 0x8c, 0x53, 0xd9, 0x61, 0xcc, 0x30, 0xd8, 0xd9, 0xe6, - 0xa1, 0x1c, 0x98, 0xf6, 0x4e, 0x18, 0x60, 0x24, 0x96, 0x43, 0x3c, 0xc9, 0x06, 0x43, 0xd6, 0x63, - 0x55, 0x32, 0x17, 0x84, 0x04, 0x95, 0x76, 0xd9, 0xe9, 0x8d, 0xdd, 0xd5, 0x5b, 0x5d, 0xce, 0x4e, + 0xa1, 0x1c, 0x98, 0xf6, 0x4e, 0x18, 0x60, 0x24, 0x16, 0xa1, 0x78, 0x92, 0x0d, 0x86, 0x8c, 0xc7, + 0xaa, 0x64, 0x2e, 0x08, 0x09, 0x3a, 0xdd, 0x65, 0xa7, 0x89, 0xdd, 0xd5, 0x5b, 0x5d, 0xce, 0x4e, 0x16, 0x09, 0x81, 0x38, 0x2d, 0x07, 0x9e, 0x17, 0x4e, 0xdc, 0x56, 0xfb, 0x1f, 0x20, 0xc1, 0x8d, - 0xdb, 0x1c, 0xf7, 0xb8, 0x17, 0x2c, 0xc6, 0x2b, 0xb8, 0x72, 0x40, 0x42, 0x28, 0x27, 0x54, 0xd5, - 0xe5, 0x7e, 0x39, 0xd9, 0x64, 0xb0, 0x13, 0x21, 0xb1, 0xa7, 0xb8, 0xab, 0xbe, 0xfa, 0x7e, 0xbf, - 0xfa, 0x5e, 0xf5, 0x55, 0x05, 0xf6, 0xba, 0x8e, 0x38, 0x1a, 0x1c, 0x5a, 0x36, 0xeb, 0xd7, 0x4e, - 0xfa, 0xef, 0x10, 0x4e, 0xef, 0x0b, 0xe2, 0xbe, 0x3b, 0xa8, 0x11, 0x57, 0x70, 0x4a, 0x6a, 0xde, - 0x71, 0xb7, 0x46, 0x3c, 0xc7, 0xaf, 0xd9, 0xcc, 0x15, 0x9c, 0xf5, 0xbc, 0x1e, 0x71, 0x69, 0xed, - 0xe4, 0xc1, 0x21, 0x15, 0x64, 0xb3, 0xd6, 0xa5, 0x2e, 0xe5, 0x44, 0xd0, 0xb6, 0xe5, 0x71, 0x26, - 0x18, 0x7a, 0x3d, 0xd2, 0x66, 0x05, 0xda, 0x7e, 0xa0, 0xb4, 0x59, 0x81, 0x36, 0xcb, 0x3b, 0xee, - 0x5a, 0x52, 0x9b, 0x15, 0xd7, 0x66, 0x69, 0x6d, 0x77, 0xef, 0xc7, 0xb8, 0x74, 0x59, 0x97, 0xd5, - 0x94, 0xd2, 0xc3, 0x41, 0x47, 0x7d, 0xa9, 0x0f, 0xf5, 0x2b, 0x00, 0xbb, 0xfb, 0xc6, 0x55, 0xa9, - 0xfb, 0x82, 0x08, 0xbf, 0x76, 0xf2, 0x80, 0xf4, 0xbc, 0x23, 0xf2, 0x20, 0x4d, 0xfa, 0xee, 0xc3, - 0xe3, 0x47, 0xbe, 0xe5, 0x30, 0x29, 0xdb, 0x27, 0xf6, 0x91, 0xe3, 0x52, 0x7e, 0x1a, 0x2d, 0xee, - 0x53, 0x41, 0x6a, 0x27, 0x93, 0xab, 0x6a, 0x17, 0xad, 0xe2, 0x03, 0x57, 0x38, 0x7d, 0x3a, 0xb1, - 0xe0, 0xeb, 0x97, 0x2d, 0xf0, 0xed, 0x23, 0xda, 0x27, 0x13, 0xeb, 0xbe, 0x7a, 0xd1, 0xba, 0x81, - 0x70, 0x7a, 0x35, 0xc7, 0x15, 0xbe, 0xe0, 0xe9, 0x45, 0xe6, 0xbf, 0x0c, 0x28, 0x6e, 0xb5, 0xdb, - 0x9c, 0xfa, 0xfe, 0x2e, 0x67, 0x03, 0x0f, 0xfd, 0x10, 0x16, 0xe5, 0x4e, 0xda, 0x44, 0x90, 0xb2, - 0xb1, 0x6e, 0x6c, 0x2c, 0x6d, 0xbe, 0x66, 0x05, 0x8a, 0xad, 0xb8, 0xe2, 0xc8, 0x43, 0x52, 0xda, - 0x3a, 0x79, 0x60, 0x3d, 0x39, 0x7c, 0x8b, 0xda, 0xe2, 0x4d, 0x2a, 0x48, 0x1d, 0x3d, 0x1f, 0x56, - 0xe7, 0x46, 0xc3, 0x2a, 0x44, 0x63, 0x38, 0xd4, 0x8a, 0x7e, 0x66, 0x40, 0xb1, 0x2b, 0xb1, 0xde, - 0xa4, 0xfd, 0x43, 0xca, 0xfd, 0x72, 0x66, 0x3d, 0xbb, 0xb1, 0xb4, 0xd9, 0xb0, 0xa6, 0x89, 0x09, - 0x6b, 0x37, 0xd2, 0x58, 0x7f, 0x45, 0xe3, 0x17, 0x63, 0x83, 0x3e, 0x4e, 0x80, 0x9a, 0x2f, 0x0c, - 0x28, 0xc5, 0x37, 0xbe, 0xe7, 0xf8, 0x02, 0x7d, 0x7f, 0x62, 0xf3, 0xd6, 0xd5, 0x36, 0x2f, 0x57, - 0xab, 0xad, 0x97, 0x34, 0xf4, 0xe2, 0x78, 0x24, 0xb6, 0x71, 0x06, 0x79, 0x47, 0xd0, 0xfe, 0x78, - 0xc3, 0xdf, 0x99, 0x6e, 0xc3, 0x71, 0xf2, 0xf5, 0x65, 0x0d, 0x9b, 0x6f, 0x48, 0x00, 0x1c, 0xe0, - 0x98, 0xef, 0x67, 0x61, 0x35, 0x2e, 0xd6, 0x22, 0xc2, 0x3e, 0xba, 0x01, 0x0f, 0xff, 0xc6, 0x80, - 0x55, 0xd2, 0x6e, 0xd3, 0xf6, 0xee, 0xb5, 0xba, 0xf9, 0xb3, 0x9a, 0x84, 0xdc, 0x63, 0x12, 0x0b, - 0x4f, 0xc2, 0xa3, 0xdf, 0x19, 0xb0, 0xc6, 0x69, 0x9f, 0x9d, 0xa4, 0x68, 0x65, 0x67, 0x4d, 0xeb, - 0x73, 0x9a, 0xd6, 0x1a, 0x9e, 0x44, 0xc3, 0xe7, 0x51, 0x30, 0xff, 0x6d, 0xc0, 0xca, 0x96, 0xe7, - 0xf5, 0x1c, 0xda, 0x3e, 0x60, 0xff, 0x5f, 0x69, 0xf8, 0x37, 0x03, 0x50, 0x72, 0xeb, 0x37, 0x90, - 0x88, 0x6f, 0x27, 0x13, 0x71, 0x6f, 0xca, 0x44, 0x4c, 0xd0, 0xbf, 0x20, 0x15, 0x3f, 0xc8, 0xc2, - 0x5a, 0x52, 0xf0, 0xd3, 0x64, 0xfc, 0xdf, 0x4c, 0xc6, 0xf7, 0x32, 0xb0, 0xf6, 0xb8, 0x37, 0xf0, - 0x05, 0xe5, 0x09, 0xca, 0xd7, 0xef, 0xa9, 0x5f, 0x1a, 0x50, 0xa2, 0x9d, 0x0e, 0xb5, 0x85, 0x73, - 0x42, 0xaf, 0xcd, 0x51, 0x65, 0xcd, 0xa1, 0xb4, 0x93, 0x82, 0xc2, 0x13, 0xe0, 0x66, 0x0f, 0xee, - 0xec, 0x3c, 0x13, 0x94, 0xbb, 0xa4, 0xb7, 0xe3, 0x0a, 0x47, 0x9c, 0x62, 0xda, 0xa1, 0x9c, 0xba, - 0x36, 0x45, 0xeb, 0x90, 0x73, 0x49, 0x9f, 0x2a, 0x53, 0x14, 0xea, 0x45, 0xad, 0x34, 0xd7, 0x24, - 0x7d, 0x8a, 0xd5, 0x0c, 0xaa, 0x41, 0x41, 0xfe, 0xf5, 0x3d, 0x62, 0xd3, 0x72, 0x46, 0x89, 0xad, - 0x6a, 0xb1, 0x42, 0x73, 0x3c, 0x81, 0x23, 0x19, 0x69, 0xf9, 0x92, 0x62, 0xba, 0xe5, 0xfb, 0xcc, - 0x76, 0x88, 0x70, 0x98, 0x7b, 0x33, 0x09, 0x52, 0x22, 0x1a, 0x51, 0xc7, 0xc2, 0x8c, 0x2a, 0x83, - 0xd2, 0x15, 0x9a, 0x2c, 0xb2, 0xfc, 0x56, 0x0a, 0x0d, 0x4f, 0xe0, 0x9b, 0xbf, 0xcf, 0xc2, 0x52, - 0xcc, 0x6b, 0x88, 0x42, 0xd6, 0x63, 0x6d, 0x6d, 0x81, 0x29, 0x3b, 0x87, 0x16, 0x6b, 0x47, 0xa4, - 0x16, 0x46, 0xc3, 0x6a, 0x56, 0x8e, 0x48, 0xfd, 0xe8, 0xd7, 0x06, 0xac, 0xd0, 0x84, 0xc7, 0x95, - 0xe7, 0x96, 0x36, 0x9f, 0x4e, 0x07, 0x79, 0x41, 0x14, 0xd5, 0xd1, 0x68, 0x58, 0x5d, 0x49, 0x4d, - 0xa6, 0x08, 0xa0, 0x2f, 0x43, 0xd6, 0xf1, 0x82, 0xd2, 0x50, 0xac, 0xbf, 0x22, 0xe9, 0x36, 0x5a, - 0xfe, 0xd9, 0xb0, 0x5a, 0x68, 0xb4, 0x74, 0x73, 0x83, 0xa5, 0x00, 0xea, 0x41, 0xde, 0x63, 0x5c, - 0xf8, 0xe5, 0x9c, 0xf2, 0xdd, 0xee, 0x74, 0x8c, 0x65, 0x84, 0xb6, 0x5b, 0x8c, 0x8b, 0xa8, 0xa0, - 0xcb, 0x2f, 0x1f, 0x07, 0x20, 0xe6, 0x07, 0x06, 0xac, 0x24, 0xfd, 0x9b, 0x0c, 0x78, 0xe3, 0xf2, - 0x80, 0x0f, 0x73, 0x28, 0x73, 0x61, 0x0e, 0xd5, 0x21, 0x3b, 0x70, 0xda, 0xe5, 0xac, 0x12, 0x78, - 0x4d, 0x0b, 0x64, 0x9f, 0x36, 0xb6, 0xcf, 0x86, 0xd5, 0x57, 0x2f, 0xea, 0xf7, 0xc5, 0xa9, 0x47, - 0x7d, 0xeb, 0x69, 0x63, 0x1b, 0xcb, 0xc5, 0xe6, 0x5f, 0x0c, 0x58, 0x68, 0xb4, 0xea, 0x3d, 0x66, - 0x1f, 0x23, 0x0a, 0x39, 0xdb, 0x69, 0x73, 0x1d, 0x47, 0x8f, 0xa7, 0x33, 0x51, 0xa3, 0xd5, 0xa4, - 0x22, 0xa2, 0xfd, 0xb8, 0xb1, 0x8d, 0xb1, 0x52, 0x8f, 0x8e, 0x61, 0x9e, 0x3e, 0xb3, 0xa9, 0x27, - 0x74, 0x1e, 0xcd, 0x04, 0x68, 0x45, 0x03, 0xcd, 0xef, 0x28, 0xd5, 0x58, 0x43, 0x98, 0x1d, 0xc8, - 0x2b, 0x01, 0xf4, 0x05, 0xc8, 0x38, 0x9e, 0xda, 0x5a, 0xb1, 0xbe, 0x36, 0x1a, 0x56, 0x33, 0x8d, - 0x56, 0x32, 0x4c, 0x32, 0x8e, 0x87, 0x1e, 0x41, 0xd1, 0xe3, 0xb4, 0xe3, 0x3c, 0xdb, 0xa3, 0x6e, - 0x57, 0x1c, 0x29, 0xdb, 0xe7, 0xa3, 0x56, 0xa5, 0x15, 0x9b, 0xc3, 0x09, 0x49, 0xf3, 0x3d, 0x03, - 0x0a, 0x61, 0x54, 0x48, 0xdf, 0xc9, 0x40, 0x50, 0x70, 0xf9, 0xc8, 0x08, 0x72, 0x0e, 0xab, 0x99, - 0x2b, 0x78, 0xf7, 0x11, 0x2c, 0xaa, 0x5b, 0x98, 0xcd, 0x7a, 0xda, 0xc5, 0xf7, 0xc6, 0x5d, 0x4b, - 0x4b, 0x8f, 0x9f, 0xc5, 0x7e, 0xe3, 0x50, 0xda, 0xfc, 0x79, 0x0e, 0x96, 0x9b, 0x54, 0xbc, 0xc3, - 0xf8, 0x71, 0x8b, 0xf5, 0x1c, 0xfb, 0xf4, 0x06, 0xea, 0xa4, 0x80, 0x3c, 0x1f, 0xf4, 0xe8, 0xb8, - 0x36, 0x3e, 0x99, 0x32, 0xbf, 0xe2, 0xec, 0xf1, 0xa0, 0x47, 0xa3, 0x3c, 0x93, 0x5f, 0x3e, 0x0e, - 0xc0, 0xd0, 0xb7, 0xe0, 0x16, 0x49, 0xf4, 0x4d, 0x41, 0x25, 0x28, 0x28, 0x0f, 0xdf, 0x4a, 0xb6, - 0x54, 0x3e, 0x4e, 0xcb, 0xa2, 0x0d, 0x69, 0x62, 0x87, 0x71, 0x59, 0xc9, 0x72, 0xeb, 0xc6, 0x86, - 0x51, 0x2f, 0x06, 0xe6, 0x0d, 0xc6, 0x70, 0x38, 0x8b, 0x1e, 0x42, 0x51, 0x38, 0x94, 0x8f, 0x67, - 0xca, 0x79, 0xe5, 0xd8, 0x92, 0x0c, 0x8a, 0x83, 0xd8, 0x38, 0x4e, 0x48, 0xa1, 0x9f, 0x1a, 0x50, - 0xf0, 0xd9, 0x80, 0xdb, 0x14, 0xd3, 0x4e, 0x79, 0x5e, 0x19, 0xfe, 0x60, 0x96, 0x96, 0x09, 0x4b, - 0xe5, 0xb2, 0x2c, 0x23, 0xfb, 0x63, 0x28, 0x1c, 0xa1, 0x9a, 0x1f, 0x1b, 0xb0, 0x9a, 0x58, 0x74, - 0x03, 0x2d, 0xb4, 0x97, 0x6c, 0xa1, 0xbf, 0x3b, 0xc3, 0x2d, 0x5f, 0xd0, 0x41, 0xff, 0x08, 0xee, - 0x24, 0xc4, 0x9a, 0xac, 0x4d, 0xf7, 0x05, 0x11, 0x03, 0x1f, 0x7d, 0x05, 0x16, 0x5d, 0xd6, 0xa6, - 0xcd, 0xa8, 0x1f, 0x09, 0xa9, 0x37, 0xf5, 0x38, 0x0e, 0x25, 0xd0, 0x26, 0x80, 0x7e, 0x05, 0x71, - 0x98, 0xab, 0xb2, 0x33, 0x1b, 0x45, 0xfe, 0x6e, 0x38, 0x83, 0x63, 0x52, 0xe6, 0x9f, 0xd3, 0x26, - 0x6e, 0x51, 0xca, 0xd1, 0x37, 0x60, 0x99, 0xc4, 0xae, 0xd7, 0x7e, 0xd9, 0x50, 0x91, 0xb9, 0x3a, - 0x1a, 0x56, 0x97, 0xe3, 0xf7, 0x6e, 0x1f, 0x27, 0xe5, 0x90, 0x0f, 0x8b, 0x8e, 0xa7, 0x2a, 0xf2, - 0xd8, 0x80, 0x3b, 0xd3, 0x56, 0x48, 0xa5, 0x2d, 0xda, 0xb7, 0x1e, 0xf0, 0x71, 0x08, 0x64, 0xfe, - 0xdd, 0x80, 0xcf, 0x9c, 0x1f, 0x5b, 0xe8, 0x6b, 0x90, 0x93, 0x87, 0x86, 0x36, 0xde, 0xab, 0xe3, - 0x52, 0x75, 0x70, 0xea, 0xd1, 0xb3, 0x61, 0x35, 0xb9, 0x73, 0x39, 0x88, 0x95, 0xf8, 0x4b, 0x77, - 0x78, 0x61, 0x49, 0xcc, 0x5e, 0x76, 0xe0, 0xe5, 0xa6, 0x39, 0xf0, 0x86, 0xf9, 0x94, 0xb3, 0x64, - 0x41, 0x41, 0xaf, 0x43, 0xa1, 0xed, 0x70, 0xd9, 0xdf, 0x32, 0x57, 0x6f, 0xb4, 0x32, 0x26, 0xbb, - 0x3d, 0x9e, 0x38, 0x8b, 0x7f, 0xe0, 0x68, 0x01, 0x7a, 0x1b, 0x72, 0x1d, 0xce, 0xfa, 0xba, 0x1b, - 0x9a, 0x65, 0xed, 0x93, 0x91, 0x14, 0x99, 0xe2, 0x0d, 0xce, 0xfa, 0x58, 0x41, 0xa1, 0x63, 0xc8, - 0x08, 0xa6, 0x4c, 0x75, 0x0d, 0x80, 0xa0, 0x01, 0x33, 0x07, 0x0c, 0x67, 0x04, 0x93, 0x11, 0xe9, - 0x53, 0x7e, 0xe2, 0xd8, 0x74, 0xdc, 0x3f, 0x4d, 0x19, 0x91, 0xfb, 0x81, 0xb6, 0x28, 0x22, 0xf5, - 0x80, 0x8f, 0x43, 0x20, 0x99, 0xb7, 0x5e, 0xaa, 0xdc, 0x46, 0xe7, 0xdf, 0x44, 0x81, 0x7e, 0x0b, - 0xe6, 0x49, 0xe0, 0xbd, 0x79, 0xe5, 0x3d, 0x2c, 0x7b, 0x81, 0xad, 0xb1, 0xdb, 0xb6, 0xaf, 0xfc, - 0xc8, 0x4b, 0xed, 0x81, 0xd4, 0x17, 0xbe, 0xf3, 0x5a, 0x32, 0x3c, 0x02, 0x3d, 0x58, 0x23, 0xa0, - 0x6f, 0xc2, 0x32, 0x75, 0xc9, 0x61, 0x8f, 0xee, 0xb1, 0x6e, 0xd7, 0x71, 0xbb, 0xe5, 0x85, 0x75, - 0x63, 0x63, 0xb1, 0x7e, 0x5b, 0xd3, 0x5b, 0xde, 0x89, 0x4f, 0xe2, 0xa4, 0xec, 0x79, 0x47, 0xd6, - 0xe2, 0x4b, 0x1c, 0x59, 0xe3, 0x24, 0x29, 0x5c, 0x94, 0x24, 0xe6, 0x1f, 0xb3, 0x80, 0x12, 0x2e, - 0x95, 0x75, 0xd0, 0x97, 0xcd, 0xfb, 0xb2, 0x1b, 0x1f, 0xd6, 0x75, 0xff, 0x7a, 0xce, 0xa3, 0xd0, - 0x16, 0xc9, 0xf9, 0x24, 0x03, 0xf4, 0x63, 0x28, 0x0a, 0x4e, 0x3a, 0x1d, 0xc7, 0x56, 0x1c, 0x75, - 0xfe, 0x6c, 0x5f, 0x99, 0x91, 0x7a, 0x92, 0xb7, 0x42, 0x57, 0x1d, 0xc4, 0x74, 0x45, 0x4d, 0x5b, - 0x7c, 0x14, 0x27, 0xf0, 0xd0, 0x2f, 0x0c, 0x28, 0xc9, 0x46, 0x22, 0x2e, 0xa2, 0x5f, 0x19, 0xbe, - 0xfd, 0xdf, 0x92, 0xc0, 0x29, 0x7d, 0xd1, 0xc5, 0x2e, 0x3d, 0x83, 0x27, 0xb0, 0xcd, 0x7f, 0x1a, - 0xb0, 0x36, 0xe1, 0xbb, 0xc1, 0x4d, 0x3c, 0x2f, 0xbc, 0x0b, 0x79, 0x79, 0x06, 0x8e, 0x4f, 0x9c, - 0xa7, 0x33, 0x8c, 0x8a, 0xe8, 0x2c, 0x8e, 0x0e, 0x6f, 0x39, 0xe6, 0xe3, 0x00, 0xd2, 0xfc, 0x47, - 0x0e, 0x4a, 0x63, 0x21, 0x7f, 0x7f, 0xd0, 0xef, 0x13, 0x7e, 0x13, 0x2d, 0xeb, 0x6f, 0x0d, 0xb8, - 0x15, 0x8f, 0x47, 0x27, 0xdc, 0x7d, 0x6b, 0x86, 0xbb, 0x0f, 0x82, 0xe0, 0x8e, 0x66, 0x72, 0xab, - 0x99, 0x04, 0xc4, 0x69, 0x06, 0xe8, 0x4f, 0x06, 0xdc, 0x0b, 0x50, 0xf4, 0x3b, 0x53, 0x6a, 0x85, - 0x8e, 0xcf, 0xd9, 0x53, 0xfc, 0xa2, 0xa6, 0x78, 0x6f, 0xeb, 0x13, 0xd0, 0xf1, 0x27, 0x72, 0x43, - 0xef, 0x1b, 0x70, 0x3b, 0x10, 0x48, 0xb3, 0xce, 0x5d, 0x13, 0xeb, 0xcf, 0x6b, 0xd6, 0xb7, 0xb7, - 0xce, 0x83, 0xc5, 0xe7, 0xb3, 0x31, 0x09, 0x14, 0xe3, 0xef, 0x1c, 0xd7, 0xf1, 0x5e, 0xf5, 0x07, - 0x03, 0x16, 0xf4, 0xa9, 0x86, 0x1e, 0xc6, 0xae, 0x72, 0x01, 0x44, 0xf9, 0xf2, 0x6b, 0x1c, 0x6a, - 0xea, 0x4b, 0x64, 0xe6, 0x92, 0xe8, 0x1f, 0x08, 0xa7, 0x67, 0x05, 0xff, 0xc1, 0xb3, 0x1a, 0xae, - 0x78, 0xc2, 0xf7, 0x05, 0x77, 0xdc, 0x6e, 0x7d, 0x31, 0x75, 0xe5, 0xfc, 0x12, 0x2c, 0x50, 0x57, - 0xdd, 0x4f, 0x55, 0xdf, 0x90, 0xaf, 0x2f, 0x8d, 0x86, 0xd5, 0x85, 0x9d, 0x60, 0x08, 0x8f, 0xe7, - 0x4c, 0x0a, 0x25, 0xcd, 0xfb, 0x3a, 0xed, 0x53, 0xbf, 0xff, 0xfc, 0x45, 0x65, 0xee, 0xc3, 0x17, - 0x95, 0xb9, 0x8f, 0x5e, 0x54, 0xe6, 0x7e, 0x32, 0xaa, 0x18, 0xcf, 0x47, 0x15, 0xe3, 0xc3, 0x51, - 0xc5, 0xf8, 0x68, 0x54, 0x31, 0xfe, 0x3a, 0xaa, 0x18, 0xbf, 0xfa, 0xb8, 0x32, 0xf7, 0xbd, 0x05, - 0xed, 0xfa, 0xff, 0x04, 0x00, 0x00, 0xff, 0xff, 0xf8, 0xf6, 0x1d, 0x1d, 0x62, 0x1e, 0x00, 0x00, + 0xdb, 0x1c, 0xf7, 0xb8, 0x1c, 0xb0, 0x18, 0xaf, 0xe0, 0xca, 0x01, 0x09, 0xa1, 0x9c, 0x50, 0x55, + 0x57, 0x3f, 0x9d, 0x6c, 0xb2, 0xd8, 0x89, 0x90, 0xe0, 0x14, 0x77, 0xd5, 0x57, 0xdf, 0xef, 0x57, + 0xdf, 0xab, 0xbe, 0xaa, 0xc0, 0x5e, 0xcf, 0xe1, 0x47, 0xc3, 0x43, 0xc3, 0xa2, 0x83, 0xc6, 0xc9, + 0xe0, 0x2d, 0x93, 0x91, 0xfb, 0xdc, 0x74, 0xdf, 0x1e, 0x36, 0x4c, 0x97, 0x33, 0x62, 0x36, 0xbc, + 0xe3, 0x5e, 0xc3, 0xf4, 0x1c, 0xbf, 0x61, 0x51, 0x97, 0x33, 0xda, 0xf7, 0xfa, 0xa6, 0x4b, 0x1a, + 0x27, 0x0f, 0x0e, 0x09, 0x37, 0x37, 0x1b, 0x3d, 0xe2, 0x12, 0x66, 0x72, 0x62, 0x1b, 0x1e, 0xa3, + 0x9c, 0xa2, 0xd7, 0x63, 0x6d, 0x46, 0xa0, 0xed, 0xbb, 0x52, 0x9b, 0x11, 0x68, 0x33, 0xbc, 0xe3, + 0x9e, 0x21, 0xb4, 0x19, 0x49, 0x6d, 0x86, 0xd2, 0x76, 0xf7, 0x7e, 0x82, 0x4b, 0x8f, 0xf6, 0x68, + 0x43, 0x2a, 0x3d, 0x1c, 0x76, 0xe5, 0x97, 0xfc, 0x90, 0xbf, 0x02, 0xb0, 0xbb, 0x6f, 0x5c, 0x95, + 0xba, 0xcf, 0x4d, 0xee, 0x37, 0x4e, 0x1e, 0x98, 0x7d, 0xef, 0xc8, 0x7c, 0x90, 0x25, 0x7d, 0xf7, + 0xe1, 0xf1, 0x23, 0xdf, 0x70, 0xa8, 0x90, 0x1d, 0x98, 0xd6, 0x91, 0xe3, 0x12, 0x76, 0x1a, 0x2f, + 0x1e, 0x10, 0x6e, 0x36, 0x4e, 0x26, 0x57, 0x35, 0x2e, 0x5a, 0xc5, 0x86, 0x2e, 0x77, 0x06, 0x64, + 0x62, 0xc1, 0x97, 0x2f, 0x5b, 0xe0, 0x5b, 0x47, 0x64, 0x60, 0x4e, 0xac, 0xfb, 0xe2, 0x45, 0xeb, + 0x86, 0xdc, 0xe9, 0x37, 0x1c, 0x97, 0xfb, 0x9c, 0x65, 0x17, 0xe9, 0xff, 0xd4, 0xa0, 0xbc, 0x65, + 0xdb, 0x8c, 0xf8, 0xfe, 0x2e, 0xa3, 0x43, 0x0f, 0x7d, 0x0f, 0x16, 0xc5, 0x4e, 0x6c, 0x93, 0x9b, + 0x55, 0x6d, 0x5d, 0xdb, 0x58, 0xda, 0x7c, 0xcd, 0x08, 0x14, 0x1b, 0x49, 0xc5, 0xb1, 0x87, 0x84, + 0xb4, 0x71, 0xf2, 0xc0, 0x78, 0x7a, 0xf8, 0x7d, 0x62, 0xf1, 0x27, 0x84, 0x9b, 0x4d, 0xf4, 0x62, + 0x54, 0x9f, 0x1b, 0x8f, 0xea, 0x10, 0x8f, 0xe1, 0x48, 0x2b, 0xfa, 0x89, 0x06, 0xe5, 0x9e, 0xc0, + 0x7a, 0x42, 0x06, 0x87, 0x84, 0xf9, 0xd5, 0xdc, 0x7a, 0x7e, 0x63, 0x69, 0xb3, 0x65, 0x4c, 0x13, + 0x13, 0xc6, 0x6e, 0xac, 0xb1, 0xf9, 0x8a, 0xc2, 0x2f, 0x27, 0x06, 0x7d, 0x9c, 0x02, 0xd5, 0x5f, + 0x6a, 0x50, 0x49, 0x6e, 0x7c, 0xcf, 0xf1, 0x39, 0xfa, 0xce, 0xc4, 0xe6, 0x8d, 0xab, 0x6d, 0x5e, + 0xac, 0x96, 0x5b, 0xaf, 0x28, 0xe8, 0xc5, 0x70, 0x24, 0xb1, 0x71, 0x0a, 0x45, 0x87, 0x93, 0x41, + 0xb8, 0xe1, 0x6f, 0x4e, 0xb7, 0xe1, 0x24, 0xf9, 0xe6, 0xb2, 0x82, 0x2d, 0xb6, 0x04, 0x00, 0x0e, + 0x70, 0xf4, 0x77, 0xf3, 0xb0, 0x9a, 0x14, 0xeb, 0x98, 0xdc, 0x3a, 0xba, 0x01, 0x0f, 0xff, 0x4a, + 0x83, 0x55, 0xd3, 0xb6, 0x89, 0xbd, 0x7b, 0xad, 0x6e, 0xfe, 0xa4, 0x22, 0x21, 0xf6, 0x98, 0xc6, + 0xc2, 0x93, 0xf0, 0xe8, 0x37, 0x1a, 0xac, 0x31, 0x32, 0xa0, 0x27, 0x19, 0x5a, 0xf9, 0x59, 0xd3, + 0xfa, 0x94, 0xa2, 0xb5, 0x86, 0x27, 0xd1, 0xf0, 0x79, 0x14, 0xf4, 0x7f, 0x69, 0xb0, 0xb2, 0xe5, + 0x79, 0x7d, 0x87, 0xd8, 0x07, 0xf4, 0x7f, 0x2b, 0x0d, 0xff, 0xaa, 0x01, 0x4a, 0x6f, 0xfd, 0x06, + 0x12, 0xf1, 0xcd, 0x74, 0x22, 0xee, 0x4d, 0x99, 0x88, 0x29, 0xfa, 0x17, 0xa4, 0xe2, 0x7b, 0x79, + 0x58, 0x4b, 0x0b, 0xfe, 0x3f, 0x19, 0xff, 0x3b, 0x93, 0xf1, 0x9d, 0x1c, 0xac, 0x3d, 0xee, 0x0f, + 0x7d, 0x4e, 0x58, 0x8a, 0xf2, 0xf5, 0x7b, 0xea, 0xe7, 0x1a, 0x54, 0x48, 0xb7, 0x4b, 0x2c, 0xee, + 0x9c, 0x90, 0x6b, 0x73, 0x54, 0x55, 0x71, 0xa8, 0xec, 0x64, 0xa0, 0xf0, 0x04, 0xb8, 0xde, 0x87, + 0x3b, 0x3b, 0xcf, 0x39, 0x61, 0xae, 0xd9, 0xdf, 0x71, 0xb9, 0xc3, 0x4f, 0x31, 0xe9, 0x12, 0x46, + 0x5c, 0x8b, 0xa0, 0x75, 0x28, 0xb8, 0xe6, 0x80, 0x48, 0x53, 0x94, 0x9a, 0x65, 0xa5, 0xb4, 0xd0, + 0x36, 0x07, 0x04, 0xcb, 0x19, 0xd4, 0x80, 0x92, 0xf8, 0xeb, 0x7b, 0xa6, 0x45, 0xaa, 0x39, 0x29, + 0xb6, 0xaa, 0xc4, 0x4a, 0xed, 0x70, 0x02, 0xc7, 0x32, 0xc2, 0xf2, 0x15, 0xc9, 0x74, 0xcb, 0xf7, + 0xa9, 0xe5, 0x98, 0xdc, 0xa1, 0xee, 0xcd, 0x24, 0x48, 0xc5, 0x54, 0x88, 0x2a, 0x16, 0x66, 0x54, + 0x19, 0xa4, 0xae, 0xc8, 0x64, 0xb1, 0xe5, 0xb7, 0x32, 0x68, 0x78, 0x02, 0x5f, 0xff, 0x6d, 0x1e, + 0x96, 0x12, 0x5e, 0x43, 0x04, 0xf2, 0x1e, 0xb5, 0x95, 0x05, 0xa6, 0xec, 0x1c, 0x3a, 0xd4, 0x8e, + 0x49, 0x2d, 0x8c, 0x47, 0xf5, 0xbc, 0x18, 0x11, 0xfa, 0xd1, 0x2f, 0x35, 0x58, 0x21, 0x29, 0x8f, + 0x4b, 0xcf, 0x2d, 0x6d, 0x3e, 0x9b, 0x0e, 0xf2, 0x82, 0x28, 0x6a, 0xa2, 0xf1, 0xa8, 0xbe, 0x92, + 0x99, 0xcc, 0x10, 0x40, 0x9f, 0x87, 0xbc, 0xe3, 0x05, 0xa5, 0xa1, 0xdc, 0x7c, 0x45, 0xd0, 0x6d, + 0x75, 0xfc, 0xb3, 0x51, 0xbd, 0xd4, 0xea, 0xa8, 0xe6, 0x06, 0x0b, 0x01, 0xd4, 0x87, 0xa2, 0x47, + 0x19, 0xf7, 0xab, 0x05, 0xe9, 0xbb, 0xdd, 0xe9, 0x18, 0x8b, 0x08, 0xb5, 0x3b, 0x94, 0xf1, 0xb8, + 0xa0, 0x8b, 0x2f, 0x1f, 0x07, 0x20, 0xfa, 0x7b, 0x1a, 0xac, 0xa4, 0xfd, 0x9b, 0x0e, 0x78, 0xed, + 0xf2, 0x80, 0x8f, 0x72, 0x28, 0x77, 0x61, 0x0e, 0x35, 0x21, 0x3f, 0x74, 0xec, 0x6a, 0x5e, 0x0a, + 0xbc, 0xa6, 0x04, 0xf2, 0xcf, 0x5a, 0xdb, 0x67, 0xa3, 0xfa, 0xab, 0x17, 0xf5, 0xfb, 0xfc, 0xd4, + 0x23, 0xbe, 0xf1, 0xac, 0xb5, 0x8d, 0xc5, 0x62, 0xfd, 0xcf, 0x1a, 0x2c, 0xb4, 0x3a, 0xcd, 0x3e, + 0xb5, 0x8e, 0x11, 0x81, 0x82, 0xe5, 0xd8, 0x4c, 0xc5, 0xd1, 0xe3, 0xe9, 0x4c, 0xd4, 0xea, 0xb4, + 0x09, 0x8f, 0x69, 0x3f, 0x6e, 0x6d, 0x63, 0x2c, 0xd5, 0xa3, 0x63, 0x98, 0x27, 0xcf, 0x2d, 0xe2, + 0x71, 0x95, 0x47, 0x33, 0x01, 0x5a, 0x51, 0x40, 0xf3, 0x3b, 0x52, 0x35, 0x56, 0x10, 0x7a, 0x17, + 0x8a, 0x52, 0x00, 0x7d, 0x06, 0x72, 0x8e, 0x27, 0xb7, 0x56, 0x6e, 0xae, 0x8d, 0x47, 0xf5, 0x5c, + 0xab, 0x93, 0x0e, 0x93, 0x9c, 0xe3, 0xa1, 0x47, 0x50, 0xf6, 0x18, 0xe9, 0x3a, 0xcf, 0xf7, 0x88, + 0xdb, 0xe3, 0x47, 0xd2, 0xf6, 0xc5, 0xb8, 0x55, 0xe9, 0x24, 0xe6, 0x70, 0x4a, 0x52, 0x7f, 0x47, + 0x83, 0x52, 0x14, 0x15, 0xc2, 0x77, 0x22, 0x10, 0x24, 0x5c, 0x31, 0x36, 0x82, 0x98, 0xc3, 0x72, + 0xe6, 0x0a, 0xde, 0x7d, 0x04, 0x8b, 0xf2, 0x16, 0x66, 0xd1, 0xbe, 0x72, 0xf1, 0xbd, 0xb0, 0x6b, + 0xe9, 0xa8, 0xf1, 0xb3, 0xc4, 0x6f, 0x1c, 0x49, 0xeb, 0x3f, 0x2d, 0xc0, 0x72, 0x9b, 0xf0, 0xb7, + 0x28, 0x3b, 0xee, 0xd0, 0xbe, 0x63, 0x9d, 0xde, 0x40, 0x9d, 0xe4, 0x50, 0x64, 0xc3, 0x3e, 0x09, + 0x6b, 0xe3, 0xd3, 0x29, 0xf3, 0x2b, 0xc9, 0x1e, 0x0f, 0xfb, 0x24, 0xce, 0x33, 0xf1, 0xe5, 0xe3, + 0x00, 0x0c, 0x7d, 0x0d, 0x6e, 0x99, 0xa9, 0xbe, 0x29, 0xa8, 0x04, 0x25, 0xe9, 0xe1, 0x5b, 0xe9, + 0x96, 0xca, 0xc7, 0x59, 0x59, 0xb4, 0x21, 0x4c, 0xec, 0x50, 0x26, 0x2a, 0x59, 0x61, 0x5d, 0xdb, + 0xd0, 0x9a, 0xe5, 0xc0, 0xbc, 0xc1, 0x18, 0x8e, 0x66, 0xd1, 0x43, 0x28, 0x73, 0x87, 0xb0, 0x70, + 0xa6, 0x5a, 0x94, 0x8e, 0xad, 0x88, 0xa0, 0x38, 0x48, 0x8c, 0xe3, 0x94, 0x14, 0xfa, 0xb1, 0x06, + 0x25, 0x9f, 0x0e, 0x99, 0x45, 0x30, 0xe9, 0x56, 0xe7, 0xa5, 0xe1, 0x0f, 0x66, 0x69, 0x99, 0xa8, + 0x54, 0x2e, 0x8b, 0x32, 0xb2, 0x1f, 0x42, 0xe1, 0x18, 0x55, 0xff, 0x50, 0x83, 0xd5, 0xd4, 0xa2, + 0x1b, 0x68, 0xa1, 0xbd, 0x74, 0x0b, 0xfd, 0xad, 0x19, 0x6e, 0xf9, 0x82, 0x0e, 0xfa, 0x07, 0x70, + 0x27, 0x25, 0xd6, 0xa6, 0x36, 0xd9, 0xe7, 0x26, 0x1f, 0xfa, 0xe8, 0x0b, 0xb0, 0xe8, 0x52, 0x9b, + 0xb4, 0xe3, 0x7e, 0x24, 0xa2, 0xde, 0x56, 0xe3, 0x38, 0x92, 0x40, 0x9b, 0x00, 0xea, 0x15, 0xc4, + 0xa1, 0xae, 0xcc, 0xce, 0x7c, 0x1c, 0xf9, 0xbb, 0xd1, 0x0c, 0x4e, 0x48, 0xe9, 0x7f, 0xcc, 0x9a, + 0xb8, 0x43, 0x08, 0x43, 0x5f, 0x81, 0x65, 0x33, 0x71, 0xbd, 0xf6, 0xab, 0x9a, 0x8c, 0xcc, 0xd5, + 0xf1, 0xa8, 0xbe, 0x9c, 0xbc, 0x77, 0xfb, 0x38, 0x2d, 0x87, 0x7c, 0x58, 0x74, 0x3c, 0x59, 0x91, + 0x43, 0x03, 0xee, 0x4c, 0x5b, 0x21, 0xa5, 0xb6, 0x78, 0xdf, 0x6a, 0xc0, 0xc7, 0x11, 0x90, 0xfe, + 0x37, 0x0d, 0x3e, 0x71, 0x7e, 0x6c, 0xa1, 0x2f, 0x41, 0x41, 0x1c, 0x1a, 0xca, 0x78, 0xaf, 0x86, + 0xa5, 0xea, 0xe0, 0xd4, 0x23, 0x67, 0xa3, 0x7a, 0x7a, 0xe7, 0x62, 0x10, 0x4b, 0xf1, 0x8f, 0xdd, + 0xe1, 0x45, 0x25, 0x31, 0x7f, 0xd9, 0x81, 0x57, 0x98, 0xe6, 0xc0, 0xfb, 0x53, 0x31, 0xe3, 0x2c, + 0x51, 0x50, 0xd0, 0xeb, 0x50, 0xb2, 0x1d, 0x26, 0xfa, 0x5b, 0xea, 0xaa, 0x8d, 0xd6, 0x42, 0xb2, + 0xdb, 0xe1, 0xc4, 0x59, 0xf2, 0x03, 0xc7, 0x0b, 0xd0, 0x9b, 0x50, 0xe8, 0x32, 0x3a, 0x50, 0xdd, + 0xd0, 0x2c, 0x6b, 0x9f, 0x88, 0xa4, 0xd8, 0x14, 0x6f, 0x30, 0x3a, 0xc0, 0x12, 0x0a, 0x1d, 0x43, + 0x8e, 0x53, 0x69, 0xaa, 0x6b, 0x00, 0x04, 0x05, 0x98, 0x3b, 0xa0, 0x38, 0xc7, 0xa9, 0x88, 0x48, + 0x9f, 0xb0, 0x13, 0xc7, 0x22, 0x61, 0xff, 0x34, 0x65, 0x44, 0xee, 0x07, 0xda, 0xe2, 0x88, 0x54, + 0x03, 0x3e, 0x8e, 0x80, 0x44, 0xde, 0x7a, 0x99, 0x72, 0x1b, 0x9f, 0x7f, 0x13, 0x05, 0x9a, 0xc0, + 0xbc, 0x19, 0x78, 0x6f, 0x5e, 0x7a, 0xef, 0x89, 0xe8, 0x05, 0xb6, 0x42, 0xb7, 0x7d, 0xfd, 0xca, + 0xef, 0xd3, 0xcc, 0x8e, 0x9e, 0x78, 0x0d, 0x11, 0x19, 0x81, 0x0a, 0xac, 0x94, 0xa3, 0xaf, 0xc2, + 0x32, 0x71, 0xcd, 0xc3, 0x3e, 0xd9, 0xa3, 0xbd, 0x9e, 0xe3, 0xf6, 0xaa, 0x0b, 0xeb, 0xda, 0xc6, + 0x62, 0xf3, 0xb6, 0x62, 0xb6, 0xbc, 0x93, 0x9c, 0xc4, 0x69, 0xd9, 0xf3, 0x4e, 0xab, 0xc5, 0x8f, + 0x71, 0x5a, 0x85, 0xf9, 0x51, 0xba, 0x28, 0x3f, 0xf4, 0xdf, 0xe7, 0x01, 0xa5, 0xbc, 0x29, 0x4a, + 0xa0, 0x2f, 0xfa, 0xf6, 0x65, 0x37, 0x39, 0xac, 0x4a, 0xfe, 0xf5, 0x1c, 0x45, 0x91, 0x2d, 0xd2, + 0xf3, 0x69, 0x06, 0xe8, 0x87, 0x50, 0xe6, 0xcc, 0xec, 0x76, 0x1d, 0x4b, 0x72, 0x54, 0xa9, 0xb3, + 0x7d, 0x65, 0x46, 0xf2, 0x35, 0xde, 0x88, 0x5c, 0x75, 0x90, 0xd0, 0x15, 0xf7, 0x6b, 0xc9, 0x51, + 0x9c, 0xc2, 0x43, 0x3f, 0xd3, 0xa0, 0x22, 0x7a, 0x88, 0xa4, 0x88, 0x7a, 0x60, 0xf8, 0xc6, 0x7f, + 0x4a, 0x02, 0x67, 0xf4, 0xc5, 0x77, 0xba, 0xec, 0x0c, 0x9e, 0xc0, 0xd6, 0xff, 0xa1, 0xc1, 0xda, + 0x84, 0xef, 0x86, 0x37, 0xf1, 0xb2, 0xf0, 0x36, 0x14, 0xc5, 0xf1, 0x17, 0x1e, 0x36, 0xcf, 0x66, + 0x18, 0x15, 0xf1, 0x31, 0x1c, 0x9f, 0xdb, 0x62, 0xcc, 0xc7, 0x01, 0xa4, 0xfe, 0xf7, 0x02, 0x54, + 0x42, 0x21, 0x7f, 0x7f, 0x38, 0x18, 0x98, 0xec, 0x26, 0xba, 0xd5, 0x5f, 0x6b, 0x70, 0x2b, 0x19, + 0x8f, 0x4e, 0xb4, 0xfb, 0xce, 0x0c, 0x77, 0x1f, 0x04, 0xc1, 0x1d, 0xc5, 0xe4, 0x56, 0x3b, 0x0d, + 0x88, 0xb3, 0x0c, 0xd0, 0x1f, 0x34, 0xb8, 0x17, 0xa0, 0xa8, 0x27, 0xa6, 0xcc, 0x0a, 0x15, 0x9f, + 0xb3, 0xa7, 0xf8, 0x59, 0x45, 0xf1, 0xde, 0xd6, 0x47, 0xa0, 0xe3, 0x8f, 0xe4, 0x86, 0xde, 0xd5, + 0xe0, 0x76, 0x20, 0x90, 0x65, 0x5d, 0xb8, 0x26, 0xd6, 0x9f, 0x56, 0xac, 0x6f, 0x6f, 0x9d, 0x07, + 0x8b, 0xcf, 0x67, 0xa3, 0x9b, 0x50, 0x4e, 0x3e, 0x71, 0x5c, 0xc7, 0x53, 0xd5, 0xef, 0x34, 0x58, + 0x50, 0x07, 0x1a, 0x7a, 0x98, 0xb8, 0xc5, 0x05, 0x10, 0xd5, 0xcb, 0x6f, 0x70, 0xa8, 0xad, 0xee, + 0x8f, 0xb9, 0x4b, 0xa2, 0x7f, 0xc8, 0x9d, 0xbe, 0x11, 0xfc, 0xf3, 0xce, 0x68, 0xb9, 0xfc, 0x29, + 0xdb, 0xe7, 0xcc, 0x71, 0x7b, 0xcd, 0xc5, 0xcc, 0x6d, 0xf3, 0x73, 0xb0, 0x40, 0x5c, 0x79, 0x35, + 0x95, 0x2d, 0x43, 0xb1, 0xb9, 0x34, 0x1e, 0xd5, 0x17, 0x76, 0x82, 0x21, 0x1c, 0xce, 0xe9, 0x04, + 0x2a, 0x8a, 0xf7, 0x75, 0xda, 0xa7, 0x79, 0xff, 0xc5, 0xcb, 0xda, 0xdc, 0xfb, 0x2f, 0x6b, 0x73, + 0x1f, 0xbc, 0xac, 0xcd, 0xfd, 0x68, 0x5c, 0xd3, 0x5e, 0x8c, 0x6b, 0xda, 0xfb, 0xe3, 0x9a, 0xf6, + 0xc1, 0xb8, 0xa6, 0xfd, 0x65, 0x5c, 0xd3, 0x7e, 0xf1, 0x61, 0x6d, 0xee, 0xdb, 0x0b, 0xca, 0xf5, + 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x52, 0x8e, 0x3c, 0xbb, 0x5d, 0x1e, 0x00, 0x00, } func (m *AddressGroup) Marshal() (dAtA []byte, err error) { @@ -5952,7 +5952,7 @@ func (m *NetworkPolicyRule) Unmarshal(dAtA []byte) error { if postIndex > l { return io.ErrUnexpectedEOF } - s := github_com_vmware_tanzu_antrea_pkg_apis_security_v1alpha1.RuleAction(dAtA[iNdEx:postIndex]) + s := github_com_vmware_tanzu_antrea_pkg_apis_crd_v1alpha1.RuleAction(dAtA[iNdEx:postIndex]) m.Action = &s iNdEx = postIndex case 7: diff --git a/pkg/apis/controlplane/v1beta2/register.go b/pkg/apis/controlplane/v1beta2/register.go index 16b87770059..e3e05056477 100644 --- a/pkg/apis/controlplane/v1beta2/register.go +++ b/pkg/apis/controlplane/v1beta2/register.go @@ -21,7 +21,7 @@ import ( ) // GroupName is the group name used in this package. -const GroupName = "controlplane.antrea.tanzu.vmware.com" +const GroupName = "controlplane.antrea.io" var ( // SchemeGroupVersion is group version used to register these objects. diff --git a/pkg/apis/controlplane/v1beta2/types.go b/pkg/apis/controlplane/v1beta2/types.go index 8971d9cd7db..e8853bedbc4 100644 --- a/pkg/apis/controlplane/v1beta2/types.go +++ b/pkg/apis/controlplane/v1beta2/types.go @@ -19,7 +19,7 @@ import ( "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/intstr" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" ) @@ -211,7 +211,7 @@ type NetworkPolicyRule struct { // Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty // action “nil” defaults to Allow action, which would be the case for rules created for // K8s Network Policy. - Action *secv1alpha1.RuleAction `json:"action,omitempty" protobuf:"bytes,6,opt,name=action,casttype=github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1.RuleAction"` + Action *crdv1alpha1.RuleAction `json:"action,omitempty" protobuf:"bytes,6,opt,name=action,casttype=github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1.RuleAction"` // EnableLogging indicates whether or not to generate logs when rules are matched. Default to false. EnableLogging bool `json:"enableLogging" protobuf:"varint,7,opt,name=enableLogging"` // AppliedToGroups is a list of names of AppliedToGroups to which this rule applies. diff --git a/pkg/apis/controlplane/v1beta2/zz_generated.conversion.go b/pkg/apis/controlplane/v1beta2/zz_generated.conversion.go index df96c72faaa..40c2027efae 100644 --- a/pkg/apis/controlplane/v1beta2/zz_generated.conversion.go +++ b/pkg/apis/controlplane/v1beta2/zz_generated.conversion.go @@ -22,7 +22,7 @@ import ( unsafe "unsafe" controlplane "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" conversion "k8s.io/apimachinery/pkg/conversion" runtime "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/apis/controlplane/v1beta2/zz_generated.deepcopy.go b/pkg/apis/controlplane/v1beta2/zz_generated.deepcopy.go index c19334e2fa9..55c33fa5ce0 100644 --- a/pkg/apis/controlplane/v1beta2/zz_generated.deepcopy.go +++ b/pkg/apis/controlplane/v1beta2/zz_generated.deepcopy.go @@ -19,7 +19,7 @@ package v1beta2 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" intstr "k8s.io/apimachinery/pkg/util/intstr" diff --git a/pkg/apis/controlplane/zz_generated.deepcopy.go b/pkg/apis/controlplane/zz_generated.deepcopy.go index d6856f8c2d9..67983707d91 100644 --- a/pkg/apis/controlplane/zz_generated.deepcopy.go +++ b/pkg/apis/controlplane/zz_generated.deepcopy.go @@ -19,7 +19,7 @@ package controlplane import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" runtime "k8s.io/apimachinery/pkg/runtime" intstr "k8s.io/apimachinery/pkg/util/intstr" diff --git a/pkg/apis/crd/doc.go b/pkg/apis/crd/doc.go new file mode 100644 index 00000000000..8903842dba8 --- /dev/null +++ b/pkg/apis/crd/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:deepcopy-gen=package +// +groupName=crd.antrea.io + +package crd diff --git a/pkg/apis/crd/register.go b/pkg/apis/crd/register.go new file mode 100644 index 00000000000..ff12237db7c --- /dev/null +++ b/pkg/apis/crd/register.go @@ -0,0 +1,20 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crd + +// GroupName is the group name used in this package +const ( + GroupName = "crd.antrea.io" +) diff --git a/pkg/apis/crd/v1alpha1/doc.go b/pkg/apis/crd/v1alpha1/doc.go new file mode 100644 index 00000000000..2914f1ed7d7 --- /dev/null +++ b/pkg/apis/crd/v1alpha1/doc.go @@ -0,0 +1,20 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=crd.antrea.io + +package v1alpha1 diff --git a/pkg/apis/crd/v1alpha1/register.go b/pkg/apis/crd/v1alpha1/register.go new file mode 100644 index 00000000000..96754a04c48 --- /dev/null +++ b/pkg/apis/crd/v1alpha1/register.go @@ -0,0 +1,67 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +const GroupName = "crd.antrea.io" + +var SchemeGroupVersion = schema.GroupVersion{ + Group: GroupName, + Version: "v1alpha1", +} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + localSchemeBuilder.Register(addKnownTypes) +} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes( + SchemeGroupVersion, + &Traceflow{}, + &TraceflowList{}, + &NetworkPolicy{}, + &NetworkPolicyList{}, + &ClusterNetworkPolicy{}, + &ClusterNetworkPolicyList{}, + &Tier{}, + &TierList{}, + ) + + metav1.AddToGroupVersion( + scheme, + SchemeGroupVersion, + ) + return nil +} diff --git a/pkg/apis/security/v1alpha1/types.go b/pkg/apis/crd/v1alpha1/types.go similarity index 59% rename from pkg/apis/security/v1alpha1/types.go rename to pkg/apis/crd/v1alpha1/types.go index 164a1458931..ed7652b667f 100644 --- a/pkg/apis/security/v1alpha1/types.go +++ b/pkg/apis/crd/v1alpha1/types.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,6 +20,234 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" ) +type TraceflowPhase string + +const ( + Pending TraceflowPhase = "Pending" + Running TraceflowPhase = "Running" + Succeeded TraceflowPhase = "Succeeded" + Failed TraceflowPhase = "Failed" +) + +type TraceflowComponent string + +const ( + SpoofGuard TraceflowComponent = "SpoofGuard" + LB TraceflowComponent = "LB" + Routing TraceflowComponent = "Routing" + ComponentNetworkPolicy TraceflowComponent = "NetworkPolicy" + Forwarding TraceflowComponent = "Forwarding" +) + +type TraceflowAction string + +const ( + Delivered TraceflowAction = "Delivered" + Received TraceflowAction = "Received" + Forwarded TraceflowAction = "Forwarded" + Dropped TraceflowAction = "Dropped" + // ForwardedOutOfOverlay indicates that the packet has been forwarded out of the network + // managed by Antrea. This indicates that the Traceflow request can be considered complete. + ForwardedOutOfOverlay TraceflowAction = "ForwardedOutOfOverlay" +) + +// List the supported protocols and their codes in traceflow. +// According to code in Antrea agent and controller, default protocol is ICMP if protocol is not inputted by users. +const ( + ICMPProtocol int32 = 1 + TCPProtocol int32 = 6 + UDPProtocol int32 = 17 + SCTPProtocol int32 = 132 +) + +var SupportedProtocols = map[string]int32{ + "TCP": TCPProtocol, + "UDP": UDPProtocol, + "ICMP": ICMPProtocol, +} + +var ProtocolsToString = map[int32]string{ + TCPProtocol: "TCP", + UDPProtocol: "UDP", + ICMPProtocol: "ICMP", + SCTPProtocol: "SCTP", +} + +// List the supported destination types in traceflow. +const ( + DstTypePod = "Pod" + DstTypeService = "Service" + DstTypeIPv4 = "IPv4" +) + +var SupportedDestinationTypes = []string{ + DstTypePod, + DstTypeService, + DstTypeIPv4, +} + +// List the ethernet types. +const ( + EtherTypeIPv4 uint16 = 0x0800 + EtherTypeIPv6 uint16 = 0x86DD +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type Traceflow struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec TraceflowSpec `json:"spec,omitempty"` + Status TraceflowStatus `json:"status,omitempty"` +} + +// TraceflowSpec describes the spec of the traceflow. +type TraceflowSpec struct { + Source Source `json:"source,omitempty"` + Destination Destination `json:"destination,omitempty"` + Packet Packet `json:"packet,omitempty"` +} + +// Source describes the source spec of the traceflow. +type Source struct { + // Namespace is the source namespace. + Namespace string `json:"namespace,omitempty"` + // Pod is the source pod. + Pod string `json:"pod,omitempty"` +} + +// Destination describes the destination spec of the traceflow. +type Destination struct { + // Namespace is the destination namespace. + Namespace string `json:"namespace,omitempty"` + // Pod is the destination pod, exclusive with destination service. + Pod string `json:"pod,omitempty"` + // Service is the destination service, exclusive with destination pod. + Service string `json:"service,omitempty"` + // IP is the destination IPv4 or IPv6 address. + IP string `json:"ip,omitempty"` +} + +// IPHeader describes spec of an IPv4 header. +type IPHeader struct { + // SrcIP is the source IP. + SrcIP string `json:"srcIP,omitempty"` + // Protocol is the IP protocol. + Protocol int32 `json:"protocol,omitempty"` + // TTL is the IP TTL. + TTL int32 `json:"ttl,omitempty"` + // Flags is the flags for IP. + Flags int32 `json:"flags,omitempty"` +} + +// IPv6Header describes spec of an IPv6 header. +type IPv6Header struct { + // SrcIP is the source IPv6. + SrcIP string `json:"srcIP,omitempty"` + // NextHeader is the IPv6 protocol. + NextHeader *int32 `json:"nextHeader,omitempty"` + // HopLimit is the IPv6 Hop Limit. + HopLimit int32 `json:"hopLimit,omitempty"` +} + +// TransportHeader describes spec of a TransportHeader. +type TransportHeader struct { + ICMP *ICMPEchoRequestHeader `json:"icmp,omitempty"` + UDP *UDPHeader `json:"udp,omitempty"` + TCP *TCPHeader `json:"tcp,omitempty"` +} + +// ICMPEchoRequestHeader describes spec of an ICMP echo request header. +type ICMPEchoRequestHeader struct { + // ID is the ICMPEchoRequestHeader ID. + ID int32 `json:"id,omitempty"` + // Sequence is the ICMPEchoRequestHeader sequence. + Sequence int32 `json:"sequence,omitempty"` +} + +// UDPHeader describes spec of a UDP header. +type UDPHeader struct { + // SrcPort is the source port. + SrcPort int32 `json:"srcPort,omitempty"` + // DstPort is the destination port. + DstPort int32 `json:"dstPort,omitempty"` +} + +// TCPHeader describes spec of a TCP header. +type TCPHeader struct { + // SrcPort is the source port. + SrcPort int32 `json:"srcPort,omitempty"` + // DstPort is the destination port. + DstPort int32 `json:"dstPort,omitempty"` + // Flags are flags in the header. + Flags int32 `json:"flags,omitempty"` +} + +// Packet includes header info. +type Packet struct { + // TODO: change type IPHeader to *IPHeader and correct all internal references + IPHeader IPHeader `json:"ipHeader,omitempty"` + IPv6Header *IPv6Header `json:"ipv6Header,omitempty"` + TransportHeader TransportHeader `json:"transportHeader,omitempty"` +} + +// TraceflowStatus describes current status of the traceflow. +type TraceflowStatus struct { + // Phase is the Traceflow phase. + Phase TraceflowPhase `json:"phase,omitempty"` + // Reason is a message indicating the reason of the traceflow's current phase. + Reason string `json:"reason,omitempty"` + // DataplaneTag is a tag to identify a traceflow session across Nodes. + DataplaneTag uint8 `json:"dataplaneTag,omitempty"` + // Results is the collection of all observations on different nodes. + Results []NodeResult `json:"results,omitempty"` +} + +type NodeResult struct { + // Node is the node of the observation. + Node string `json:"node,omitempty" yaml:"node,omitempty"` + // Role of the node like sender, receiver, etc. + Role string `json:"role,omitempty" yaml:"role,omitempty"` + // Timestamp is the timestamp of the observations on the node. + Timestamp int64 `json:"timestamp,omitempty" yaml:"timestamp,omitempty"` + // Observations includes all observations from sender nodes, receiver ones, etc. + Observations []Observation `json:"observations,omitempty" yaml:"observations,omitempty"` +} + +// Observation describes those from sender nodes or receiver nodes. +type Observation struct { + // Component is the observation component. + Component TraceflowComponent `json:"component,omitempty" yaml:"component,omitempty"` + // ComponentInfo is the extension of Component field. + ComponentInfo string `json:"componentInfo,omitempty" yaml:"componentInfo,omitempty"` + // Action is the action to the observation. + Action TraceflowAction `json:"action,omitempty" yaml:"action,omitempty"` + // Pod is the combination of Pod name and Pod Namespace. + Pod string `json:"pod,omitempty" yaml:"pod,omitempty"` + // DstMAC is the destination MAC. + DstMAC string `json:"dstMAC,omitempty" yaml:"dstMAC,omitempty"` + // NetworkPolicy is the combination of Namespace and NetworkPolicyName. + NetworkPolicy string `json:"networkPolicy,omitempty" yaml:"networkPolicy,omitempty"` + // TTL is the observation TTL. + TTL int32 `json:"ttl,omitempty" yaml:"ttl,omitempty"` + // TranslatedSrcIP is the translated source IP. + TranslatedSrcIP string `json:"translatedSrcIP,omitempty" yaml:"translatedSrcIP,omitempty"` + // TranslatedDstIP is the translated destination IP. + TranslatedDstIP string `json:"translatedDstIP,omitempty" yaml:"translatedDstIP,omitempty"` + // TunnelDstIP is the tunnel destination IP. + TunnelDstIP string `json:"tunnelDstIP,omitempty" yaml:"tunnelDstIP,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TraceflowList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []Traceflow `json:"items"` +} + // +genclient // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object diff --git a/pkg/apis/security/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go similarity index 59% rename from pkg/apis/security/v1alpha1/zz_generated.deepcopy.go rename to pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go index 00ebad25951..7cc82efef09 100644 --- a/pkg/apis/security/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1alpha1/zz_generated.deepcopy.go @@ -123,6 +123,38 @@ func (in *ClusterNetworkPolicySpec) DeepCopy() *ClusterNetworkPolicySpec { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Destination) DeepCopyInto(out *Destination) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Destination. +func (in *Destination) DeepCopy() *Destination { + if in == nil { + return nil + } + out := new(Destination) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ICMPEchoRequestHeader) DeepCopyInto(out *ICMPEchoRequestHeader) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ICMPEchoRequestHeader. +func (in *ICMPEchoRequestHeader) DeepCopy() *ICMPEchoRequestHeader { + if in == nil { + return nil + } + out := new(ICMPEchoRequestHeader) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPBlock) DeepCopyInto(out *IPBlock) { *out = *in @@ -139,6 +171,43 @@ func (in *IPBlock) DeepCopy() *IPBlock { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPHeader) DeepCopyInto(out *IPHeader) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPHeader. +func (in *IPHeader) DeepCopy() *IPHeader { + if in == nil { + return nil + } + out := new(IPHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IPv6Header) DeepCopyInto(out *IPv6Header) { + *out = *in + if in.NextHeader != nil { + in, out := &in.NextHeader, &out.NextHeader + *out = new(int32) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPv6Header. +func (in *IPv6Header) DeepCopy() *IPv6Header { + if in == nil { + return nil + } + out := new(IPv6Header) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { *out = *in @@ -320,6 +389,66 @@ func (in *NetworkPolicyStatus) DeepCopy() *NetworkPolicyStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NodeResult) DeepCopyInto(out *NodeResult) { + *out = *in + if in.Observations != nil { + in, out := &in.Observations, &out.Observations + *out = make([]Observation, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeResult. +func (in *NodeResult) DeepCopy() *NodeResult { + if in == nil { + return nil + } + out := new(NodeResult) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Observation) DeepCopyInto(out *Observation) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Observation. +func (in *Observation) DeepCopy() *Observation { + if in == nil { + return nil + } + out := new(Observation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Packet) DeepCopyInto(out *Packet) { + *out = *in + out.IPHeader = in.IPHeader + if in.IPv6Header != nil { + in, out := &in.IPv6Header, &out.IPv6Header + *out = new(IPv6Header) + (*in).DeepCopyInto(*out) + } + in.TransportHeader.DeepCopyInto(&out.TransportHeader) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Packet. +func (in *Packet) DeepCopy() *Packet { + if in == nil { + return nil + } + out := new(Packet) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Rule) DeepCopyInto(out *Rule) { *out = *in @@ -369,6 +498,38 @@ func (in *Rule) DeepCopy() *Rule { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Source) DeepCopyInto(out *Source) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Source. +func (in *Source) DeepCopy() *Source { + if in == nil { + return nil + } + out := new(Source) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TCPHeader) DeepCopyInto(out *TCPHeader) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPHeader. +func (in *TCPHeader) DeepCopy() *TCPHeader { + if in == nil { + return nil + } + out := new(TCPHeader) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Tier) DeepCopyInto(out *Tier) { *out = *in @@ -444,3 +605,153 @@ func (in *TierSpec) DeepCopy() *TierSpec { in.DeepCopyInto(out) return out } + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Traceflow) DeepCopyInto(out *Traceflow) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Traceflow. +func (in *Traceflow) DeepCopy() *Traceflow { + if in == nil { + return nil + } + out := new(Traceflow) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Traceflow) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TraceflowList) DeepCopyInto(out *TraceflowList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Traceflow, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowList. +func (in *TraceflowList) DeepCopy() *TraceflowList { + if in == nil { + return nil + } + out := new(TraceflowList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TraceflowList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TraceflowSpec) DeepCopyInto(out *TraceflowSpec) { + *out = *in + out.Source = in.Source + out.Destination = in.Destination + in.Packet.DeepCopyInto(&out.Packet) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowSpec. +func (in *TraceflowSpec) DeepCopy() *TraceflowSpec { + if in == nil { + return nil + } + out := new(TraceflowSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TraceflowStatus) DeepCopyInto(out *TraceflowStatus) { + *out = *in + if in.Results != nil { + in, out := &in.Results, &out.Results + *out = make([]NodeResult, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowStatus. +func (in *TraceflowStatus) DeepCopy() *TraceflowStatus { + if in == nil { + return nil + } + out := new(TraceflowStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TransportHeader) DeepCopyInto(out *TransportHeader) { + *out = *in + if in.ICMP != nil { + in, out := &in.ICMP, &out.ICMP + *out = new(ICMPEchoRequestHeader) + **out = **in + } + if in.UDP != nil { + in, out := &in.UDP, &out.UDP + *out = new(UDPHeader) + **out = **in + } + if in.TCP != nil { + in, out := &in.TCP, &out.TCP + *out = new(TCPHeader) + **out = **in + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransportHeader. +func (in *TransportHeader) DeepCopy() *TransportHeader { + if in == nil { + return nil + } + out := new(TransportHeader) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *UDPHeader) DeepCopyInto(out *UDPHeader) { + *out = *in + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPHeader. +func (in *UDPHeader) DeepCopy() *UDPHeader { + if in == nil { + return nil + } + out := new(UDPHeader) + in.DeepCopyInto(out) + return out +} diff --git a/pkg/apis/crd/v1alpha2/doc.go b/pkg/apis/crd/v1alpha2/doc.go new file mode 100644 index 00000000000..a27a54303d8 --- /dev/null +++ b/pkg/apis/crd/v1alpha2/doc.go @@ -0,0 +1,19 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +groupName=crd.antrea.io + +package v1alpha2 // import "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" diff --git a/pkg/apis/crd/v1alpha2/register.go b/pkg/apis/crd/v1alpha2/register.go new file mode 100644 index 00000000000..f1b878cfb84 --- /dev/null +++ b/pkg/apis/crd/v1alpha2/register.go @@ -0,0 +1,55 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +// GroupName is the group name used in this package. +const GroupName = "crd.antrea.io" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha2"} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &ExternalEntity{}, + &ExternalEntityList{}, + &ClusterGroup{}, + &ClusterGroupList{}, + ) + + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/core/v1alpha2/types.go b/pkg/apis/crd/v1alpha2/types.go similarity index 97% rename from pkg/apis/core/v1alpha2/types.go rename to pkg/apis/crd/v1alpha2/types.go index 8bdc30b75df..bde109d799c 100644 --- a/pkg/apis/core/v1alpha2/types.go +++ b/pkg/apis/crd/v1alpha2/types.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,7 +18,7 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - secv1a1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) // +genclient @@ -120,7 +120,7 @@ type GroupSpec struct { // IPBlock cannot be set as part of the AppliedTo field. // Cannot be set with any other selector or ServiceReference. // +optional - IPBlock *secv1a1.IPBlock `json:"ipBlock,omitempty"` + IPBlock *v1alpha1.IPBlock `json:"ipBlock,omitempty"` // Select backend Pods of the referred Service. // Cannot be set with any other selector or ipBlock. // +optional diff --git a/pkg/apis/crd/v1alpha2/webhook.go b/pkg/apis/crd/v1alpha2/webhook.go new file mode 100644 index 00000000000..41e4b03b64c --- /dev/null +++ b/pkg/apis/crd/v1alpha2/webhook.go @@ -0,0 +1,81 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +import ( + "fmt" + "reflect" + + "k8s.io/apimachinery/pkg/runtime" +) + +// WebhookImpl implements webhook validator of a resource. +type WebhookImpl interface { + Default(in *ExternalEntity) + ValidateCreate(in *ExternalEntity) error + ValidateUpdate(in *ExternalEntity, old runtime.Object) error + ValidateDelete(in *ExternalEntity) error +} + +var ( + externalEntityWebhook WebhookImpl +) + +// RegisterWebhook registers webhook implementation of a resource. +func RegisterWebhook(in runtime.Object, webhook WebhookImpl) error { + switch in.(type) { + case *ExternalEntity: + if externalEntityWebhook != nil { + return fmt.Errorf("externalEntityWebhook already registered") + } + externalEntityWebhook = webhook + default: + return fmt.Errorf("unknown type %s to register webhook", reflect.TypeOf(in).Elem().Name()) + } + return nil +} + +// Default implements webhook Defaulter. +func (in *ExternalEntity) Default() { + if externalEntityWebhook != nil { + externalEntityWebhook.Default(in) + } + return +} + +// ValidateCreate implements webhook Validator. +func (in *ExternalEntity) ValidateCreate() error { + if externalEntityWebhook != nil { + return externalEntityWebhook.ValidateCreate(in) + } + return nil +} + +// ValidateUpdate implements webhook Validator. +func (in *ExternalEntity) ValidateUpdate(old runtime.Object) error { + if externalEntityWebhook != nil { + return externalEntityWebhook.ValidateUpdate(in, old) + } + + return nil +} + +// ValidateDelete implements webhook Validator. +func (in *ExternalEntity) ValidateDelete() error { + if externalEntityWebhook != nil { + return externalEntityWebhook.ValidateDelete(in) + } + return nil +} diff --git a/pkg/apis/core/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go similarity index 99% rename from pkg/apis/core/v1alpha2/zz_generated.deepcopy.go rename to pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go index 9fd81d3e8da..1671147e593 100644 --- a/pkg/apis/core/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1alpha2/zz_generated.deepcopy.go @@ -19,7 +19,7 @@ package v1alpha2 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/apis/crd/v1beta1/doc.go b/pkg/apis/crd/v1beta1/doc.go new file mode 100644 index 00000000000..69d80659ea6 --- /dev/null +++ b/pkg/apis/crd/v1beta1/doc.go @@ -0,0 +1,20 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=crd.antrea.io + +package v1beta1 diff --git a/pkg/apis/crd/v1beta1/register.go b/pkg/apis/crd/v1beta1/register.go new file mode 100644 index 00000000000..7ff2c5e2d64 --- /dev/null +++ b/pkg/apis/crd/v1beta1/register.go @@ -0,0 +1,56 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" +) + +var SchemeGroupVersion = schema.GroupVersion{ + Group: "crd.antrea.io", + Version: "v1beta1", +} + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + localSchemeBuilder.Register(addKnownTypes) +} + +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes( + SchemeGroupVersion, + &AntreaControllerInfo{}, + &AntreaControllerInfoList{}, + &AntreaAgentInfo{}, + &AntreaAgentInfoList{}, + ) + + metav1.AddToGroupVersion( + scheme, + SchemeGroupVersion, + ) + return nil +} diff --git a/pkg/apis/clusterinformation/v1beta1/types.go b/pkg/apis/crd/v1beta1/types.go similarity index 100% rename from pkg/apis/clusterinformation/v1beta1/types.go rename to pkg/apis/crd/v1beta1/types.go diff --git a/pkg/apis/clusterinformation/v1beta1/zz_generated.deepcopy.go b/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go similarity index 99% rename from pkg/apis/clusterinformation/v1beta1/zz_generated.deepcopy.go rename to pkg/apis/crd/v1beta1/zz_generated.deepcopy.go index 4ddaf1f37d3..7cf2b86aac0 100644 --- a/pkg/apis/clusterinformation/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go @@ -1,6 +1,6 @@ // +build !ignore_autogenerated -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/apis/ops/v1alpha1/types.go b/pkg/apis/ops/v1alpha1/types.go deleted file mode 100644 index 6dc68553b24..00000000000 --- a/pkg/apis/ops/v1alpha1/types.go +++ /dev/null @@ -1,247 +0,0 @@ -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package v1alpha1 - -import ( - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" -) - -type TraceflowPhase string - -const ( - Pending TraceflowPhase = "Pending" - Running TraceflowPhase = "Running" - Succeeded TraceflowPhase = "Succeeded" - Failed TraceflowPhase = "Failed" -) - -type TraceflowComponent string - -const ( - SpoofGuard TraceflowComponent = "SpoofGuard" - LB TraceflowComponent = "LB" - Routing TraceflowComponent = "Routing" - NetworkPolicy TraceflowComponent = "NetworkPolicy" - Forwarding TraceflowComponent = "Forwarding" -) - -type TraceflowAction string - -const ( - Delivered TraceflowAction = "Delivered" - Received TraceflowAction = "Received" - Forwarded TraceflowAction = "Forwarded" - Dropped TraceflowAction = "Dropped" - // ForwardedOutOfOverlay indicates that the packet has been forwarded out of the network - // managed by Antrea. This indicates that the Traceflow request can be considered complete. - ForwardedOutOfOverlay TraceflowAction = "ForwardedOutOfOverlay" -) - -// List the supported protocols and their codes in traceflow. -// According to code in Antrea agent and controller, default protocol is ICMP if protocol is not inputted by users. -const ( - ICMPProtocol int32 = 1 - TCPProtocol int32 = 6 - UDPProtocol int32 = 17 - SCTPProtocol int32 = 132 -) - -var SupportedProtocols = map[string]int32{ - "TCP": TCPProtocol, - "UDP": UDPProtocol, - "ICMP": ICMPProtocol, -} - -var ProtocolsToString = map[int32]string{ - TCPProtocol: "TCP", - UDPProtocol: "UDP", - ICMPProtocol: "ICMP", - SCTPProtocol: "SCTP", -} - -// List the supported destination types in traceflow. -const ( - DstTypePod = "Pod" - DstTypeService = "Service" - DstTypeIPv4 = "IPv4" -) - -var SupportedDestinationTypes = []string{ - DstTypePod, - DstTypeService, - DstTypeIPv4, -} - -// List the ethernet types. -const ( - EtherTypeIPv4 uint16 = 0x0800 - EtherTypeIPv6 uint16 = 0x86DD -) - -// +genclient -// +genclient:nonNamespaced -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type Traceflow struct { - metav1.TypeMeta `json:",inline"` - metav1.ObjectMeta `json:"metadata,omitempty"` - - Spec TraceflowSpec `json:"spec,omitempty"` - Status TraceflowStatus `json:"status,omitempty"` -} - -// TraceflowSpec describes the spec of the traceflow. -type TraceflowSpec struct { - Source Source `json:"source,omitempty"` - Destination Destination `json:"destination,omitempty"` - Packet Packet `json:"packet,omitempty"` -} - -// Source describes the source spec of the traceflow. -type Source struct { - // Namespace is the source namespace. - Namespace string `json:"namespace,omitempty"` - // Pod is the source pod. - Pod string `json:"pod,omitempty"` -} - -// Destination describes the destination spec of the traceflow. -type Destination struct { - // Namespace is the destination namespace. - Namespace string `json:"namespace,omitempty"` - // Pod is the destination pod, exclusive with destination service. - Pod string `json:"pod,omitempty"` - // Service is the destination service, exclusive with destination pod. - Service string `json:"service,omitempty"` - // IP is the destination IPv4 or IPv6 address. - IP string `json:"ip,omitempty"` -} - -// IPHeader describes spec of an IPv4 header. -type IPHeader struct { - // SrcIP is the source IP. - SrcIP string `json:"srcIP,omitempty"` - // Protocol is the IP protocol. - Protocol int32 `json:"protocol,omitempty"` - // TTL is the IP TTL. - TTL int32 `json:"ttl,omitempty"` - // Flags is the flags for IP. - Flags int32 `json:"flags,omitempty"` -} - -// IPv6Header describes spec of an IPv6 header. -type IPv6Header struct { - // SrcIP is the source IPv6. - SrcIP string `json:"srcIP,omitempty"` - // NextHeader is the IPv6 protocol. - NextHeader *int32 `json:"nextHeader,omitempty"` - // HopLimit is the IPv6 Hop Limit. - HopLimit int32 `json:"hopLimit,omitempty"` -} - -// TransportHeader describes spec of a TransportHeader. -type TransportHeader struct { - ICMP *ICMPEchoRequestHeader `json:"icmp,omitempty"` - UDP *UDPHeader `json:"udp,omitempty"` - TCP *TCPHeader `json:"tcp,omitempty"` -} - -// ICMPEchoRequestHeader describes spec of an ICMP echo request header. -type ICMPEchoRequestHeader struct { - // ID is the ICMPEchoRequestHeader ID. - ID int32 `json:"id,omitempty"` - // Sequence is the ICMPEchoRequestHeader sequence. - Sequence int32 `json:"sequence,omitempty"` -} - -// UDPHeader describes spec of a UDP header. -type UDPHeader struct { - // SrcPort is the source port. - SrcPort int32 `json:"srcPort,omitempty"` - // DstPort is the destination port. - DstPort int32 `json:"dstPort,omitempty"` -} - -// TCPHeader describes spec of a TCP header. -type TCPHeader struct { - // SrcPort is the source port. - SrcPort int32 `json:"srcPort,omitempty"` - // DstPort is the destination port. - DstPort int32 `json:"dstPort,omitempty"` - // Flags are flags in the header. - Flags int32 `json:"flags,omitempty"` -} - -// Packet includes header info. -type Packet struct { - // TODO: change type IPHeader to *IPHeader and correct all internal references - IPHeader IPHeader `json:"ipHeader,omitempty"` - IPv6Header *IPv6Header `json:"ipv6Header,omitempty"` - TransportHeader TransportHeader `json:"transportHeader,omitempty"` -} - -// TraceflowStatus describes current status of the traceflow. -type TraceflowStatus struct { - // Phase is the Traceflow phase. - Phase TraceflowPhase `json:"phase,omitempty"` - // Reason is a message indicating the reason of the traceflow's current phase. - Reason string `json:"reason,omitempty"` - // DataplaneTag is a tag to identify a traceflow session across Nodes. - DataplaneTag uint8 `json:"dataplaneTag,omitempty"` - // Results is the collection of all observations on different nodes. - Results []NodeResult `json:"results,omitempty"` -} - -type NodeResult struct { - // Node is the node of the observation. - Node string `json:"node,omitempty" yaml:"node,omitempty"` - // Role of the node like sender, receiver, etc. - Role string `json:"role,omitempty" yaml:"role,omitempty"` - // Timestamp is the timestamp of the observations on the node. - Timestamp int64 `json:"timestamp,omitempty" yaml:"timestamp,omitempty"` - // Observations includes all observations from sender nodes, receiver ones, etc. - Observations []Observation `json:"observations,omitempty" yaml:"observations,omitempty"` -} - -// Observation describes those from sender nodes or receiver nodes. -type Observation struct { - // Component is the observation component. - Component TraceflowComponent `json:"component,omitempty" yaml:"component,omitempty"` - // ComponentInfo is the extension of Component field. - ComponentInfo string `json:"componentInfo,omitempty" yaml:"componentInfo,omitempty"` - // Action is the action to the observation. - Action TraceflowAction `json:"action,omitempty" yaml:"action,omitempty"` - // Pod is the combination of Pod name and Pod Namespace. - Pod string `json:"pod,omitempty" yaml:"pod,omitempty"` - // DstMAC is the destination MAC. - DstMAC string `json:"dstMAC,omitempty" yaml:"dstMAC,omitempty"` - // NetworkPolicy is the combination of Namespace and NetworkPolicyName. - NetworkPolicy string `json:"networkPolicy,omitempty" yaml:"networkPolicy,omitempty"` - // TTL is the observation TTL. - TTL int32 `json:"ttl,omitempty" yaml:"ttl,omitempty"` - // TranslatedSrcIP is the translated source IP. - TranslatedSrcIP string `json:"translatedSrcIP,omitempty" yaml:"translatedSrcIP,omitempty"` - // TranslatedDstIP is the translated destination IP. - TranslatedDstIP string `json:"translatedDstIP,omitempty" yaml:"translatedDstIP,omitempty"` - // TunnelDstIP is the tunnel destination IP. - TunnelDstIP string `json:"tunnelDstIP,omitempty" yaml:"tunnelDstIP,omitempty"` -} - -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -type TraceflowList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - - Items []Traceflow `json:"items"` -} diff --git a/pkg/apis/ops/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/ops/v1alpha1/zz_generated.deepcopy.go deleted file mode 100644 index 4c6d64e6bbb..00000000000 --- a/pkg/apis/ops/v1alpha1/zz_generated.deepcopy.go +++ /dev/null @@ -1,334 +0,0 @@ -// +build !ignore_autogenerated - -// Copyright 2020 Antrea Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Code generated by deepcopy-gen. DO NOT EDIT. - -package v1alpha1 - -import ( - runtime "k8s.io/apimachinery/pkg/runtime" -) - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Destination) DeepCopyInto(out *Destination) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Destination. -func (in *Destination) DeepCopy() *Destination { - if in == nil { - return nil - } - out := new(Destination) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *ICMPEchoRequestHeader) DeepCopyInto(out *ICMPEchoRequestHeader) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ICMPEchoRequestHeader. -func (in *ICMPEchoRequestHeader) DeepCopy() *ICMPEchoRequestHeader { - if in == nil { - return nil - } - out := new(ICMPEchoRequestHeader) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IPHeader) DeepCopyInto(out *IPHeader) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPHeader. -func (in *IPHeader) DeepCopy() *IPHeader { - if in == nil { - return nil - } - out := new(IPHeader) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *IPv6Header) DeepCopyInto(out *IPv6Header) { - *out = *in - if in.NextHeader != nil { - in, out := &in.NextHeader, &out.NextHeader - *out = new(int32) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IPv6Header. -func (in *IPv6Header) DeepCopy() *IPv6Header { - if in == nil { - return nil - } - out := new(IPv6Header) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *NodeResult) DeepCopyInto(out *NodeResult) { - *out = *in - if in.Observations != nil { - in, out := &in.Observations, &out.Observations - *out = make([]Observation, len(*in)) - copy(*out, *in) - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeResult. -func (in *NodeResult) DeepCopy() *NodeResult { - if in == nil { - return nil - } - out := new(NodeResult) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Observation) DeepCopyInto(out *Observation) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Observation. -func (in *Observation) DeepCopy() *Observation { - if in == nil { - return nil - } - out := new(Observation) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Packet) DeepCopyInto(out *Packet) { - *out = *in - out.IPHeader = in.IPHeader - if in.IPv6Header != nil { - in, out := &in.IPv6Header, &out.IPv6Header - *out = new(IPv6Header) - (*in).DeepCopyInto(*out) - } - in.TransportHeader.DeepCopyInto(&out.TransportHeader) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Packet. -func (in *Packet) DeepCopy() *Packet { - if in == nil { - return nil - } - out := new(Packet) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Source) DeepCopyInto(out *Source) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Source. -func (in *Source) DeepCopy() *Source { - if in == nil { - return nil - } - out := new(Source) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TCPHeader) DeepCopyInto(out *TCPHeader) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TCPHeader. -func (in *TCPHeader) DeepCopy() *TCPHeader { - if in == nil { - return nil - } - out := new(TCPHeader) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *Traceflow) DeepCopyInto(out *Traceflow) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) - in.Spec.DeepCopyInto(&out.Spec) - in.Status.DeepCopyInto(&out.Status) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Traceflow. -func (in *Traceflow) DeepCopy() *Traceflow { - if in == nil { - return nil - } - out := new(Traceflow) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *Traceflow) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TraceflowList) DeepCopyInto(out *TraceflowList) { - *out = *in - out.TypeMeta = in.TypeMeta - in.ListMeta.DeepCopyInto(&out.ListMeta) - if in.Items != nil { - in, out := &in.Items, &out.Items - *out = make([]Traceflow, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowList. -func (in *TraceflowList) DeepCopy() *TraceflowList { - if in == nil { - return nil - } - out := new(TraceflowList) - in.DeepCopyInto(out) - return out -} - -// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. -func (in *TraceflowList) DeepCopyObject() runtime.Object { - if c := in.DeepCopy(); c != nil { - return c - } - return nil -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TraceflowSpec) DeepCopyInto(out *TraceflowSpec) { - *out = *in - out.Source = in.Source - out.Destination = in.Destination - in.Packet.DeepCopyInto(&out.Packet) - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowSpec. -func (in *TraceflowSpec) DeepCopy() *TraceflowSpec { - if in == nil { - return nil - } - out := new(TraceflowSpec) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TraceflowStatus) DeepCopyInto(out *TraceflowStatus) { - *out = *in - if in.Results != nil { - in, out := &in.Results, &out.Results - *out = make([]NodeResult, len(*in)) - for i := range *in { - (*in)[i].DeepCopyInto(&(*out)[i]) - } - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowStatus. -func (in *TraceflowStatus) DeepCopy() *TraceflowStatus { - if in == nil { - return nil - } - out := new(TraceflowStatus) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *TransportHeader) DeepCopyInto(out *TransportHeader) { - *out = *in - if in.ICMP != nil { - in, out := &in.ICMP, &out.ICMP - *out = new(ICMPEchoRequestHeader) - **out = **in - } - if in.UDP != nil { - in, out := &in.UDP, &out.UDP - *out = new(UDPHeader) - **out = **in - } - if in.TCP != nil { - in, out := &in.TCP, &out.TCP - *out = new(TCPHeader) - **out = **in - } - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TransportHeader. -func (in *TransportHeader) DeepCopy() *TransportHeader { - if in == nil { - return nil - } - out := new(TransportHeader) - in.DeepCopyInto(out) - return out -} - -// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. -func (in *UDPHeader) DeepCopyInto(out *UDPHeader) { - *out = *in - return -} - -// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UDPHeader. -func (in *UDPHeader) DeepCopy() *UDPHeader { - if in == nil { - return nil - } - out := new(UDPHeader) - in.DeepCopyInto(out) - return out -} diff --git a/pkg/apis/stats/doc.go b/pkg/apis/stats/doc.go index 29c41dc8264..862442b77b2 100644 --- a/pkg/apis/stats/doc.go +++ b/pkg/apis/stats/doc.go @@ -13,7 +13,7 @@ // limitations under the License. // +k8s:deepcopy-gen=package -// +groupName=stats.antrea.tanzu.vmware.com +// +groupName=stats.antrea.io // Package stats is the internal version of the Antrea Stats API. // Refer to https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api_changes.md doc diff --git a/pkg/apis/stats/register.go b/pkg/apis/stats/register.go index dd514c72563..5f60829f1c2 100644 --- a/pkg/apis/stats/register.go +++ b/pkg/apis/stats/register.go @@ -20,7 +20,7 @@ import ( ) // GroupName is the group name use in this package -const GroupName = "stats.antrea.tanzu.vmware.com" +const GroupName = "stats.antrea.io" // SchemeGroupVersion is group version used to register these objects var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} diff --git a/pkg/apis/stats/v1alpha1/doc.go b/pkg/apis/stats/v1alpha1/doc.go index d93613fed17..06592c2902e 100644 --- a/pkg/apis/stats/v1alpha1/doc.go +++ b/pkg/apis/stats/v1alpha1/doc.go @@ -16,7 +16,7 @@ // +k8s:deepcopy-gen=package // +k8s:protobuf-gen=package // +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/stats -// +groupName=stats.antrea.tanzu.vmware.com +// +groupName=stats.antrea.io // Package v1alpha1 is the v1alpha1 version of the Antrea Stats API. package v1alpha1 diff --git a/pkg/apis/stats/v1alpha1/register.go b/pkg/apis/stats/v1alpha1/register.go index 9288e78fd59..30c40f47fe5 100644 --- a/pkg/apis/stats/v1alpha1/register.go +++ b/pkg/apis/stats/v1alpha1/register.go @@ -21,7 +21,7 @@ import ( ) // GroupName is the group name use in this package -const GroupName = "stats.antrea.tanzu.vmware.com" +const GroupName = "stats.antrea.io" // SchemeGroupVersion is group version used to register these objects var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} diff --git a/pkg/apis/system/v1beta1/doc.go b/pkg/apis/system/v1beta1/doc.go index d0c483ed44e..b5eb07b1fa9 100644 --- a/pkg/apis/system/v1beta1/doc.go +++ b/pkg/apis/system/v1beta1/doc.go @@ -15,7 +15,7 @@ // +k8s:openapi-gen=true // +k8s:deepcopy-gen=package // +k8s:defaulter-gen=TypeMeta -// +groupName=system.antrea.tanzu.vmware.com +// +groupName=system.antrea.io // Package v1beta1 contains the v1beta1 version of the Antrea "system" API // group definitions. diff --git a/pkg/apis/system/v1beta1/register.go b/pkg/apis/system/v1beta1/register.go index 30a41d303b4..7046eef291e 100644 --- a/pkg/apis/system/v1beta1/register.go +++ b/pkg/apis/system/v1beta1/register.go @@ -19,10 +19,10 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/runtime/schema" - clusterinfo "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) -const GroupName = "system.antrea.tanzu.vmware.com" +const GroupName = "system.antrea.io" var ( SchemeGroupVersion = schema.GroupVersion{ @@ -52,8 +52,8 @@ func Resource(resource string) schema.GroupResource { func addKnownTypes(scheme *runtime.Scheme) error { scheme.AddKnownTypes( SchemeGroupVersion, - &clusterinfo.AntreaControllerInfo{}, - &clusterinfo.AntreaControllerInfoList{}, + &crdv1beta1.AntreaControllerInfo{}, + &crdv1beta1.AntreaControllerInfoList{}, &SupportBundle{}, ) diff --git a/pkg/apiserver/apiserver.go b/pkg/apiserver/apiserver.go index fa030851c02..58c2389e68b 100644 --- a/pkg/apiserver/apiserver.go +++ b/pkg/apiserver/apiserver.go @@ -30,8 +30,6 @@ import ( "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" cpinstall "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/install" - "github.com/vmware-tanzu/antrea/pkg/apis/networking" - networkinginstall "github.com/vmware-tanzu/antrea/pkg/apis/networking/install" apistats "github.com/vmware-tanzu/antrea/pkg/apis/stats" statsinstall "github.com/vmware-tanzu/antrea/pkg/apis/stats/install" systeminstall "github.com/vmware-tanzu/antrea/pkg/apis/system/install" @@ -56,6 +54,14 @@ import ( "github.com/vmware-tanzu/antrea/pkg/controller/querier" "github.com/vmware-tanzu/antrea/pkg/controller/stats" "github.com/vmware-tanzu/antrea/pkg/features" + legacycontrolplane "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane" + legacycpinstall "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/install" + legacynetworking "github.com/vmware-tanzu/antrea/pkg/legacyapis/networking" + legacynetworkinginstall "github.com/vmware-tanzu/antrea/pkg/legacyapis/networking/install" + legacyapistats "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats" + legacystatsinstall "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats/install" + legacysysteminstall "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/install" + legacysystem "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/v1beta1" ) var ( @@ -71,8 +77,13 @@ var ( func init() { cpinstall.Install(Scheme) systeminstall.Install(Scheme) - networkinginstall.Install(Scheme) statsinstall.Install(Scheme) + + legacycpinstall.Install(Scheme) + legacysysteminstall.Install(Scheme) + legacynetworkinginstall.Install(Scheme) + legacystatsinstall.Install(Scheme) + // We need to add the options to empty v1, see sample-apiserver/pkg/apiserver/apiserver.go. metav1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) } @@ -155,12 +166,6 @@ func installAPIGroup(s *APIServer, c completedConfig) error { groupAssociationStorage := groupassociation.NewREST(c.extraConfig.networkPolicyController) nodeStatsSummaryStorage := nodestatssummary.NewREST(c.extraConfig.statsAggregator) cpGroup := genericapiserver.NewDefaultAPIGroupInfo(controlplane.GroupName, Scheme, metav1.ParameterCodec, Codecs) - cpv1beta1Storage := map[string]rest.Storage{} - cpv1beta1Storage["addressgroups"] = addressGroupStorage - cpv1beta1Storage["appliedtogroups"] = appliedToGroupStorage - cpv1beta1Storage["networkpolicies"] = networkPolicyStorage - cpv1beta1Storage["nodestatssummaries"] = nodeStatsSummaryStorage - cpGroup.VersionedResourcesStorageMap["v1beta1"] = cpv1beta1Storage cpv1beta2Storage := map[string]rest.Storage{} cpv1beta2Storage["addressgroups"] = addressGroupStorage cpv1beta2Storage["appliedtogroups"] = appliedToGroupStorage @@ -171,15 +176,6 @@ func installAPIGroup(s *APIServer, c completedConfig) error { cpv1beta2Storage["clustergroupmembers"] = clusterGroupMembershipStorage cpGroup.VersionedResourcesStorageMap["v1beta2"] = cpv1beta2Storage - // TODO: networkingGroup is the legacy group of controlplane NetworkPolicy APIs. To allow live upgrades from up to - // two minor versions, the APIs must be kept for two minor releases before it can be deleted. - networkingGroup := genericapiserver.NewDefaultAPIGroupInfo(networking.GroupName, Scheme, metav1.ParameterCodec, Codecs) - networkingStorage := map[string]rest.Storage{} - networkingStorage["addressgroups"] = addressGroupStorage - networkingStorage["appliedtogroups"] = appliedToGroupStorage - networkingStorage["networkpolicies"] = networkPolicyStorage - networkingGroup.VersionedResourcesStorageMap["v1beta1"] = networkingStorage - systemGroup := genericapiserver.NewDefaultAPIGroupInfo(system.GroupName, Scheme, metav1.ParameterCodec, Codecs) systemStorage := map[string]rest.Storage{} systemStorage["controllerinfos"] = controllerinfo.NewREST(c.extraConfig.controllerQuerier) @@ -195,7 +191,36 @@ func installAPIGroup(s *APIServer, c completedConfig) error { statsStorage["antreanetworkpolicystats"] = antreanetworkpolicystats.NewREST(c.extraConfig.statsAggregator) statsGroup.VersionedResourcesStorageMap["v1alpha1"] = statsStorage - groups := []*genericapiserver.APIGroupInfo{&cpGroup, &networkingGroup, &systemGroup, &statsGroup} + groups := []*genericapiserver.APIGroupInfo{&cpGroup, &systemGroup, &statsGroup} + + // legacy groups + legacyCPGroup := genericapiserver.NewDefaultAPIGroupInfo(legacycontrolplane.GroupName, Scheme, metav1.ParameterCodec, Codecs) + legacyCPv1beta1Storage := map[string]rest.Storage{} + legacyCPv1beta1Storage["addressgroups"] = addressGroupStorage + legacyCPv1beta1Storage["appliedtogroups"] = appliedToGroupStorage + legacyCPv1beta1Storage["networkpolicies"] = networkPolicyStorage + legacyCPv1beta1Storage["nodestatssummaries"] = nodeStatsSummaryStorage + legacyCPGroup.VersionedResourcesStorageMap["v1beta1"] = legacyCPv1beta1Storage + legacyCPGroup.VersionedResourcesStorageMap["v1beta2"] = cpv1beta2Storage + + legacyNetworkingGroup := genericapiserver.NewDefaultAPIGroupInfo(legacynetworking.GroupName, Scheme, metav1.ParameterCodec, Codecs) + // TODO: networkingGroup is the legacy group of controlplane NetworkPolicy APIs. To allow live upgrades from up to + // two minor versions, the APIs must be kept for two minor releases before it can be deleted. + legacyNetworkingStorage := map[string]rest.Storage{} + legacyNetworkingStorage["addressgroups"] = addressGroupStorage + legacyNetworkingStorage["appliedtogroups"] = appliedToGroupStorage + legacyNetworkingStorage["networkpolicies"] = networkPolicyStorage + legacyNetworkingGroup.VersionedResourcesStorageMap["v1beta1"] = legacyNetworkingStorage + + legacySystemGroup := genericapiserver.NewDefaultAPIGroupInfo(legacysystem.GroupName, Scheme, metav1.ParameterCodec, Codecs) + legacySystemGroup.VersionedResourcesStorageMap["v1beta1"] = systemStorage + + legacyStatsGroup := genericapiserver.NewDefaultAPIGroupInfo(legacyapistats.GroupName, Scheme, metav1.ParameterCodec, Codecs) + legacyStatsGroup.VersionedResourcesStorageMap["v1alpha1"] = statsStorage + + // legacy API groups + groups = append(groups, &legacyCPGroup, &legacyNetworkingGroup, &legacySystemGroup, &legacyStatsGroup) + for _, apiGroupInfo := range groups { if err := s.GenericAPIServer.InstallAPIGroup(apiGroupInfo); err != nil { return err @@ -262,6 +287,7 @@ func installHandlers(c *ExtraConfig, s *genericapiserver.GenericAPIServer) { s.Handler.NonGoRestfulMux.HandleFunc("/validate/acnp", webhook.HandleValidationNetworkPolicy(v)) s.Handler.NonGoRestfulMux.HandleFunc("/validate/anp", webhook.HandleValidationNetworkPolicy(v)) s.Handler.NonGoRestfulMux.HandleFunc("/validate/clustergroup", webhook.HandleValidationNetworkPolicy(v)) + // Install a post start hook to initialize Tiers on start-up s.AddPostStartHook("initialize-tiers", func(context genericapiserver.PostStartHookContext) error { go c.networkPolicyController.InitializeTiers() diff --git a/pkg/apiserver/certificate/cacert_controller.go b/pkg/apiserver/certificate/cacert_controller.go index d1e278b2d2a..5ea20b4f32f 100644 --- a/pkg/apiserver/certificate/cacert_controller.go +++ b/pkg/apiserver/certificate/cacert_controller.go @@ -51,13 +51,18 @@ var ( "v1beta2.controlplane.antrea.tanzu.vmware.com", "v1beta1.networking.antrea.tanzu.vmware.com", "v1beta1.system.antrea.tanzu.vmware.com", + "v1alpha1.stats.antrea.io", + "v1beta1.system.antrea.io", + "v1beta2.controlplane.antrea.io", } // validatingWebhooks contains all the ValidatingWebhookConfigurations backed by antrea-controller. validatingWebhooks = []string{ "crdvalidator.antrea.tanzu.vmware.com", + "crdvalidator.antrea.io", } mutationWebhooks = []string{ "crdmutator.antrea.tanzu.vmware.com", + "crdmutator.antrea.io", } optionalMutationWebhooks = []string{ "labelsmutator.antrea.io", diff --git a/pkg/apiserver/openapi/zz_generated.openapi.go b/pkg/apiserver/openapi/zz_generated.openapi.go index f339c077e3a..2154843eb59 100644 --- a/pkg/apiserver/openapi/zz_generated.openapi.go +++ b/pkg/apiserver/openapi/zz_generated.openapi.go @@ -29,72 +29,72 @@ import ( func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { return map[string]common.OpenAPIDefinition{ - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AgentCondition": schema_pkg_apis_clusterinformation_v1beta1_AgentCondition(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaAgentInfo": schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfo(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaAgentInfoList": schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfoList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaControllerInfo": schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfo(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaControllerInfoList": schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfoList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.ControllerCondition": schema_pkg_apis_clusterinformation_v1beta1_ControllerCondition(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.NetworkPolicyControllerInfo": schema_pkg_apis_clusterinformation_v1beta1_NetworkPolicyControllerInfo(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.OVSInfo": schema_pkg_apis_clusterinformation_v1beta1_OVSInfo(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup": schema_pkg_apis_controlplane_v1beta1_AddressGroup(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroupList": schema_pkg_apis_controlplane_v1beta1_AddressGroupList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroupPatch": schema_pkg_apis_controlplane_v1beta1_AddressGroupPatch(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup": schema_pkg_apis_controlplane_v1beta1_AppliedToGroup(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroupList": schema_pkg_apis_controlplane_v1beta1_AppliedToGroupList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroupPatch": schema_pkg_apis_controlplane_v1beta1_AppliedToGroupPatch(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.Endpoint": schema_pkg_apis_controlplane_v1beta1_Endpoint(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.ExternalEntityReference": schema_pkg_apis_controlplane_v1beta1_ExternalEntityReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember": schema_pkg_apis_controlplane_v1beta1_GroupMember(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod": schema_pkg_apis_controlplane_v1beta1_GroupMemberPod(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.IPBlock": schema_pkg_apis_controlplane_v1beta1_IPBlock(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.IPNet": schema_pkg_apis_controlplane_v1beta1_IPNet(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NamedPort": schema_pkg_apis_controlplane_v1beta1_NamedPort(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicy": schema_pkg_apis_controlplane_v1beta1_NetworkPolicy(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyList": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyPeer": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyPeer(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyReference": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyRule": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyRule(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyStats": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NodeStatsSummary": schema_pkg_apis_controlplane_v1beta1_NodeStatsSummary(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.PodReference": schema_pkg_apis_controlplane_v1beta1_PodReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.Service": schema_pkg_apis_controlplane_v1beta1_Service(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup": schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroupList": schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroupPatch": schema_pkg_apis_controlplane_v1beta2_AddressGroupPatch(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup": schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroupList": schema_pkg_apis_controlplane_v1beta2_AppliedToGroupList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroupPatch": schema_pkg_apis_controlplane_v1beta2_AppliedToGroupPatch(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ClusterGroupMembers": schema_pkg_apis_controlplane_v1beta2_ClusterGroupMembers(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference": schema_pkg_apis_controlplane_v1beta2_ExternalEntityReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupAssociation": schema_pkg_apis_controlplane_v1beta2_GroupAssociation(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember": schema_pkg_apis_controlplane_v1beta2_GroupMember(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference": schema_pkg_apis_controlplane_v1beta2_GroupReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock": schema_pkg_apis_controlplane_v1beta2_IPBlock(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet": schema_pkg_apis_controlplane_v1beta2_IPNet(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort": schema_pkg_apis_controlplane_v1beta2_NamedPort(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy": schema_pkg_apis_controlplane_v1beta2_NetworkPolicy(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyList": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyNodeStatus(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyPeer(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyRule(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStatus": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStatus(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NodeStatsSummary": schema_pkg_apis_controlplane_v1beta2_NodeStatsSummary(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference": schema_pkg_apis_controlplane_v1beta2_PodReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service": schema_pkg_apis_controlplane_v1beta2_Service(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ServiceReference": schema_pkg_apis_controlplane_v1beta2_ServiceReference(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaClusterNetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_AntreaClusterNetworkPolicyStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaClusterNetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_AntreaClusterNetworkPolicyStatsList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaNetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_AntreaNetworkPolicyStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaNetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_AntreaNetworkPolicyStatsList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.NetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_NetworkPolicyStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.NetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_NetworkPolicyStatsList(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats": schema_pkg_apis_stats_v1alpha1_RuleTrafficStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats": schema_pkg_apis_stats_v1alpha1_TrafficStats(ref), - "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1.SupportBundle": schema_pkg_apis_system_v1beta1_SupportBundle(ref), - "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup": schema_pkg_apis_controlplane_v1beta1_AddressGroup(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroupList": schema_pkg_apis_controlplane_v1beta1_AddressGroupList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroupPatch": schema_pkg_apis_controlplane_v1beta1_AddressGroupPatch(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup": schema_pkg_apis_controlplane_v1beta1_AppliedToGroup(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroupList": schema_pkg_apis_controlplane_v1beta1_AppliedToGroupList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroupPatch": schema_pkg_apis_controlplane_v1beta1_AppliedToGroupPatch(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.Endpoint": schema_pkg_apis_controlplane_v1beta1_Endpoint(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.ExternalEntityReference": schema_pkg_apis_controlplane_v1beta1_ExternalEntityReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember": schema_pkg_apis_controlplane_v1beta1_GroupMember(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod": schema_pkg_apis_controlplane_v1beta1_GroupMemberPod(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.IPBlock": schema_pkg_apis_controlplane_v1beta1_IPBlock(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.IPNet": schema_pkg_apis_controlplane_v1beta1_IPNet(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NamedPort": schema_pkg_apis_controlplane_v1beta1_NamedPort(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicy": schema_pkg_apis_controlplane_v1beta1_NetworkPolicy(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyList": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyPeer": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyPeer(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyReference": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyRule": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyRule(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NetworkPolicyStats": schema_pkg_apis_controlplane_v1beta1_NetworkPolicyStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.NodeStatsSummary": schema_pkg_apis_controlplane_v1beta1_NodeStatsSummary(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.PodReference": schema_pkg_apis_controlplane_v1beta1_PodReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.Service": schema_pkg_apis_controlplane_v1beta1_Service(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup": schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroupList": schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroupPatch": schema_pkg_apis_controlplane_v1beta2_AddressGroupPatch(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup": schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroupList": schema_pkg_apis_controlplane_v1beta2_AppliedToGroupList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroupPatch": schema_pkg_apis_controlplane_v1beta2_AppliedToGroupPatch(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ClusterGroupMembers": schema_pkg_apis_controlplane_v1beta2_ClusterGroupMembers(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference": schema_pkg_apis_controlplane_v1beta2_ExternalEntityReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupAssociation": schema_pkg_apis_controlplane_v1beta2_GroupAssociation(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember": schema_pkg_apis_controlplane_v1beta2_GroupMember(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference": schema_pkg_apis_controlplane_v1beta2_GroupReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock": schema_pkg_apis_controlplane_v1beta2_IPBlock(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet": schema_pkg_apis_controlplane_v1beta2_IPNet(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort": schema_pkg_apis_controlplane_v1beta2_NamedPort(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy": schema_pkg_apis_controlplane_v1beta2_NetworkPolicy(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyList": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyNodeStatus(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyPeer(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyRule(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStatus": schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStatus(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NodeStatsSummary": schema_pkg_apis_controlplane_v1beta2_NodeStatsSummary(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference": schema_pkg_apis_controlplane_v1beta2_PodReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service": schema_pkg_apis_controlplane_v1beta2_Service(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ServiceReference": schema_pkg_apis_controlplane_v1beta2_ServiceReference(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AgentCondition": schema_pkg_apis_crd_v1beta1_AgentCondition(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaAgentInfo": schema_pkg_apis_crd_v1beta1_AntreaAgentInfo(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaAgentInfoList": schema_pkg_apis_crd_v1beta1_AntreaAgentInfoList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfo": schema_pkg_apis_crd_v1beta1_AntreaControllerInfo(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfoList": schema_pkg_apis_crd_v1beta1_AntreaControllerInfoList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.ControllerCondition": schema_pkg_apis_crd_v1beta1_ControllerCondition(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo": schema_pkg_apis_crd_v1beta1_NetworkPolicyControllerInfo(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.OVSInfo": schema_pkg_apis_crd_v1beta1_OVSInfo(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaClusterNetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_AntreaClusterNetworkPolicyStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaClusterNetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_AntreaClusterNetworkPolicyStatsList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaNetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_AntreaNetworkPolicyStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.AntreaNetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_AntreaNetworkPolicyStatsList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.NetworkPolicyStats": schema_pkg_apis_stats_v1alpha1_NetworkPolicyStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.NetworkPolicyStatsList": schema_pkg_apis_stats_v1alpha1_NetworkPolicyStatsList(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats": schema_pkg_apis_stats_v1alpha1_RuleTrafficStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats": schema_pkg_apis_stats_v1alpha1_TrafficStats(ref), + "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1.SupportBundle": schema_pkg_apis_system_v1beta1_SupportBundle(ref), + "k8s.io/api/core/v1.AWSElasticBlockStoreVolumeSource": schema_k8sio_api_core_v1_AWSElasticBlockStoreVolumeSource(ref), "k8s.io/api/core/v1.Affinity": schema_k8sio_api_core_v1_Affinity(ref), "k8s.io/api/core/v1.AttachedVolume": schema_k8sio_api_core_v1_AttachedVolume(ref), "k8s.io/api/core/v1.AvoidPods": schema_k8sio_api_core_v1_AvoidPods(ref), @@ -351,59 +351,12 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA } } -func schema_pkg_apis_clusterinformation_v1beta1_AgentCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Description: "One of the AgentConditionType listed above", - Type: []string{"string"}, - Format: "", - }, - }, - "lastHeartbeatTime": { - SchemaProps: spec.SchemaProps{ - Description: "Mark certain type status, one of True, False, Unknown", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { - SchemaProps: spec.SchemaProps{ - Description: "The timestamp when AntreaAgentInfo is created/updated, ideally heartbeat interval is 60s", - Type: []string{"string"}, - Format: "", - }, - }, - "message": { - SchemaProps: spec.SchemaProps{ - Description: "Brief reason", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastHeartbeatTime"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta1_AddressGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -424,90 +377,44 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfo(ref common.Refer Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "version": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "podRef": { - SchemaProps: spec.SchemaProps{ - Description: "Antrea binary version", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), - }, - }, - "nodeRef": { - SchemaProps: spec.SchemaProps{ - Description: "The Pod that Antrea Agent is running in", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), - }, - }, - "nodeSubnets": { + "pods": { SchemaProps: spec.SchemaProps{ - Description: "The Node that Antrea Agent is running in", - Type: []string{"array"}, + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), }, }, }, }, }, - "ovsInfo": { - SchemaProps: spec.SchemaProps{ - Description: "Node subnets", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.OVSInfo"), - }, - }, - "networkPolicyControllerInfo": { - SchemaProps: spec.SchemaProps{ - Description: "OVS Information", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.NetworkPolicyControllerInfo"), - }, - }, - "localPodNum": { - SchemaProps: spec.SchemaProps{ - Description: "Antrea Agent NetworkPolicy information", - Type: []string{"integer"}, - Format: "int32", - }, - }, - "agentConditions": { + "groupMembers": { SchemaProps: spec.SchemaProps{ - Description: "The number of Pods which the agent is in charge of", - Type: []string{"array"}, + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AgentCondition"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), }, }, }, }, }, - "apiPort": { - SchemaProps: spec.SchemaProps{ - Description: "Agent condition contains types like AgentHealthy", - Type: []string{"integer"}, - Format: "int32", - }, - }, }, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AgentCondition", "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.NetworkPolicyControllerInfo", "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.OVSInfo", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta1_AddressGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "AddressGroupList is a list of AddressGroup objects.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -534,7 +441,7 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfoList(ref common.R Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaAgentInfo"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup"), }, }, }, @@ -545,15 +452,16 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaAgentInfoList(ref common.R }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaAgentInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta1_AddressGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "AddressGroupPatch describes the incremental update of an AddressGroup.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -574,76 +482,128 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfo(ref common. Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "version": { + "addedPods": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), + }, + }, + }, }, }, - "podRef": { + "removedPods": { SchemaProps: spec.SchemaProps{ - Description: "Antrea binary version", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), + }, + }, + }, }, }, - "nodeRef": { + "addedGroupMembers": { SchemaProps: spec.SchemaProps{ - Description: "The Pod that Antrea Controller is running in", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), + }, + }, + }, }, }, - "serviceRef": { + "removedGroupMembers": { SchemaProps: spec.SchemaProps{ - Description: "The Node that Antrea Controller is running in", - Ref: ref("k8s.io/api/core/v1.ObjectReference"), + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), + }, + }, + }, }, }, - "networkPolicyControllerInfo": { + }, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_controlplane_v1beta1_AppliedToGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { SchemaProps: spec.SchemaProps{ - Description: "Antrea Controller Service", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.NetworkPolicyControllerInfo"), + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", }, }, - "connectedAgentNum": { + "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "Antrea Controller NetworkPolicy information", - Type: []string{"integer"}, - Format: "int32", + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", }, }, - "controllerConditions": { + "metadata": { SchemaProps: spec.SchemaProps{ - Description: "Number of agents which are connected to this controller", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "pods": { + SchemaProps: spec.SchemaProps{ + Description: "Pods is a list of Pods selected by this group.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.ControllerCondition"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), }, }, }, }, }, - "apiPort": { + "groupMembers": { SchemaProps: spec.SchemaProps{ - Description: "Controller condition contains types like ControllerHealthy", - Type: []string{"integer"}, - Format: "int32", + Description: "GroupMembers is list of resources selected by this group. This eventually will replace Pods", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.ControllerCondition", "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.NetworkPolicyControllerInfo", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta1_AppliedToGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "AppliedToGroupList is a list of AppliedToGroup objects.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -670,7 +630,7 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfoList(ref com Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaControllerInfo"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup"), }, }, }, @@ -681,444 +641,34 @@ func schema_pkg_apis_clusterinformation_v1beta1_AntreaControllerInfoList(ref com }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1.AntreaControllerInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_clusterinformation_v1beta1_ControllerCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta1_AppliedToGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, + Description: "AppliedToGroupPatch describes the incremental update of an AppliedToGroup.", + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "type": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "status": { + "kind": { SchemaProps: spec.SchemaProps{ - Description: "One of the ControllerConditionType listed above, controllerHealthy", + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Type: []string{"string"}, Format: "", }, }, - "lastHeartbeatTime": { - SchemaProps: spec.SchemaProps{ - Description: "Mark certain type status, one of True, False, Unknown", - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), - }, - }, - "reason": { + "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "The timestamp when AntreaControllerInfo is created/updated, ideally heartbeat interval is 60s", + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", Type: []string{"string"}, Format: "", }, }, - "message": { + "metadata": { SchemaProps: spec.SchemaProps{ - Description: "Brief reason", - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"type", "status", "lastHeartbeatTime"}, - }, - }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, - } -} - -func schema_pkg_apis_clusterinformation_v1beta1_NetworkPolicyControllerInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "networkPolicyNum": { - SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", - }, - }, - "addressGroupNum": { - SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", - }, - }, - "appliedToGroupNum": { - SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_clusterinformation_v1beta1_OVSInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "version": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "bridgeName": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - "flowTable": { - SchemaProps: spec.SchemaProps{ - Type: []string{"object"}, - AdditionalProperties: &spec.SchemaOrBool{ - Allows: true, - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", - }, - }, - }, - }, - }, - }, - }, - }, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AddressGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "pods": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), - }, - }, - }, - }, - }, - "groupMembers": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AddressGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AddressGroupList is a list of AddressGroup objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AddressGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AddressGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AddressGroupPatch describes the incremental update of an AddressGroup.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "addedPods": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), - }, - }, - }, - }, - }, - "removedPods": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), - }, - }, - }, - }, - }, - "addedGroupMembers": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), - }, - }, - }, - }, - }, - "removedGroupMembers": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AppliedToGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "pods": { - SchemaProps: spec.SchemaProps{ - Description: "Pods is a list of Pods selected by this group.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod"), - }, - }, - }, - }, - }, - "groupMembers": { - SchemaProps: spec.SchemaProps{ - Description: "GroupMembers is list of resources selected by this group. This eventually will replace Pods", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember"), - }, - }, - }, - }, - }, - }, - }, - }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMember", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.GroupMemberPod", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AppliedToGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroupList is a list of AppliedToGroup objects.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup"), - }, - }, - }, - }, - }, - }, - Required: []string{"items"}, - }, - }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1.AppliedToGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta1_AppliedToGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroupPatch describes the incremental update of an AppliedToGroup.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, "addedPods": { @@ -1857,15 +1407,166 @@ func schema_pkg_apis_controlplane_v1beta1_Service(ref common.ReferenceCallback) }, }, Dependencies: []string{ - "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "groupMembers": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AddressGroupList is a list of AddressGroup objects.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup"), + }, + }, + }, + }, + }, + }, + Required: []string{"items"}, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_AddressGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "AddressGroupPatch describes the incremental update of an AddressGroup.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "addedGroupMembers": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + }, + }, + }, + }, + }, + "removedGroupMembers": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AddressGroup is the message format of antrea/pkg/controller/types.AddressGroup in an API response.", + Description: "AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1889,7 +1590,8 @@ func schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref common.ReferenceCallb }, "groupMembers": { SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, + Description: "GroupMembers is list of resources selected by this group.", + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ @@ -1907,11 +1609,11 @@ func schema_pkg_apis_controlplane_v1beta2_AddressGroup(ref common.ReferenceCallb } } -func schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AddressGroupList is a list of AddressGroup objects.", + Description: "AppliedToGroupList is a list of AppliedToGroup objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -1939,7 +1641,7 @@ func schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref common.ReferenceC Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup"), }, }, }, @@ -1950,15 +1652,15 @@ func schema_pkg_apis_controlplane_v1beta2_AddressGroupList(ref common.ReferenceC }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AddressGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_AddressGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AddressGroupPatch describes the incremental update of an AddressGroup.", + Description: "AppliedToGroupPatch describes the incremental update of an AppliedToGroup.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2012,11 +1714,11 @@ func schema_pkg_apis_controlplane_v1beta2_AddressGroupPatch(ref common.Reference } } -func schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_ClusterGroupMembers(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroup is the message format of antrea/pkg/controller/types.AppliedToGroup in an API response.", + Description: "ClusterGroupMembers is a list of GroupMember objects that are currently selected by a ClusterGroup.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2038,10 +1740,9 @@ func schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref common.ReferenceCal Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "groupMembers": { + "effectiveMembers": { SchemaProps: spec.SchemaProps{ - Description: "GroupMembers is list of resources selected by this group.", - Type: []string{"array"}, + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ @@ -2052,6 +1753,7 @@ func schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref common.ReferenceCal }, }, }, + Required: []string{"effectiveMembers"}, }, }, Dependencies: []string{ @@ -2059,11 +1761,38 @@ func schema_pkg_apis_controlplane_v1beta2_AppliedToGroup(ref common.ReferenceCal } } -func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_ExternalEntityReference(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroupList is a list of AppliedToGroup objects.", + Description: "ExternalEntityReference represents a ExternalEntity Reference.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "name": { + SchemaProps: spec.SchemaProps{ + Description: "The name of this ExternalEntity.", + Type: []string{"string"}, + Format: "", + }, + }, + "namespace": { + SchemaProps: spec.SchemaProps{ + Description: "The Namespace of this ExternalEntity.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_pkg_apis_controlplane_v1beta2_GroupAssociation(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupAssociation is the message format in an API response for groupassociation queries.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2082,35 +1811,217 @@ func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupList(ref common.Referenc }, "metadata": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "items": { + "associatedGroups": { SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, + Description: "AssociatedGroups is a list of GroupReferences that is associated with the Pod/ExternalEntity being queried.", + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference"), }, }, }, }, }, }, - Required: []string{"items"}, + Required: []string{"associatedGroups"}, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_GroupMember(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupMember represents resource member to be populated in Groups.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "pod": { + SchemaProps: spec.SchemaProps{ + Description: "Pod maintains the reference to the Pod.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference"), + }, + }, + "externalEntity": { + SchemaProps: spec.SchemaProps{ + Description: "ExternalEntity maintains the reference to the ExternalEntity.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference"), + }, + }, + "ips": { + SchemaProps: spec.SchemaProps{ + Description: "IP is the IP address of the Endpoints associated with the GroupMember.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + }, + }, + }, + "ports": { + SchemaProps: spec.SchemaProps{ + Description: "Ports is the list NamedPort of the GroupMember.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_GroupReference(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "namespace": { + SchemaProps: spec.SchemaProps{ + Description: "Namespace of the Group. Empty for ClusterGroup.", + Type: []string{"string"}, + Format: "", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name of the Group.", + Type: []string{"string"}, + Format: "", + }, + }, + "uid": { + SchemaProps: spec.SchemaProps{ + Description: "UID of the Group.", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + } +} + +func schema_pkg_apis_controlplane_v1beta2_IPBlock(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\"). The except entry describes CIDRs that should not be included within this rule.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "cidr": { + SchemaProps: spec.SchemaProps{ + Description: "CIDR is an IPNet represents the IP Block.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"), + }, + }, + "except": { + SchemaProps: spec.SchemaProps{ + Description: "Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"), + }, + }, + }, + }, + }, + }, + Required: []string{"cidr"}, + }, + }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"}, + } +} + +func schema_pkg_apis_controlplane_v1beta2_IPNet(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "IPNet describes an IP network.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "ip": { + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "byte", + }, + }, + "prefixLength": { + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, + }, + }, + } +} + +func schema_pkg_apis_controlplane_v1beta2_NamedPort(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "NamedPort represents a Port with a name on Pod.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "port": { + SchemaProps: spec.SchemaProps{ + Description: "Port represents the Port number.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name represents the associated name with this Port number.", + Type: []string{"string"}, + Format: "", + }, + }, + "protocol": { + SchemaProps: spec.SchemaProps{ + Description: "Protocol for port. Must be UDP, TCP, or SCTP.", + Type: []string{"string"}, + Format: "", + }, + }, + }, }, }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.AppliedToGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupPatch(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroupPatch describes the incremental update of an AppliedToGroup.", + Description: "NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2132,43 +2043,66 @@ func schema_pkg_apis_controlplane_v1beta2_AppliedToGroupPatch(ref common.Referen Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "addedGroupMembers": { + "rules": { SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, + Description: "Rules is a list of rules to be applied to the selected GroupMembers.", + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule"), }, }, }, }, }, - "removedGroupMembers": { + "appliedToGroups": { SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, + Description: "AppliedToGroups is a list of names of AppliedToGroups to which this policy applies. Cannot be set in conjunction with any NetworkPolicyRule.AppliedToGroups in Rules.", + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + Type: []string{"string"}, + Format: "", }, }, }, }, }, + "priority": { + SchemaProps: spec.SchemaProps{ + Description: "Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s NetworkPolicy.", + Type: []string{"number"}, + Format: "double", + }, + }, + "tierPriority": { + SchemaProps: spec.SchemaProps{ + Description: "TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "sourceRef": { + SchemaProps: spec.SchemaProps{ + Description: "Reference to the original NetworkPolicy that the internal NetworkPolicy is created for.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference"), + }, + }, }, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_ClusterGroupMembers(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "ClusterGroupMembers is a list of GroupMember objects that are currently selected by a ClusterGroup.", + Description: "NetworkPolicyList is a list of NetworkPolicy objects.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2187,146 +2121,86 @@ func schema_pkg_apis_controlplane_v1beta2_ClusterGroupMembers(ref common.Referen }, "metadata": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), }, }, - "effectiveMembers": { + "items": { SchemaProps: spec.SchemaProps{ Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy"), }, }, }, }, }, }, - Required: []string{"effectiveMembers"}, + Required: []string{"items"}, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupMember", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_controlplane_v1beta2_ExternalEntityReference(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "ExternalEntityReference represents a ExternalEntity Reference.", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "name": { - SchemaProps: spec.SchemaProps{ - Description: "The name of this ExternalEntity.", - Type: []string{"string"}, - Format: "", - }, - }, - "namespace": { - SchemaProps: spec.SchemaProps{ - Description: "The Namespace of this ExternalEntity.", - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_GroupAssociation(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyNodeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "GroupAssociation is the message format in an API response for groupassociation queries.", + Description: "NetworkPolicyNodeStatus is the status of a NetworkPolicy on a Node.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { + "nodeName": { SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Description: "The name of the Node that produces the status.", Type: []string{"string"}, Format: "", }, }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "associatedGroups": { + "generation": { SchemaProps: spec.SchemaProps{ - Description: "AssociatedGroups is a list of GroupReferences that is associated with the Pod/ExternalEntity being queried.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference"), - }, - }, - }, + Description: "The generation realized by the Node.", + Type: []string{"integer"}, + Format: "int64", }, }, }, - Required: []string{"associatedGroups"}, }, }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.GroupReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_GroupMember(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyPeer(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "GroupMember represents resource member to be populated in Groups.", + Description: "NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "pod": { - SchemaProps: spec.SchemaProps{ - Description: "Pod maintains the reference to the Pod.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference"), - }, - }, - "externalEntity": { - SchemaProps: spec.SchemaProps{ - Description: "ExternalEntity maintains the reference to the ExternalEntity.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference"), - }, - }, - "ips": { + "addressGroups": { SchemaProps: spec.SchemaProps{ - Description: "IP is the IP address of the Endpoints associated with the GroupMember.", + Description: "A list of names of AddressGroups.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ Type: []string{"string"}, - Format: "byte", + Format: "", }, }, }, }, }, - "ports": { + "ipBlocks": { SchemaProps: spec.SchemaProps{ - Description: "Ports is the list NamedPort of the GroupMember.", + Description: "A list of IPBlock.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock"), }, }, }, @@ -2336,33 +2210,40 @@ func schema_pkg_apis_controlplane_v1beta2_GroupMember(ref common.ReferenceCallba }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.ExternalEntityReference", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NamedPort", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.PodReference"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock"}, } } -func schema_pkg_apis_controlplane_v1beta2_GroupReference(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyReference(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ Type: []string{"object"}, Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Description: "Type of the NetworkPolicy.", + Type: []string{"string"}, + Format: "", + }, + }, "namespace": { SchemaProps: spec.SchemaProps{ - Description: "Namespace of the Group. Empty for ClusterGroup.", + Description: "Namespace of the NetworkPolicy. It's empty for Antrea ClusterNetworkPolicy.", Type: []string{"string"}, Format: "", }, }, "name": { SchemaProps: spec.SchemaProps{ - Description: "Name of the Group.", + Description: "Name of the NetworkPolicy.", Type: []string{"string"}, Format: "", }, }, "uid": { SchemaProps: spec.SchemaProps{ - Description: "UID of the Group.", + Description: "UID of the NetworkPolicy.", Type: []string{"string"}, Format: "", }, @@ -2373,105 +2254,188 @@ func schema_pkg_apis_controlplane_v1beta2_GroupReference(ref common.ReferenceCal } } -func schema_pkg_apis_controlplane_v1beta2_IPBlock(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyRule(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "IPBlock describes a particular CIDR (Ex. \"192.168.1.1/24\"). The except entry describes CIDRs that should not be included within this rule.", + Description: "NetworkPolicyRule describes a particular set of traffic that is allowed.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "cidr": { + "direction": { SchemaProps: spec.SchemaProps{ - Description: "CIDR is an IPNet represents the IP Block.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"), + Description: "The direction of this rule. If it's set to In, From must be set and To must not be set. If it's set to Out, To must be set and From must not be set.", + Type: []string{"string"}, + Format: "", }, }, - "except": { + "from": { SchemaProps: spec.SchemaProps{ - Description: "Except is a slice of IPNets that should not be included within an IP Block. Except values will be rejected if they are outside the CIDR range.", + Description: "From represents sources which should be able to access the GroupMembers selected by the policy.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer"), + }, + }, + "to": { + SchemaProps: spec.SchemaProps{ + Description: "To represents destinations which should be able to be accessed by the GroupMembers selected by the policy.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer"), + }, + }, + "services": { + SchemaProps: spec.SchemaProps{ + Description: "Services is a list of services which should be matched.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service"), + }, + }, + }, + }, + }, + "priority": { + SchemaProps: spec.SchemaProps{ + Description: "Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy.", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "action": { + SchemaProps: spec.SchemaProps{ + Description: "Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy.", + Type: []string{"string"}, + Format: "", + }, + }, + "enableLogging": { + SchemaProps: spec.SchemaProps{ + Description: "EnableLogging indicates whether or not to generate logs when rules are matched. Default to false.", + Type: []string{"boolean"}, + Format: "", + }, + }, + "appliedToGroups": { + SchemaProps: spec.SchemaProps{ + Description: "AppliedToGroups is a list of names of AppliedToGroups to which this rule applies. Cannot be set in conjunction with NetworkPolicy.AppliedToGroups of the NetworkPolicy that this Rule is referred to.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"string"}, + Format: "", }, }, }, }, }, + "name": { + SchemaProps: spec.SchemaProps{ + Description: "Name describes the intention of this rule. Name should be unique within the policy.", + Type: []string{"string"}, + Format: "", + }, + }, }, - Required: []string{"cidr"}, + Required: []string{"enableLogging"}, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPNet"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service"}, } } -func schema_pkg_apis_controlplane_v1beta2_IPNet(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStats(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "IPNet describes an IP network.", + Description: "NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "ip": { + "networkPolicy": { SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "byte", + Description: "The reference of the NetworkPolicy.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference"), + }, + }, + "trafficStats": { + SchemaProps: spec.SchemaProps{ + Description: "The stats of the NetworkPolicy.", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats"), }, }, - "prefixLength": { + "ruleTrafficStats": { SchemaProps: spec.SchemaProps{ - Type: []string{"integer"}, - Format: "int32", + Description: "The stats of the NetworkPolicy rules. It's empty for K8s NetworkPolicies as they don't have rule name to identify a rule.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats"), + }, + }, + }, }, }, }, }, }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference", "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats", "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats"}, } } -func schema_pkg_apis_controlplane_v1beta2_NamedPort(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NamedPort represents a Port with a name on Pod.", + Description: "NetworkPolicyStatus is the status of a NetworkPolicy.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "port": { + "kind": { SchemaProps: spec.SchemaProps{ - Description: "Port represents the Port number.", - Type: []string{"integer"}, - Format: "int32", + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", }, }, - "name": { + "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "Name represents the associated name with this Port number.", + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", Type: []string{"string"}, Format: "", }, }, - "protocol": { + "metadata": { SchemaProps: spec.SchemaProps{ - Description: "Protocol for port. Must be UDP, TCP, or SCTP.", - Type: []string{"string"}, - Format: "", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "nodes": { + SchemaProps: spec.SchemaProps{ + Description: "Nodes contains statuses produced on a list of Nodes.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus"), + }, + }, + }, }, }, }, }, }, + Dependencies: []string{ + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicy(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_NodeStatsSummary(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicy is the message format of antrea/pkg/controller/types.NetworkPolicy in an API response.", + Description: "NodeStatsSummary contains stats produced on a Node. It's used by the antrea-agents to report stats to the antrea-controller.", Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { @@ -2493,178 +2457,143 @@ func schema_pkg_apis_controlplane_v1beta2_NetworkPolicy(ref common.ReferenceCall Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "rules": { + "networkPolicies": { SchemaProps: spec.SchemaProps{ - Description: "Rules is a list of rules to be applied to the selected GroupMembers.", + Description: "The TrafficStats of K8s NetworkPolicies collected from the Node.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), }, }, }, }, }, - "appliedToGroups": { + "antreaClusterNetworkPolicies": { SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroups is a list of names of AppliedToGroups to which this policy applies. Cannot be set in conjunction with any NetworkPolicyRule.AppliedToGroups in Rules.", + Description: "The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node.", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), }, }, }, }, }, - "priority": { - SchemaProps: spec.SchemaProps{ - Description: "Priority represents the relative priority of this Network Policy as compared to other Network Policies. Priority will be unset (nil) for K8s NetworkPolicy.", - Type: []string{"number"}, - Format: "double", - }, - }, - "tierPriority": { - SchemaProps: spec.SchemaProps{ - Description: "TierPriority represents the priority of the Tier associated with this Network Policy. The TierPriority will remain nil for K8s NetworkPolicy.", - Type: []string{"integer"}, - Format: "int32", - }, - }, - "sourceRef": { + "antreaNetworkPolicies": { SchemaProps: spec.SchemaProps{ - Description: "Reference to the original NetworkPolicy that the internal NetworkPolicy is created for.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference"), + Description: "The TrafficStats of Antrea NetworkPolicies collected from the Node.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), + }, + }, + }, }, }, }, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyRule", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyList(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_PodReference(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyList is a list of NetworkPolicy objects.", + Description: "PodReference represents a Pod Reference.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "kind": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Description: "The name of this Pod.", Type: []string{"string"}, Format: "", }, }, - "apiVersion": { + "namespace": { SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Description: "The Namespace of this Pod.", Type: []string{"string"}, Format: "", }, }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), - }, - }, - "items": { - SchemaProps: spec.SchemaProps{ - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy"), - }, - }, - }, - }, - }, }, - Required: []string{"items"}, }, }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicy", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyNodeStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_Service(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyNodeStatus is the status of a NetworkPolicy on a Node.", + Description: "Service describes a port to allow traffic on.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "nodeName": { + "protocol": { SchemaProps: spec.SchemaProps{ - Description: "The name of the Node that produces the status.", + Description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", Type: []string{"string"}, Format: "", }, }, - "generation": { + "port": { SchemaProps: spec.SchemaProps{ - Description: "The generation realized by the Node.", + Description: "The port name or number on the given protocol. If not specified, this matches all port numbers.", + Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), + }, + }, + "endPort": { + SchemaProps: spec.SchemaProps{ + Description: "EndPort defines the end of the port range, being the end included within the range. It can only be specified when a numerical `port` is specified.", Type: []string{"integer"}, - Format: "int64", + Format: "int32", }, }, }, }, }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyPeer(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_controlplane_v1beta2_ServiceReference(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyPeer describes a peer of NetworkPolicyRules. It could be a list of names of AddressGroups and/or a list of IPBlock.", + Description: "ServiceReference represents reference to a v1.Service.", Type: []string{"object"}, Properties: map[string]spec.Schema{ - "addressGroups": { + "name": { SchemaProps: spec.SchemaProps{ - Description: "A list of names of AddressGroups.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, + Description: "The name of this Service.", + Type: []string{"string"}, + Format: "", }, }, - "ipBlocks": { + "namespace": { SchemaProps: spec.SchemaProps{ - Description: "A list of IPBlock.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock"), - }, - }, - }, + Description: "The Namespace of this Service.", + Type: []string{"string"}, + Format: "", }, }, }, }, }, - Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.IPBlock"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyReference(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_AgentCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ @@ -2672,174 +2601,201 @@ func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyReference(ref common.Refe Properties: map[string]spec.Schema{ "type": { SchemaProps: spec.SchemaProps{ - Description: "Type of the NetworkPolicy.", - Type: []string{"string"}, - Format: "", + Type: []string{"string"}, + Format: "", }, }, - "namespace": { + "status": { SchemaProps: spec.SchemaProps{ - Description: "Namespace of the NetworkPolicy. It's empty for Antrea ClusterNetworkPolicy.", + Description: "One of the AgentConditionType listed above", Type: []string{"string"}, Format: "", }, }, - "name": { + "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ - Description: "Name of the NetworkPolicy.", + Description: "Mark certain type status, one of True, False, Unknown", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "The timestamp when AntreaAgentInfo is created/updated, ideally heartbeat interval is 60s", Type: []string{"string"}, Format: "", }, }, - "uid": { + "message": { SchemaProps: spec.SchemaProps{ - Description: "UID of the NetworkPolicy.", + Description: "Brief reason", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"type", "status", "lastHeartbeatTime"}, }, }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyRule(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_AntreaAgentInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyRule describes a particular set of traffic that is allowed.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "direction": { + "kind": { SchemaProps: spec.SchemaProps{ - Description: "The direction of this rule. If it's set to In, From must be set and To must not be set. If it's set to Out, To must be set and From must not be set.", + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", Type: []string{"string"}, Format: "", }, }, - "from": { + "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "From represents sources which should be able to access the GroupMembers selected by the policy.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer"), + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", }, }, - "to": { + "metadata": { SchemaProps: spec.SchemaProps{ - Description: "To represents destinations which should be able to be accessed by the GroupMembers selected by the policy.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer"), + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "services": { + "version": { SchemaProps: spec.SchemaProps{ - Description: "Services is a list of services which should be matched.", + Type: []string{"string"}, + Format: "", + }, + }, + "podRef": { + SchemaProps: spec.SchemaProps{ + Description: "Antrea binary version", + Ref: ref("k8s.io/api/core/v1.ObjectReference"), + }, + }, + "nodeRef": { + SchemaProps: spec.SchemaProps{ + Description: "The Pod that Antrea Agent is running in", + Ref: ref("k8s.io/api/core/v1.ObjectReference"), + }, + }, + "nodeSubnets": { + SchemaProps: spec.SchemaProps{ + Description: "The Node that Antrea Agent is running in", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service"), + Type: []string{"string"}, + Format: "", }, }, }, }, }, - "priority": { + "ovsInfo": { SchemaProps: spec.SchemaProps{ - Description: "Priority defines the priority of the Rule as compared to other rules in the NetworkPolicy.", - Type: []string{"integer"}, - Format: "int32", + Description: "Node subnets", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.OVSInfo"), }, }, - "action": { + "networkPolicyControllerInfo": { SchemaProps: spec.SchemaProps{ - Description: "Action specifies the action to be applied on the rule. i.e. Allow/Drop. An empty action “nil” defaults to Allow action, which would be the case for rules created for K8s Network Policy.", - Type: []string{"string"}, - Format: "", + Description: "OVS Information", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo"), }, }, - "enableLogging": { + "localPodNum": { SchemaProps: spec.SchemaProps{ - Description: "EnableLogging indicates whether or not to generate logs when rules are matched. Default to false.", - Type: []string{"boolean"}, - Format: "", + Description: "Antrea Agent NetworkPolicy information", + Type: []string{"integer"}, + Format: "int32", }, }, - "appliedToGroups": { + "agentConditions": { SchemaProps: spec.SchemaProps{ - Description: "AppliedToGroups is a list of names of AppliedToGroups to which this rule applies. Cannot be set in conjunction with NetworkPolicy.AppliedToGroups of the NetworkPolicy that this Rule is referred to.", + Description: "The number of Pods which the agent is in charge of", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AgentCondition"), }, }, }, }, }, - "name": { + "apiPort": { SchemaProps: spec.SchemaProps{ - Description: "Name describes the intention of this rule. Name should be unique within the policy.", - Type: []string{"string"}, - Format: "", + Description: "Agent condition contains types like AgentHealthy", + Type: []string{"integer"}, + Format: "int32", }, }, }, - Required: []string{"enableLogging"}, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyPeer", "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.Service"}, + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AgentCondition", "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo", "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.OVSInfo", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStats(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_AntreaAgentInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyStats contains the information and traffic stats of a NetworkPolicy.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "networkPolicy": { + "kind": { SchemaProps: spec.SchemaProps{ - Description: "The reference of the NetworkPolicy.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference"), + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", }, }, - "trafficStats": { + "apiVersion": { SchemaProps: spec.SchemaProps{ - Description: "The stats of the NetworkPolicy.", - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats"), + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", }, }, - "ruleTrafficStats": { + "metadata": { SchemaProps: spec.SchemaProps{ - Description: "The stats of the NetworkPolicy rules. It's empty for K8s NetworkPolicies as they don't have rule name to identify a rule.", - Type: []string{"array"}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaAgentInfo"), }, }, }, }, }, }, + Required: []string{"items"}, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyReference", "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.RuleTrafficStats", "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1.TrafficStats"}, + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaAgentInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_AntreaControllerInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NetworkPolicyStatus is the status of a NetworkPolicy.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -2860,33 +2816,76 @@ func schema_pkg_apis_controlplane_v1beta2_NetworkPolicyStatus(ref common.Referen Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), }, }, - "nodes": { + "version": { SchemaProps: spec.SchemaProps{ - Description: "Nodes contains statuses produced on a list of Nodes.", + Type: []string{"string"}, + Format: "", + }, + }, + "podRef": { + SchemaProps: spec.SchemaProps{ + Description: "Antrea binary version", + Ref: ref("k8s.io/api/core/v1.ObjectReference"), + }, + }, + "nodeRef": { + SchemaProps: spec.SchemaProps{ + Description: "The Pod that Antrea Controller is running in", + Ref: ref("k8s.io/api/core/v1.ObjectReference"), + }, + }, + "serviceRef": { + SchemaProps: spec.SchemaProps{ + Description: "The Node that Antrea Controller is running in", + Ref: ref("k8s.io/api/core/v1.ObjectReference"), + }, + }, + "networkPolicyControllerInfo": { + SchemaProps: spec.SchemaProps{ + Description: "Antrea Controller Service", + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo"), + }, + }, + "connectedAgentNum": { + SchemaProps: spec.SchemaProps{ + Description: "Antrea Controller NetworkPolicy information", + Type: []string{"integer"}, + Format: "int32", + }, + }, + "controllerConditions": { + SchemaProps: spec.SchemaProps{ + Description: "Number of agents which are connected to this controller", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.ControllerCondition"), }, }, }, }, }, + "apiPort": { + SchemaProps: spec.SchemaProps{ + Description: "Controller condition contains types like ControllerHealthy", + Type: []string{"integer"}, + Format: "int32", + }, + }, }, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyNodeStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.ControllerCondition", "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo", "k8s.io/api/core/v1.ObjectReference", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_NodeStatsSummary(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_AntreaControllerInfoList(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "NodeStatsSummary contains stats produced on a Node. It's used by the antrea-agents to report stats to the antrea-controller.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ "kind": { SchemaProps: spec.SchemaProps{ @@ -2904,137 +2903,138 @@ func schema_pkg_apis_controlplane_v1beta2_NodeStatsSummary(ref common.ReferenceC }, "metadata": { SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "networkPolicies": { - SchemaProps: spec.SchemaProps{ - Description: "The TrafficStats of K8s NetworkPolicies collected from the Node.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), - }, - }, - }, - }, - }, - "antreaClusterNetworkPolicies": { - SchemaProps: spec.SchemaProps{ - Description: "The TrafficStats of Antrea ClusterNetworkPolicies collected from the Node.", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), - }, - }, - }, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), }, }, - "antreaNetworkPolicies": { + "items": { SchemaProps: spec.SchemaProps{ - Description: "The TrafficStats of Antrea NetworkPolicies collected from the Node.", - Type: []string{"array"}, + Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ SchemaProps: spec.SchemaProps{ - Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats"), + Ref: ref("github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfo"), }, }, }, }, }, }, + Required: []string{"items"}, }, }, Dependencies: []string{ - "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2.NetworkPolicyStats", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfo", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, } } -func schema_pkg_apis_controlplane_v1beta2_PodReference(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_ControllerCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "PodReference represents a Pod Reference.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "name": { + "type": { SchemaProps: spec.SchemaProps{ - Description: "The name of this Pod.", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "One of the ControllerConditionType listed above, controllerHealthy", Type: []string{"string"}, Format: "", }, }, - "namespace": { + "lastHeartbeatTime": { SchemaProps: spec.SchemaProps{ - Description: "The Namespace of this Pod.", + Description: "Mark certain type status, one of True, False, Unknown", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + "reason": { + SchemaProps: spec.SchemaProps{ + Description: "The timestamp when AntreaControllerInfo is created/updated, ideally heartbeat interval is 60s", + Type: []string{"string"}, + Format: "", + }, + }, + "message": { + SchemaProps: spec.SchemaProps{ + Description: "Brief reason", Type: []string{"string"}, Format: "", }, }, }, + Required: []string{"type", "status", "lastHeartbeatTime"}, }, }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, } } -func schema_pkg_apis_controlplane_v1beta2_Service(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_NetworkPolicyControllerInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "Service describes a port to allow traffic on.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "protocol": { + "networkPolicyNum": { SchemaProps: spec.SchemaProps{ - Description: "The protocol (TCP, UDP, or SCTP) which traffic must match. If not specified, this field defaults to TCP.", - Type: []string{"string"}, - Format: "", + Type: []string{"integer"}, + Format: "int32", }, }, - "port": { + "addressGroupNum": { SchemaProps: spec.SchemaProps{ - Description: "The port name or number on the given protocol. If not specified, this matches all port numbers.", - Ref: ref("k8s.io/apimachinery/pkg/util/intstr.IntOrString"), + Type: []string{"integer"}, + Format: "int32", }, }, - "endPort": { + "appliedToGroupNum": { SchemaProps: spec.SchemaProps{ - Description: "EndPort defines the end of the port range, being the end included within the range. It can only be specified when a numerical `port` is specified.", - Type: []string{"integer"}, - Format: "int32", + Type: []string{"integer"}, + Format: "int32", }, }, }, }, }, - Dependencies: []string{ - "k8s.io/apimachinery/pkg/util/intstr.IntOrString"}, } } -func schema_pkg_apis_controlplane_v1beta2_ServiceReference(ref common.ReferenceCallback) common.OpenAPIDefinition { +func schema_pkg_apis_crd_v1beta1_OVSInfo(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ SchemaProps: spec.SchemaProps{ - Description: "ServiceReference represents reference to a v1.Service.", - Type: []string{"object"}, + Type: []string{"object"}, Properties: map[string]spec.Schema{ - "name": { + "version": { SchemaProps: spec.SchemaProps{ - Description: "The name of this Service.", - Type: []string{"string"}, - Format: "", + Type: []string{"string"}, + Format: "", }, }, - "namespace": { + "bridgeName": { SchemaProps: spec.SchemaProps{ - Description: "The Namespace of this Service.", - Type: []string{"string"}, - Format: "", + Type: []string{"string"}, + Format: "", + }, + }, + "flowTable": { + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + AdditionalProperties: &spec.SchemaOrBool{ + Allows: true, + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"integer"}, + Format: "int32", + }, + }, + }, }, }, }, diff --git a/pkg/apiserver/registry/system/controllerinfo/rest.go b/pkg/apiserver/registry/system/controllerinfo/rest.go index d9d579e0ea7..9775d3f07a1 100644 --- a/pkg/apiserver/registry/system/controllerinfo/rest.go +++ b/pkg/apiserver/registry/system/controllerinfo/rest.go @@ -24,7 +24,7 @@ import ( "k8s.io/apimachinery/pkg/runtime" "k8s.io/apiserver/pkg/registry/rest" - clusterinfo "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" system "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1" "github.com/vmware-tanzu/antrea/pkg/controller/querier" ) @@ -49,12 +49,12 @@ func NewREST(querier querier.ControllerQuerier) *REST { } func (r *REST) New() runtime.Object { - return &clusterinfo.AntreaControllerInfo{} + return &crdv1beta1.AntreaControllerInfo{} } -func (r *REST) getControllerInfo() *clusterinfo.AntreaControllerInfo { +func (r *REST) getControllerInfo() *crdv1beta1.AntreaControllerInfo { // Now AntreaControllerInfo has a single instance. - info := new(clusterinfo.AntreaControllerInfo) + info := new(crdv1beta1.AntreaControllerInfo) r.controllerQuerier.GetControllerInfo(info, false) info.Name = ControllerInfoResourceName return info @@ -70,7 +70,7 @@ func (r *REST) Get(ctx context.Context, name string, options *metav1.GetOptions) } func (r *REST) NewList() runtime.Object { - return &clusterinfo.AntreaControllerInfoList{} + return &crdv1beta1.AntreaControllerInfoList{} } func (r *REST) List(ctx context.Context, options *internalversion.ListOptions) (runtime.Object, error) { @@ -78,7 +78,7 @@ func (r *REST) List(ctx context.Context, options *internalversion.ListOptions) ( if options != nil && options.LabelSelector != nil { labelSelector = options.LabelSelector } - list := new(clusterinfo.AntreaControllerInfoList) + list := new(crdv1beta1.AntreaControllerInfoList) item := r.getControllerInfo() if labelSelector.Matches(labels.Set(item.Labels)) { list.Items = append(list.Items, *item) diff --git a/pkg/apiserver/registry/system/controllerinfo/rest_test.go b/pkg/apiserver/registry/system/controllerinfo/rest_test.go index f477096ca34..c6950bc06b6 100644 --- a/pkg/apiserver/registry/system/controllerinfo/rest_test.go +++ b/pkg/apiserver/registry/system/controllerinfo/rest_test.go @@ -24,7 +24,7 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/runtime" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) type fakeControllerQuerier struct{} diff --git a/pkg/client/clientset/versioned/clientset.go b/pkg/client/clientset/versioned/clientset.go index 955fe053c50..3672232e676 100644 --- a/pkg/client/clientset/versioned/clientset.go +++ b/pkg/client/clientset/versioned/clientset.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,12 +19,11 @@ package versioned import ( "fmt" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1" controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta1" controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta2" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/core/v1alpha2" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/ops/v1alpha1" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha2" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1beta1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/stats/v1alpha1" systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/system/v1beta1" discovery "k8s.io/client-go/discovery" @@ -34,12 +33,11 @@ import ( type Interface interface { Discovery() discovery.DiscoveryInterface - ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface ControlplaneV1beta1() controlplanev1beta1.ControlplaneV1beta1Interface ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface - CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface - OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface - SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface + CrdV1alpha1() crdv1alpha1.CrdV1alpha1Interface + CrdV1alpha2() crdv1alpha2.CrdV1alpha2Interface + CrdV1beta1() crdv1beta1.CrdV1beta1Interface StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface SystemV1beta1() systemv1beta1.SystemV1beta1Interface } @@ -48,19 +46,13 @@ type Interface interface { // version included in a Clientset. type Clientset struct { *discovery.DiscoveryClient - clusterinformationV1beta1 *clusterinformationv1beta1.ClusterinformationV1beta1Client - controlplaneV1beta1 *controlplanev1beta1.ControlplaneV1beta1Client - controlplaneV1beta2 *controlplanev1beta2.ControlplaneV1beta2Client - coreV1alpha2 *corev1alpha2.CoreV1alpha2Client - opsV1alpha1 *opsv1alpha1.OpsV1alpha1Client - securityV1alpha1 *securityv1alpha1.SecurityV1alpha1Client - statsV1alpha1 *statsv1alpha1.StatsV1alpha1Client - systemV1beta1 *systemv1beta1.SystemV1beta1Client -} - -// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client -func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { - return c.clusterinformationV1beta1 + controlplaneV1beta1 *controlplanev1beta1.ControlplaneV1beta1Client + controlplaneV1beta2 *controlplanev1beta2.ControlplaneV1beta2Client + crdV1alpha1 *crdv1alpha1.CrdV1alpha1Client + crdV1alpha2 *crdv1alpha2.CrdV1alpha2Client + crdV1beta1 *crdv1beta1.CrdV1beta1Client + statsV1alpha1 *statsv1alpha1.StatsV1alpha1Client + systemV1beta1 *systemv1beta1.SystemV1beta1Client } // ControlplaneV1beta1 retrieves the ControlplaneV1beta1Client @@ -73,19 +65,19 @@ func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta return c.controlplaneV1beta2 } -// CoreV1alpha2 retrieves the CoreV1alpha2Client -func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { - return c.coreV1alpha2 +// CrdV1alpha1 retrieves the CrdV1alpha1Client +func (c *Clientset) CrdV1alpha1() crdv1alpha1.CrdV1alpha1Interface { + return c.crdV1alpha1 } -// OpsV1alpha1 retrieves the OpsV1alpha1Client -func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { - return c.opsV1alpha1 +// CrdV1alpha2 retrieves the CrdV1alpha2Client +func (c *Clientset) CrdV1alpha2() crdv1alpha2.CrdV1alpha2Interface { + return c.crdV1alpha2 } -// SecurityV1alpha1 retrieves the SecurityV1alpha1Client -func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { - return c.securityV1alpha1 +// CrdV1beta1 retrieves the CrdV1beta1Client +func (c *Clientset) CrdV1beta1() crdv1beta1.CrdV1beta1Interface { + return c.crdV1beta1 } // StatsV1alpha1 retrieves the StatsV1alpha1Client @@ -119,10 +111,6 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { } var cs Clientset var err error - cs.clusterinformationV1beta1, err = clusterinformationv1beta1.NewForConfig(&configShallowCopy) - if err != nil { - return nil, err - } cs.controlplaneV1beta1, err = controlplanev1beta1.NewForConfig(&configShallowCopy) if err != nil { return nil, err @@ -131,15 +119,15 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { if err != nil { return nil, err } - cs.coreV1alpha2, err = corev1alpha2.NewForConfig(&configShallowCopy) + cs.crdV1alpha1, err = crdv1alpha1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } - cs.opsV1alpha1, err = opsv1alpha1.NewForConfig(&configShallowCopy) + cs.crdV1alpha2, err = crdv1alpha2.NewForConfig(&configShallowCopy) if err != nil { return nil, err } - cs.securityV1alpha1, err = securityv1alpha1.NewForConfig(&configShallowCopy) + cs.crdV1beta1, err = crdv1beta1.NewForConfig(&configShallowCopy) if err != nil { return nil, err } @@ -163,12 +151,11 @@ func NewForConfig(c *rest.Config) (*Clientset, error) { // panics if there is an error in the config. func NewForConfigOrDie(c *rest.Config) *Clientset { var cs Clientset - cs.clusterinformationV1beta1 = clusterinformationv1beta1.NewForConfigOrDie(c) cs.controlplaneV1beta1 = controlplanev1beta1.NewForConfigOrDie(c) cs.controlplaneV1beta2 = controlplanev1beta2.NewForConfigOrDie(c) - cs.coreV1alpha2 = corev1alpha2.NewForConfigOrDie(c) - cs.opsV1alpha1 = opsv1alpha1.NewForConfigOrDie(c) - cs.securityV1alpha1 = securityv1alpha1.NewForConfigOrDie(c) + cs.crdV1alpha1 = crdv1alpha1.NewForConfigOrDie(c) + cs.crdV1alpha2 = crdv1alpha2.NewForConfigOrDie(c) + cs.crdV1beta1 = crdv1beta1.NewForConfigOrDie(c) cs.statsV1alpha1 = statsv1alpha1.NewForConfigOrDie(c) cs.systemV1beta1 = systemv1beta1.NewForConfigOrDie(c) @@ -179,12 +166,11 @@ func NewForConfigOrDie(c *rest.Config) *Clientset { // New creates a new Clientset for the given RESTClient. func New(c rest.Interface) *Clientset { var cs Clientset - cs.clusterinformationV1beta1 = clusterinformationv1beta1.New(c) cs.controlplaneV1beta1 = controlplanev1beta1.New(c) cs.controlplaneV1beta2 = controlplanev1beta2.New(c) - cs.coreV1alpha2 = corev1alpha2.New(c) - cs.opsV1alpha1 = opsv1alpha1.New(c) - cs.securityV1alpha1 = securityv1alpha1.New(c) + cs.crdV1alpha1 = crdv1alpha1.New(c) + cs.crdV1alpha2 = crdv1alpha2.New(c) + cs.crdV1beta1 = crdv1beta1.New(c) cs.statsV1alpha1 = statsv1alpha1.New(c) cs.systemV1beta1 = systemv1beta1.New(c) diff --git a/pkg/client/clientset/versioned/doc.go b/pkg/client/clientset/versioned/doc.go index 581411f0bf1..03053156dc6 100644 --- a/pkg/client/clientset/versioned/doc.go +++ b/pkg/client/clientset/versioned/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/fake/clientset_generated.go b/pkg/client/clientset/versioned/fake/clientset_generated.go index 35c9e010cc1..86bc24d3276 100644 --- a/pkg/client/clientset/versioned/fake/clientset_generated.go +++ b/pkg/client/clientset/versioned/fake/clientset_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -18,18 +18,16 @@ package fake import ( clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1" - fakeclusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake" controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta1" fakecontrolplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake" controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta2" fakecontrolplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/core/v1alpha2" - fakecorev1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/core/v1alpha2/fake" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/ops/v1alpha1" - fakeopsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/security/v1alpha1" - fakesecurityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/security/v1alpha1/fake" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" + fakecrdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha2" + fakecrdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1beta1" + fakecrdv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1beta1/fake" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/stats/v1alpha1" fakestatsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake" systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/system/v1beta1" @@ -88,11 +86,6 @@ func (c *Clientset) Tracker() testing.ObjectTracker { var _ clientset.Interface = &Clientset{} -// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client -func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { - return &fakeclusterinformationv1beta1.FakeClusterinformationV1beta1{Fake: &c.Fake} -} - // ControlplaneV1beta1 retrieves the ControlplaneV1beta1Client func (c *Clientset) ControlplaneV1beta1() controlplanev1beta1.ControlplaneV1beta1Interface { return &fakecontrolplanev1beta1.FakeControlplaneV1beta1{Fake: &c.Fake} @@ -103,19 +96,19 @@ func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta return &fakecontrolplanev1beta2.FakeControlplaneV1beta2{Fake: &c.Fake} } -// CoreV1alpha2 retrieves the CoreV1alpha2Client -func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { - return &fakecorev1alpha2.FakeCoreV1alpha2{Fake: &c.Fake} +// CrdV1alpha1 retrieves the CrdV1alpha1Client +func (c *Clientset) CrdV1alpha1() crdv1alpha1.CrdV1alpha1Interface { + return &fakecrdv1alpha1.FakeCrdV1alpha1{Fake: &c.Fake} } -// OpsV1alpha1 retrieves the OpsV1alpha1Client -func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { - return &fakeopsv1alpha1.FakeOpsV1alpha1{Fake: &c.Fake} +// CrdV1alpha2 retrieves the CrdV1alpha2Client +func (c *Clientset) CrdV1alpha2() crdv1alpha2.CrdV1alpha2Interface { + return &fakecrdv1alpha2.FakeCrdV1alpha2{Fake: &c.Fake} } -// SecurityV1alpha1 retrieves the SecurityV1alpha1Client -func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { - return &fakesecurityv1alpha1.FakeSecurityV1alpha1{Fake: &c.Fake} +// CrdV1beta1 retrieves the CrdV1beta1Client +func (c *Clientset) CrdV1beta1() crdv1beta1.CrdV1beta1Interface { + return &fakecrdv1beta1.FakeCrdV1beta1{Fake: &c.Fake} } // StatsV1alpha1 retrieves the StatsV1alpha1Client diff --git a/pkg/client/clientset/versioned/fake/doc.go b/pkg/client/clientset/versioned/fake/doc.go index 6e37b57ba94..86d0cd17555 100644 --- a/pkg/client/clientset/versioned/fake/doc.go +++ b/pkg/client/clientset/versioned/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/fake/register.go b/pkg/client/clientset/versioned/fake/register.go index d209f5a2eb5..f1bab9f378a 100644 --- a/pkg/client/clientset/versioned/fake/register.go +++ b/pkg/client/clientset/versioned/fake/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,12 +17,11 @@ package fake import ( - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1" controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,12 +35,11 @@ var scheme = runtime.NewScheme() var codecs = serializer.NewCodecFactory(scheme) var parameterCodec = runtime.NewParameterCodec(scheme) var localSchemeBuilder = runtime.SchemeBuilder{ - clusterinformationv1beta1.AddToScheme, controlplanev1beta1.AddToScheme, controlplanev1beta2.AddToScheme, - corev1alpha2.AddToScheme, - opsv1alpha1.AddToScheme, - securityv1alpha1.AddToScheme, + crdv1alpha1.AddToScheme, + crdv1alpha2.AddToScheme, + crdv1beta1.AddToScheme, statsv1alpha1.AddToScheme, systemv1beta1.AddToScheme, } diff --git a/pkg/client/clientset/versioned/scheme/doc.go b/pkg/client/clientset/versioned/scheme/doc.go index b406e00edcc..766321fd9cd 100644 --- a/pkg/client/clientset/versioned/scheme/doc.go +++ b/pkg/client/clientset/versioned/scheme/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/scheme/register.go b/pkg/client/clientset/versioned/scheme/register.go index a1c5055a5ed..bba7f287545 100644 --- a/pkg/client/clientset/versioned/scheme/register.go +++ b/pkg/client/clientset/versioned/scheme/register.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,12 +17,11 @@ package scheme import ( - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta1" controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -36,12 +35,11 @@ var Scheme = runtime.NewScheme() var Codecs = serializer.NewCodecFactory(Scheme) var ParameterCodec = runtime.NewParameterCodec(Scheme) var localSchemeBuilder = runtime.SchemeBuilder{ - clusterinformationv1beta1.AddToScheme, controlplanev1beta1.AddToScheme, controlplanev1beta2.AddToScheme, - corev1alpha2.AddToScheme, - opsv1alpha1.AddToScheme, - securityv1alpha1.AddToScheme, + crdv1alpha1.AddToScheme, + crdv1alpha2.AddToScheme, + crdv1beta1.AddToScheme, statsv1alpha1.AddToScheme, systemv1beta1.AddToScheme, } diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/addressgroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/addressgroup.go index 2f385064b2d..24f055d98ff 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/addressgroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/addressgroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/appliedtogroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/appliedtogroup.go index ec313b62a77..6f62818930c 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/appliedtogroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/appliedtogroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go index 6dea05badc0..efde1bbc2ce 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,7 +30,7 @@ type ControlplaneV1beta1Interface interface { NodeStatsSummariesGetter } -// ControlplaneV1beta1Client is used to interact with features provided by the controlplane.antrea.tanzu.vmware.com group. +// ControlplaneV1beta1Client is used to interact with features provided by the controlplane.antrea.io group. type ControlplaneV1beta1Client struct { restClient rest.Interface } diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/doc.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/doc.go index 60252f295fa..c41ac51a831 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/doc.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_addressgroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_addressgroup.go index 5f7730749cd..19e5af3d88e 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_addressgroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_addressgroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeAddressGroups struct { Fake *FakeControlplaneV1beta1 } -var addressgroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "addressgroups"} +var addressgroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta1", Resource: "addressgroups"} -var addressgroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "AddressGroup"} +var addressgroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta1", Kind: "AddressGroup"} // Get takes name of the addressGroup, and returns the corresponding addressGroup object, and an error if there is any. func (c *FakeAddressGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AddressGroup, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_appliedtogroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_appliedtogroup.go index 98e431b2eca..c60521ea721 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_appliedtogroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_appliedtogroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeAppliedToGroups struct { Fake *FakeControlplaneV1beta1 } -var appliedtogroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "appliedtogroups"} +var appliedtogroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta1", Resource: "appliedtogroups"} -var appliedtogroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "AppliedToGroup"} +var appliedtogroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta1", Kind: "AppliedToGroup"} // Get takes name of the appliedToGroup, and returns the corresponding appliedToGroup object, and an error if there is any. func (c *FakeAppliedToGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AppliedToGroup, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go index 001bf1c10fc..0a15549178d 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_networkpolicy.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_networkpolicy.go index 95237367bf0..b545425a9ec 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_networkpolicy.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -33,9 +33,9 @@ type FakeNetworkPolicies struct { ns string } -var networkpoliciesResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "networkpolicies"} +var networkpoliciesResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta1", Resource: "networkpolicies"} -var networkpoliciesKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "NetworkPolicy"} +var networkpoliciesKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta1", Kind: "NetworkPolicy"} // Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. func (c *FakeNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.NetworkPolicy, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_nodestatssummary.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_nodestatssummary.go index 8046fa58181..7af20ca39b0 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_nodestatssummary.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/fake/fake_nodestatssummary.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,9 +30,9 @@ type FakeNodeStatsSummaries struct { Fake *FakeControlplaneV1beta1 } -var nodestatssummariesResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "nodestatssummaries"} +var nodestatssummariesResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta1", Resource: "nodestatssummaries"} -var nodestatssummariesKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "NodeStatsSummary"} +var nodestatssummariesKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta1", Kind: "NodeStatsSummary"} // Create takes the representation of a nodeStatsSummary and creates it. Returns the server's representation of the nodeStatsSummary, and an error, if there is any. func (c *FakeNodeStatsSummaries) Create(ctx context.Context, nodeStatsSummary *v1beta1.NodeStatsSummary, opts v1.CreateOptions) (result *v1beta1.NodeStatsSummary, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go index 49b5c2bdcc9..3ab562fa11f 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/networkpolicy.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/networkpolicy.go index f5a47610117..245f5c43b0a 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/networkpolicy.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/nodestatssummary.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/nodestatssummary.go index cf4f87874df..8ce6bf01e89 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta1/nodestatssummary.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta1/nodestatssummary.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/addressgroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/addressgroup.go index 311e99be5d1..94973cb3226 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/addressgroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/addressgroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/appliedtogroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/appliedtogroup.go index f7dd062f26a..ac7e9f42444 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/appliedtogroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/appliedtogroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go index c7958fab424..69181ef1291 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go @@ -30,7 +30,7 @@ type ControlplaneV1beta2Interface interface { NodeStatsSummariesGetter } -// ControlplaneV1beta2Client is used to interact with features provided by the controlplane.antrea.tanzu.vmware.com group. +// ControlplaneV1beta2Client is used to interact with features provided by the controlplane.antrea.io group. type ControlplaneV1beta2Client struct { restClient rest.Interface } diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/doc.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/doc.go index c2d6f8917e2..09fba3d1c4d 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/doc.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_addressgroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_addressgroup.go index ae0f574f0d4..638ce9f7f45 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_addressgroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_addressgroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeAddressGroups struct { Fake *FakeControlplaneV1beta2 } -var addressgroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Resource: "addressgroups"} +var addressgroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta2", Resource: "addressgroups"} -var addressgroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Kind: "AddressGroup"} +var addressgroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta2", Kind: "AddressGroup"} // Get takes name of the addressGroup, and returns the corresponding addressGroup object, and an error if there is any. func (c *FakeAddressGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta2.AddressGroup, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_appliedtogroup.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_appliedtogroup.go index aed4b1c81b0..99b59018a69 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_appliedtogroup.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_appliedtogroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeAppliedToGroups struct { Fake *FakeControlplaneV1beta2 } -var appliedtogroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Resource: "appliedtogroups"} +var appliedtogroupsResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta2", Resource: "appliedtogroups"} -var appliedtogroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Kind: "AppliedToGroup"} +var appliedtogroupsKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta2", Kind: "AppliedToGroup"} // Get takes name of the appliedToGroup, and returns the corresponding appliedToGroup object, and an error if there is any. func (c *FakeAppliedToGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta2.AppliedToGroup, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy.go index 952992e448e..867ddcecd31 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeNetworkPolicies struct { Fake *FakeControlplaneV1beta2 } -var networkpoliciesResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Resource: "networkpolicies"} +var networkpoliciesResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta2", Resource: "networkpolicies"} -var networkpoliciesKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Kind: "NetworkPolicy"} +var networkpoliciesKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta2", Kind: "NetworkPolicy"} // Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. func (c *FakeNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta2.NetworkPolicy, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy_expansion.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy_expansion.go index a111b497f29..6928e53f47f 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy_expansion.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_networkpolicy_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_nodestatssummary.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_nodestatssummary.go index 86cac95eeea..cfd6a17c6e2 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_nodestatssummary.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/fake/fake_nodestatssummary.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,9 +30,9 @@ type FakeNodeStatsSummaries struct { Fake *FakeControlplaneV1beta2 } -var nodestatssummariesResource = schema.GroupVersionResource{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Resource: "nodestatssummaries"} +var nodestatssummariesResource = schema.GroupVersionResource{Group: "controlplane.antrea.io", Version: "v1beta2", Resource: "nodestatssummaries"} -var nodestatssummariesKind = schema.GroupVersionKind{Group: "controlplane.antrea.tanzu.vmware.com", Version: "v1beta2", Kind: "NodeStatsSummary"} +var nodestatssummariesKind = schema.GroupVersionKind{Group: "controlplane.antrea.io", Version: "v1beta2", Kind: "NodeStatsSummary"} // Create takes the representation of a nodeStatsSummary and creates it. Returns the server's representation of the nodeStatsSummary, and an error, if there is any. func (c *FakeNodeStatsSummaries) Create(ctx context.Context, nodeStatsSummary *v1beta2.NodeStatsSummary, opts v1.CreateOptions) (result *v1beta2.NodeStatsSummary, err error) { diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy.go index cb631bcf967..deb60c7052a 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy_expansion.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy_expansion.go index c86d4185c5a..5bc04dc7be5 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy_expansion.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/networkpolicy_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/nodestatssummary.go b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/nodestatssummary.go index f4cd4a4fcbc..4ac20e6dcf4 100644 --- a/pkg/client/clientset/versioned/typed/controlplane/v1beta2/nodestatssummary.go +++ b/pkg/client/clientset/versioned/typed/controlplane/v1beta2/nodestatssummary.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/clusternetworkpolicy.go similarity index 97% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/clusternetworkpolicy.go index 27dc4e59524..e9202d0141e 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/clusternetworkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -54,7 +54,7 @@ type clusterNetworkPolicies struct { } // newClusterNetworkPolicies returns a ClusterNetworkPolicies -func newClusterNetworkPolicies(c *SecurityV1alpha1Client) *clusterNetworkPolicies { +func newClusterNetworkPolicies(c *CrdV1alpha1Client) *clusterNetworkPolicies { return &clusterNetworkPolicies{ client: c.RESTClient(), } diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/crd_client.go new file mode 100644 index 00000000000..ffaf5ec6150 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/crd_client.go @@ -0,0 +1,102 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type CrdV1alpha1Interface interface { + RESTClient() rest.Interface + ClusterNetworkPoliciesGetter + NetworkPoliciesGetter + TiersGetter + TraceflowsGetter +} + +// CrdV1alpha1Client is used to interact with features provided by the crd.antrea.io group. +type CrdV1alpha1Client struct { + restClient rest.Interface +} + +func (c *CrdV1alpha1Client) ClusterNetworkPolicies() ClusterNetworkPolicyInterface { + return newClusterNetworkPolicies(c) +} + +func (c *CrdV1alpha1Client) NetworkPolicies(namespace string) NetworkPolicyInterface { + return newNetworkPolicies(c, namespace) +} + +func (c *CrdV1alpha1Client) Tiers() TierInterface { + return newTiers(c) +} + +func (c *CrdV1alpha1Client) Traceflows() TraceflowInterface { + return newTraceflows(c) +} + +// NewForConfig creates a new CrdV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*CrdV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &CrdV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new CrdV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *CrdV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new CrdV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *CrdV1alpha1Client { + return &CrdV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *CrdV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/doc.go index 16e4506b415..a66b4592246 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/doc.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/fake/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_clusternetworkpolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_clusternetworkpolicy.go new file mode 100644 index 00000000000..adde0feb1e5 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_clusternetworkpolicy.go @@ -0,0 +1,131 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterNetworkPolicies implements ClusterNetworkPolicyInterface +type FakeClusterNetworkPolicies struct { + Fake *FakeCrdV1alpha1 +} + +var clusternetworkpoliciesResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha1", Resource: "clusternetworkpolicies"} + +var clusternetworkpoliciesKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha1", Kind: "ClusterNetworkPolicy"} + +// Get takes name of the clusterNetworkPolicy, and returns the corresponding clusterNetworkPolicy object, and an error if there is any. +func (c *FakeClusterNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(clusternetworkpoliciesResource, name), &v1alpha1.ClusterNetworkPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterNetworkPolicy), err +} + +// List takes label and field selectors, and returns the list of ClusterNetworkPolicies that match those selectors. +func (c *FakeClusterNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterNetworkPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(clusternetworkpoliciesResource, clusternetworkpoliciesKind, opts), &v1alpha1.ClusterNetworkPolicyList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.ClusterNetworkPolicyList{ListMeta: obj.(*v1alpha1.ClusterNetworkPolicyList).ListMeta} + for _, item := range obj.(*v1alpha1.ClusterNetworkPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterNetworkPolicies. +func (c *FakeClusterNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(clusternetworkpoliciesResource, opts)) +} + +// Create takes the representation of a clusterNetworkPolicy and creates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. +func (c *FakeClusterNetworkPolicies) Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(clusternetworkpoliciesResource, clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterNetworkPolicy), err +} + +// Update takes the representation of a clusterNetworkPolicy and updates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. +func (c *FakeClusterNetworkPolicies) Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(clusternetworkpoliciesResource, clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterNetworkPolicy), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterNetworkPolicies) UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(clusternetworkpoliciesResource, "status", clusterNetworkPolicy), &v1alpha1.ClusterNetworkPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterNetworkPolicy), err +} + +// Delete takes name of the clusterNetworkPolicy and deletes it. Returns an error if one occurs. +func (c *FakeClusterNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(clusternetworkpoliciesResource, name), &v1alpha1.ClusterNetworkPolicy{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(clusternetworkpoliciesResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.ClusterNetworkPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched clusterNetworkPolicy. +func (c *FakeClusterNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(clusternetworkpoliciesResource, name, pt, data, subresources...), &v1alpha1.ClusterNetworkPolicy{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.ClusterNetworkPolicy), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_crd_client.go new file mode 100644 index 00000000000..2f73f176ae4 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_crd_client.go @@ -0,0 +1,50 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeCrdV1alpha1 struct { + *testing.Fake +} + +func (c *FakeCrdV1alpha1) ClusterNetworkPolicies() v1alpha1.ClusterNetworkPolicyInterface { + return &FakeClusterNetworkPolicies{c} +} + +func (c *FakeCrdV1alpha1) NetworkPolicies(namespace string) v1alpha1.NetworkPolicyInterface { + return &FakeNetworkPolicies{c, namespace} +} + +func (c *FakeCrdV1alpha1) Tiers() v1alpha1.TierInterface { + return &FakeTiers{c} +} + +func (c *FakeCrdV1alpha1) Traceflows() v1alpha1.TraceflowInterface { + return &FakeTraceflows{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeCrdV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_networkpolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_networkpolicy.go new file mode 100644 index 00000000000..539387aa3e0 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_networkpolicy.go @@ -0,0 +1,140 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeNetworkPolicies implements NetworkPolicyInterface +type FakeNetworkPolicies struct { + Fake *FakeCrdV1alpha1 + ns string +} + +var networkpoliciesResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha1", Resource: "networkpolicies"} + +var networkpoliciesKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha1", Kind: "NetworkPolicy"} + +// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. +func (c *FakeNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(networkpoliciesResource, c.ns, name), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. +func (c *FakeNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(networkpoliciesResource, networkpoliciesKind, c.ns, opts), &v1alpha1.NetworkPolicyList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.NetworkPolicyList{ListMeta: obj.(*v1alpha1.NetworkPolicyList).ListMeta} + for _, item := range obj.(*v1alpha1.NetworkPolicyList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested networkPolicies. +func (c *FakeNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(networkpoliciesResource, c.ns, opts)) + +} + +// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *FakeNetworkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *FakeNetworkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(networkpoliciesResource, c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeNetworkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(networkpoliciesResource, "status", c.ns, networkPolicy), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} + +// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. +func (c *FakeNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(networkpoliciesResource, c.ns, name), &v1alpha1.NetworkPolicy{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(networkpoliciesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.NetworkPolicyList{}) + return err +} + +// Patch applies the patch and returns the patched networkPolicy. +func (c *FakeNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(networkpoliciesResource, c.ns, name, pt, data, subresources...), &v1alpha1.NetworkPolicy{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.NetworkPolicy), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_tier.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_tier.go new file mode 100644 index 00000000000..796dcbd3f2a --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_tier.go @@ -0,0 +1,120 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeTiers implements TierInterface +type FakeTiers struct { + Fake *FakeCrdV1alpha1 +} + +var tiersResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha1", Resource: "tiers"} + +var tiersKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha1", Kind: "Tier"} + +// Get takes name of the tier, and returns the corresponding tier object, and an error if there is any. +func (c *FakeTiers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Tier, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(tiersResource, name), &v1alpha1.Tier{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Tier), err +} + +// List takes label and field selectors, and returns the list of Tiers that match those selectors. +func (c *FakeTiers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TierList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(tiersResource, tiersKind, opts), &v1alpha1.TierList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.TierList{ListMeta: obj.(*v1alpha1.TierList).ListMeta} + for _, item := range obj.(*v1alpha1.TierList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested tiers. +func (c *FakeTiers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(tiersResource, opts)) +} + +// Create takes the representation of a tier and creates it. Returns the server's representation of the tier, and an error, if there is any. +func (c *FakeTiers) Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (result *v1alpha1.Tier, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(tiersResource, tier), &v1alpha1.Tier{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Tier), err +} + +// Update takes the representation of a tier and updates it. Returns the server's representation of the tier, and an error, if there is any. +func (c *FakeTiers) Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (result *v1alpha1.Tier, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(tiersResource, tier), &v1alpha1.Tier{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Tier), err +} + +// Delete takes name of the tier and deletes it. Returns an error if one occurs. +func (c *FakeTiers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(tiersResource, name), &v1alpha1.Tier{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeTiers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(tiersResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.TierList{}) + return err +} + +// Patch applies the patch and returns the patched tier. +func (c *FakeTiers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(tiersResource, name, pt, data, subresources...), &v1alpha1.Tier{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Tier), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_traceflow.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_traceflow.go new file mode 100644 index 00000000000..449b794deb1 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/fake/fake_traceflow.go @@ -0,0 +1,131 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeTraceflows implements TraceflowInterface +type FakeTraceflows struct { + Fake *FakeCrdV1alpha1 +} + +var traceflowsResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha1", Resource: "traceflows"} + +var traceflowsKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha1", Kind: "Traceflow"} + +// Get takes name of the traceflow, and returns the corresponding traceflow object, and an error if there is any. +func (c *FakeTraceflows) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Traceflow, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(traceflowsResource, name), &v1alpha1.Traceflow{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Traceflow), err +} + +// List takes label and field selectors, and returns the list of Traceflows that match those selectors. +func (c *FakeTraceflows) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TraceflowList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(traceflowsResource, traceflowsKind, opts), &v1alpha1.TraceflowList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha1.TraceflowList{ListMeta: obj.(*v1alpha1.TraceflowList).ListMeta} + for _, item := range obj.(*v1alpha1.TraceflowList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested traceflows. +func (c *FakeTraceflows) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(traceflowsResource, opts)) +} + +// Create takes the representation of a traceflow and creates it. Returns the server's representation of the traceflow, and an error, if there is any. +func (c *FakeTraceflows) Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (result *v1alpha1.Traceflow, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(traceflowsResource, traceflow), &v1alpha1.Traceflow{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Traceflow), err +} + +// Update takes the representation of a traceflow and updates it. Returns the server's representation of the traceflow, and an error, if there is any. +func (c *FakeTraceflows) Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(traceflowsResource, traceflow), &v1alpha1.Traceflow{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Traceflow), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeTraceflows) UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(traceflowsResource, "status", traceflow), &v1alpha1.Traceflow{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Traceflow), err +} + +// Delete takes name of the traceflow and deletes it. Returns an error if one occurs. +func (c *FakeTraceflows) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(traceflowsResource, name), &v1alpha1.Traceflow{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeTraceflows) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(traceflowsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha1.TraceflowList{}) + return err +} + +// Patch applies the patch and returns the patched traceflow. +func (c *FakeTraceflows) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(traceflowsResource, name, pt, data, subresources...), &v1alpha1.Traceflow{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha1.Traceflow), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/generated_expansion.go new file mode 100644 index 00000000000..fca2d30a747 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/generated_expansion.go @@ -0,0 +1,25 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +type ClusterNetworkPolicyExpansion interface{} + +type NetworkPolicyExpansion interface{} + +type TierExpansion interface{} + +type TraceflowExpansion interface{} diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/networkpolicy.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/networkpolicy.go similarity index 97% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/networkpolicy.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/networkpolicy.go index 56e046140f1..7e3b8e7a585 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/networkpolicy.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -55,7 +55,7 @@ type networkPolicies struct { } // newNetworkPolicies returns a NetworkPolicies -func newNetworkPolicies(c *SecurityV1alpha1Client, namespace string) *networkPolicies { +func newNetworkPolicies(c *CrdV1alpha1Client, namespace string) *networkPolicies { return &networkPolicies{ client: c.RESTClient(), ns: namespace, diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/tier.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/tier.go similarity index 97% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/tier.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/tier.go index d161af19c46..14178f8fbf3 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/tier.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/tier.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -53,7 +53,7 @@ type tiers struct { } // newTiers returns a Tiers -func newTiers(c *SecurityV1alpha1Client) *tiers { +func newTiers(c *CrdV1alpha1Client) *tiers { return &tiers{ client: c.RESTClient(), } diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/traceflow.go b/pkg/client/clientset/versioned/typed/crd/v1alpha1/traceflow.go similarity index 97% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/traceflow.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha1/traceflow.go index 8a5728496d4..794e7fe35be 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/traceflow.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha1/traceflow.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -54,7 +54,7 @@ type traceflows struct { } // newTraceflows returns a Traceflows -func newTraceflows(c *OpsV1alpha1Client) *traceflows { +func newTraceflows(c *CrdV1alpha1Client) *traceflows { return &traceflows{ client: c.RESTClient(), } diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/clustergroup.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/clustergroup.go similarity index 98% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/clustergroup.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha2/clustergroup.go index 16fb85a87ec..bce1175cf78 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/clustergroup.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/clustergroup.go @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -54,7 +54,7 @@ type clusterGroups struct { } // newClusterGroups returns a ClusterGroups -func newClusterGroups(c *CoreV1alpha2Client) *clusterGroups { +func newClusterGroups(c *CrdV1alpha2Client) *clusterGroups { return &clusterGroups{ client: c.RESTClient(), } diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go new file mode 100644 index 00000000000..6858cc816ec --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/crd_client.go @@ -0,0 +1,92 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type CrdV1alpha2Interface interface { + RESTClient() rest.Interface + ClusterGroupsGetter + ExternalEntitiesGetter +} + +// CrdV1alpha2Client is used to interact with features provided by the crd.antrea.io group. +type CrdV1alpha2Client struct { + restClient rest.Interface +} + +func (c *CrdV1alpha2Client) ClusterGroups() ClusterGroupInterface { + return newClusterGroups(c) +} + +func (c *CrdV1alpha2Client) ExternalEntities(namespace string) ExternalEntityInterface { + return newExternalEntities(c, namespace) +} + +// NewForConfig creates a new CrdV1alpha2Client for the given config. +func NewForConfig(c *rest.Config) (*CrdV1alpha2Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &CrdV1alpha2Client{client}, nil +} + +// NewForConfigOrDie creates a new CrdV1alpha2Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *CrdV1alpha2Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new CrdV1alpha2Client for the given RESTClient. +func New(c rest.Interface) *CrdV1alpha2Client { + return &CrdV1alpha2Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha2.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *CrdV1alpha2Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/doc.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha2/doc.go index 10499e4f2b3..bf83a89a24f 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/externalentity.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/externalentity.go similarity index 97% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/externalentity.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha2/externalentity.go index a9d08939c66..096dc207acc 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/externalentity.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/externalentity.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -54,7 +54,7 @@ type externalEntities struct { } // newExternalEntities returns a ExternalEntities -func newExternalEntities(c *CoreV1alpha2Client, namespace string) *externalEntities { +func newExternalEntities(c *CrdV1alpha2Client, namespace string) *externalEntities { return &externalEntities{ client: c.RESTClient(), ns: namespace, diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_clustergroup.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_clustergroup.go new file mode 100644 index 00000000000..1487e0d8468 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_clustergroup.go @@ -0,0 +1,131 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterGroups implements ClusterGroupInterface +type FakeClusterGroups struct { + Fake *FakeCrdV1alpha2 +} + +var clustergroupsResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha2", Resource: "clustergroups"} + +var clustergroupsKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha2", Kind: "ClusterGroup"} + +// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. +func (c *FakeClusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(clustergroupsResource, name), &v1alpha2.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ClusterGroup), err +} + +// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. +func (c *FakeClusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterGroupList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(clustergroupsResource, clustergroupsKind, opts), &v1alpha2.ClusterGroupList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha2.ClusterGroupList{ListMeta: obj.(*v1alpha2.ClusterGroupList).ListMeta} + for _, item := range obj.(*v1alpha2.ClusterGroupList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterGroups. +func (c *FakeClusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(clustergroupsResource, opts)) +} + +// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *FakeClusterGroups) Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (result *v1alpha2.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(clustergroupsResource, clusterGroup), &v1alpha2.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ClusterGroup), err +} + +// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *FakeClusterGroups) Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(clustergroupsResource, clusterGroup), &v1alpha2.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ClusterGroup), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(clustergroupsResource, "status", clusterGroup), &v1alpha2.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ClusterGroup), err +} + +// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. +func (c *FakeClusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(clustergroupsResource, name), &v1alpha2.ClusterGroup{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(clustergroupsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha2.ClusterGroupList{}) + return err +} + +// Patch applies the patch and returns the patched clusterGroup. +func (c *FakeClusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(clustergroupsResource, name, pt, data, subresources...), &v1alpha2.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ClusterGroup), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go new file mode 100644 index 00000000000..2be5c124820 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_crd_client.go @@ -0,0 +1,42 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1alpha2" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeCrdV1alpha2 struct { + *testing.Fake +} + +func (c *FakeCrdV1alpha2) ClusterGroups() v1alpha2.ClusterGroupInterface { + return &FakeClusterGroups{c} +} + +func (c *FakeCrdV1alpha2) ExternalEntities(namespace string) v1alpha2.ExternalEntityInterface { + return &FakeExternalEntities{c, namespace} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeCrdV1alpha2) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_externalentity.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_externalentity.go new file mode 100644 index 00000000000..4214c607f46 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/fake/fake_externalentity.go @@ -0,0 +1,128 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeExternalEntities implements ExternalEntityInterface +type FakeExternalEntities struct { + Fake *FakeCrdV1alpha2 + ns string +} + +var externalentitiesResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1alpha2", Resource: "externalentities"} + +var externalentitiesKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1alpha2", Kind: "ExternalEntity"} + +// Get takes name of the externalEntity, and returns the corresponding externalEntity object, and an error if there is any. +func (c *FakeExternalEntities) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ExternalEntity, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(externalentitiesResource, c.ns, name), &v1alpha2.ExternalEntity{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ExternalEntity), err +} + +// List takes label and field selectors, and returns the list of ExternalEntities that match those selectors. +func (c *FakeExternalEntities) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ExternalEntityList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(externalentitiesResource, externalentitiesKind, c.ns, opts), &v1alpha2.ExternalEntityList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1alpha2.ExternalEntityList{ListMeta: obj.(*v1alpha2.ExternalEntityList).ListMeta} + for _, item := range obj.(*v1alpha2.ExternalEntityList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested externalEntities. +func (c *FakeExternalEntities) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(externalentitiesResource, c.ns, opts)) + +} + +// Create takes the representation of a externalEntity and creates it. Returns the server's representation of the externalEntity, and an error, if there is any. +func (c *FakeExternalEntities) Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (result *v1alpha2.ExternalEntity, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(externalentitiesResource, c.ns, externalEntity), &v1alpha2.ExternalEntity{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ExternalEntity), err +} + +// Update takes the representation of a externalEntity and updates it. Returns the server's representation of the externalEntity, and an error, if there is any. +func (c *FakeExternalEntities) Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (result *v1alpha2.ExternalEntity, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(externalentitiesResource, c.ns, externalEntity), &v1alpha2.ExternalEntity{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ExternalEntity), err +} + +// Delete takes name of the externalEntity and deletes it. Returns an error if one occurs. +func (c *FakeExternalEntities) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteAction(externalentitiesResource, c.ns, name), &v1alpha2.ExternalEntity{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeExternalEntities) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(externalentitiesResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1alpha2.ExternalEntityList{}) + return err +} + +// Patch applies the patch and returns the patched externalEntity. +func (c *FakeExternalEntities) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(externalentitiesResource, c.ns, name, pt, data, subresources...), &v1alpha2.ExternalEntity{}) + + if obj == nil { + return nil, err + } + return obj.(*v1alpha2.ExternalEntity), err +} diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/generated_expansion.go b/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go similarity index 95% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/generated_expansion.go rename to pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go index 6e0db63ea12..94393e2df12 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/crd/v1alpha2/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/antreaagentinfo.go similarity index 96% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go rename to pkg/client/clientset/versioned/typed/crd/v1beta1/antreaagentinfo.go index d5a6927d6ca..6b4f7d69164 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/antreaagentinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,7 +20,7 @@ import ( "context" "time" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" @@ -53,7 +53,7 @@ type antreaAgentInfos struct { } // newAntreaAgentInfos returns a AntreaAgentInfos -func newAntreaAgentInfos(c *ClusterinformationV1beta1Client) *antreaAgentInfos { +func newAntreaAgentInfos(c *CrdV1beta1Client) *antreaAgentInfos { return &antreaAgentInfos{ client: c.RESTClient(), } diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/antreacontrollerinfo.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/antreacontrollerinfo.go new file mode 100644 index 00000000000..09a9499e085 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/antreacontrollerinfo.go @@ -0,0 +1,166 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// AntreaControllerInfosGetter has a method to return a AntreaControllerInfoInterface. +// A group's client should implement this interface. +type AntreaControllerInfosGetter interface { + AntreaControllerInfos() AntreaControllerInfoInterface +} + +// AntreaControllerInfoInterface has methods to work with AntreaControllerInfo resources. +type AntreaControllerInfoInterface interface { + Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (*v1beta1.AntreaControllerInfo, error) + Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (*v1beta1.AntreaControllerInfo, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.AntreaControllerInfo, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.AntreaControllerInfoList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) + AntreaControllerInfoExpansion +} + +// antreaControllerInfos implements AntreaControllerInfoInterface +type antreaControllerInfos struct { + client rest.Interface +} + +// newAntreaControllerInfos returns a AntreaControllerInfos +func newAntreaControllerInfos(c *CrdV1beta1Client) *antreaControllerInfos { + return &antreaControllerInfos{ + client: c.RESTClient(), + } +} + +// Get takes name of the antreaControllerInfo, and returns the corresponding antreaControllerInfo object, and an error if there is any. +func (c *antreaControllerInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaControllerInfo, err error) { + result = &v1beta1.AntreaControllerInfo{} + err = c.client.Get(). + Resource("antreacontrollerinfos"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AntreaControllerInfos that match those selectors. +func (c *antreaControllerInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaControllerInfoList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.AntreaControllerInfoList{} + err = c.client.Get(). + Resource("antreacontrollerinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested antreaControllerInfos. +func (c *antreaControllerInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("antreacontrollerinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a antreaControllerInfo and creates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. +func (c *antreaControllerInfos) Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (result *v1beta1.AntreaControllerInfo, err error) { + result = &v1beta1.AntreaControllerInfo{} + err = c.client.Post(). + Resource("antreacontrollerinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(antreaControllerInfo). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a antreaControllerInfo and updates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. +func (c *antreaControllerInfos) Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaControllerInfo, err error) { + result = &v1beta1.AntreaControllerInfo{} + err = c.client.Put(). + Resource("antreacontrollerinfos"). + Name(antreaControllerInfo.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(antreaControllerInfo). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the antreaControllerInfo and deletes it. Returns an error if one occurs. +func (c *antreaControllerInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("antreacontrollerinfos"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *antreaControllerInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("antreacontrollerinfos"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched antreaControllerInfo. +func (c *antreaControllerInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) { + result = &v1beta1.AntreaControllerInfo{} + err = c.client.Patch(pt). + Resource("antreacontrollerinfos"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go new file mode 100644 index 00000000000..1c7ce6b8fe0 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go @@ -0,0 +1,92 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type CrdV1beta1Interface interface { + RESTClient() rest.Interface + AntreaAgentInfosGetter + AntreaControllerInfosGetter +} + +// CrdV1beta1Client is used to interact with features provided by the crd.antrea.io group. +type CrdV1beta1Client struct { + restClient rest.Interface +} + +func (c *CrdV1beta1Client) AntreaAgentInfos() AntreaAgentInfoInterface { + return newAntreaAgentInfos(c) +} + +func (c *CrdV1beta1Client) AntreaControllerInfos() AntreaControllerInfoInterface { + return newAntreaControllerInfos(c) +} + +// NewForConfig creates a new CrdV1beta1Client for the given config. +func NewForConfig(c *rest.Config) (*CrdV1beta1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &CrdV1beta1Client{client}, nil +} + +// NewForConfigOrDie creates a new CrdV1beta1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *CrdV1beta1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new CrdV1beta1Client for the given RESTClient. +func New(c rest.Interface) *CrdV1beta1Client { + return &CrdV1beta1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1beta1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *CrdV1beta1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/doc.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1beta1/doc.go index 60252f295fa..c41ac51a831 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/fake/doc.go rename to pkg/client/clientset/versioned/typed/crd/v1beta1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreaagentinfo.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreaagentinfo.go new file mode 100644 index 00000000000..5d9d5eda97d --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreaagentinfo.go @@ -0,0 +1,120 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAntreaAgentInfos implements AntreaAgentInfoInterface +type FakeAntreaAgentInfos struct { + Fake *FakeCrdV1beta1 +} + +var antreaagentinfosResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1beta1", Resource: "antreaagentinfos"} + +var antreaagentinfosKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1beta1", Kind: "AntreaAgentInfo"} + +// Get takes name of the antreaAgentInfo, and returns the corresponding antreaAgentInfo object, and an error if there is any. +func (c *FakeAntreaAgentInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaAgentInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(antreaagentinfosResource, name), &v1beta1.AntreaAgentInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaAgentInfo), err +} + +// List takes label and field selectors, and returns the list of AntreaAgentInfos that match those selectors. +func (c *FakeAntreaAgentInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaAgentInfoList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(antreaagentinfosResource, antreaagentinfosKind, opts), &v1beta1.AntreaAgentInfoList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.AntreaAgentInfoList{ListMeta: obj.(*v1beta1.AntreaAgentInfoList).ListMeta} + for _, item := range obj.(*v1beta1.AntreaAgentInfoList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested antreaAgentInfos. +func (c *FakeAntreaAgentInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(antreaagentinfosResource, opts)) +} + +// Create takes the representation of a antreaAgentInfo and creates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. +func (c *FakeAntreaAgentInfos) Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (result *v1beta1.AntreaAgentInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(antreaagentinfosResource, antreaAgentInfo), &v1beta1.AntreaAgentInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaAgentInfo), err +} + +// Update takes the representation of a antreaAgentInfo and updates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. +func (c *FakeAntreaAgentInfos) Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaAgentInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(antreaagentinfosResource, antreaAgentInfo), &v1beta1.AntreaAgentInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaAgentInfo), err +} + +// Delete takes name of the antreaAgentInfo and deletes it. Returns an error if one occurs. +func (c *FakeAntreaAgentInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(antreaagentinfosResource, name), &v1beta1.AntreaAgentInfo{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAntreaAgentInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(antreaagentinfosResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.AntreaAgentInfoList{}) + return err +} + +// Patch applies the patch and returns the patched antreaAgentInfo. +func (c *FakeAntreaAgentInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(antreaagentinfosResource, name, pt, data, subresources...), &v1beta1.AntreaAgentInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaAgentInfo), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreacontrollerinfo.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreacontrollerinfo.go new file mode 100644 index 00000000000..97c26f369c3 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_antreacontrollerinfo.go @@ -0,0 +1,120 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeAntreaControllerInfos implements AntreaControllerInfoInterface +type FakeAntreaControllerInfos struct { + Fake *FakeCrdV1beta1 +} + +var antreacontrollerinfosResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1beta1", Resource: "antreacontrollerinfos"} + +var antreacontrollerinfosKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1beta1", Kind: "AntreaControllerInfo"} + +// Get takes name of the antreaControllerInfo, and returns the corresponding antreaControllerInfo object, and an error if there is any. +func (c *FakeAntreaControllerInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaControllerInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(antreacontrollerinfosResource, name), &v1beta1.AntreaControllerInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaControllerInfo), err +} + +// List takes label and field selectors, and returns the list of AntreaControllerInfos that match those selectors. +func (c *FakeAntreaControllerInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaControllerInfoList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(antreacontrollerinfosResource, antreacontrollerinfosKind, opts), &v1beta1.AntreaControllerInfoList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.AntreaControllerInfoList{ListMeta: obj.(*v1beta1.AntreaControllerInfoList).ListMeta} + for _, item := range obj.(*v1beta1.AntreaControllerInfoList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested antreaControllerInfos. +func (c *FakeAntreaControllerInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(antreacontrollerinfosResource, opts)) +} + +// Create takes the representation of a antreaControllerInfo and creates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. +func (c *FakeAntreaControllerInfos) Create(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.CreateOptions) (result *v1beta1.AntreaControllerInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(antreacontrollerinfosResource, antreaControllerInfo), &v1beta1.AntreaControllerInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaControllerInfo), err +} + +// Update takes the representation of a antreaControllerInfo and updates it. Returns the server's representation of the antreaControllerInfo, and an error, if there is any. +func (c *FakeAntreaControllerInfos) Update(ctx context.Context, antreaControllerInfo *v1beta1.AntreaControllerInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaControllerInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(antreacontrollerinfosResource, antreaControllerInfo), &v1beta1.AntreaControllerInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaControllerInfo), err +} + +// Delete takes name of the antreaControllerInfo and deletes it. Returns an error if one occurs. +func (c *FakeAntreaControllerInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteAction(antreacontrollerinfosResource, name), &v1beta1.AntreaControllerInfo{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeAntreaControllerInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(antreacontrollerinfosResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.AntreaControllerInfoList{}) + return err +} + +// Patch applies the patch and returns the patched antreaControllerInfo. +func (c *FakeAntreaControllerInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaControllerInfo, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(antreacontrollerinfosResource, name, pt, data, subresources...), &v1beta1.AntreaControllerInfo{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.AntreaControllerInfo), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go new file mode 100644 index 00000000000..bdca04a7a4a --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go @@ -0,0 +1,42 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/crd/v1beta1" + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeCrdV1beta1 struct { + *testing.Fake +} + +func (c *FakeCrdV1beta1) AntreaAgentInfos() v1beta1.AntreaAgentInfoInterface { + return &FakeAntreaAgentInfos{c} +} + +func (c *FakeCrdV1beta1) AntreaControllerInfos() v1beta1.AntreaControllerInfoInterface { + return &FakeAntreaControllerInfos{c} +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeCrdV1beta1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go similarity index 95% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go rename to pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go index 0f1b151a4f5..9e4c79f4934 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreaclusternetworkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreaclusternetworkpolicystats.go index 2a681d79cbd..d362990a16c 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreaclusternetworkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreaclusternetworkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreanetworkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreanetworkpolicystats.go index 1e1c96f9ee2..8100e991e8e 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreanetworkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/antreanetworkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/doc.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/doc.go index 16e4506b415..a66b4592246 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/doc.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/doc.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreaclusternetworkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreaclusternetworkpolicystats.go index b2b8cdad17a..a38a7859f68 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreaclusternetworkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreaclusternetworkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -32,9 +32,9 @@ type FakeAntreaClusterNetworkPolicyStats struct { Fake *FakeStatsV1alpha1 } -var antreaclusternetworkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "antreaclusternetworkpolicystats"} +var antreaclusternetworkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.io", Version: "v1alpha1", Resource: "antreaclusternetworkpolicystats"} -var antreaclusternetworkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "AntreaClusterNetworkPolicyStats"} +var antreaclusternetworkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.io", Version: "v1alpha1", Kind: "AntreaClusterNetworkPolicyStats"} // Get takes name of the antreaClusterNetworkPolicyStats, and returns the corresponding antreaClusterNetworkPolicyStats object, and an error if there is any. func (c *FakeAntreaClusterNetworkPolicyStats) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.AntreaClusterNetworkPolicyStats, err error) { diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreanetworkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreanetworkpolicystats.go index ab25830a696..bbf6c3decbc 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreanetworkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_antreanetworkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -33,9 +33,9 @@ type FakeAntreaNetworkPolicyStats struct { ns string } -var antreanetworkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "antreanetworkpolicystats"} +var antreanetworkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.io", Version: "v1alpha1", Resource: "antreanetworkpolicystats"} -var antreanetworkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "AntreaNetworkPolicyStats"} +var antreanetworkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.io", Version: "v1alpha1", Kind: "AntreaNetworkPolicyStats"} // Get takes name of the antreaNetworkPolicyStats, and returns the corresponding antreaNetworkPolicyStats object, and an error if there is any. func (c *FakeAntreaNetworkPolicyStats) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.AntreaNetworkPolicyStats, err error) { diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_networkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_networkpolicystats.go index dfddf5054b7..2b0d10b47ef 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_networkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_networkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -33,9 +33,9 @@ type FakeNetworkPolicyStats struct { ns string } -var networkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Resource: "networkpolicystats"} +var networkpolicystatsResource = schema.GroupVersionResource{Group: "stats.antrea.io", Version: "v1alpha1", Resource: "networkpolicystats"} -var networkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.tanzu.vmware.com", Version: "v1alpha1", Kind: "NetworkPolicyStats"} +var networkpolicystatsKind = schema.GroupVersionKind{Group: "stats.antrea.io", Version: "v1alpha1", Kind: "NetworkPolicyStats"} // Get takes name of the networkPolicyStats, and returns the corresponding networkPolicyStats object, and an error if there is any. func (c *FakeNetworkPolicyStats) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicyStats, err error) { diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go index c570d11f6a2..eee2e6346f2 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go index 02b95294c8b..293e0ee75db 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/networkpolicystats.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/networkpolicystats.go index 1e5fe254fbb..a178bd3ac04 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/networkpolicystats.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/networkpolicystats.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/stats/v1alpha1/stats_client.go b/pkg/client/clientset/versioned/typed/stats/v1alpha1/stats_client.go index e0c352d1d82..d23c8f694df 100644 --- a/pkg/client/clientset/versioned/typed/stats/v1alpha1/stats_client.go +++ b/pkg/client/clientset/versioned/typed/stats/v1alpha1/stats_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -29,7 +29,7 @@ type StatsV1alpha1Interface interface { NetworkPolicyStatsGetter } -// StatsV1alpha1Client is used to interact with features provided by the stats.antrea.tanzu.vmware.com group. +// StatsV1alpha1Client is used to interact with features provided by the stats.antrea.io group. type StatsV1alpha1Client struct { restClient rest.Interface } diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/doc.go b/pkg/client/clientset/versioned/typed/system/v1beta1/doc.go index 60252f295fa..c41ac51a831 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/doc.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/doc.go b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/doc.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_supportbundle.go b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_supportbundle.go index c8774909a1a..b6aed1c3a00 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_supportbundle.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_supportbundle.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -30,9 +30,9 @@ type FakeSupportBundles struct { Fake *FakeSystemV1beta1 } -var supportbundlesResource = schema.GroupVersionResource{Group: "system.antrea.tanzu.vmware.com", Version: "v1beta1", Resource: "supportbundles"} +var supportbundlesResource = schema.GroupVersionResource{Group: "system.antrea.io", Version: "v1beta1", Resource: "supportbundles"} -var supportbundlesKind = schema.GroupVersionKind{Group: "system.antrea.tanzu.vmware.com", Version: "v1beta1", Kind: "SupportBundle"} +var supportbundlesKind = schema.GroupVersionKind{Group: "system.antrea.io", Version: "v1beta1", Kind: "SupportBundle"} // Get takes name of the supportBundle, and returns the corresponding supportBundle object, and an error if there is any. func (c *FakeSupportBundles) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.SupportBundle, err error) { diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go index 469fe75e9f4..b4451a5eb8d 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/system/v1beta1/generated_expansion.go index 36a6d5aa917..d7250f5a477 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/supportbundle.go b/pkg/client/clientset/versioned/typed/system/v1beta1/supportbundle.go index 0fefaddc629..865b6c242da 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/supportbundle.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/supportbundle.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/system/v1beta1/system_client.go b/pkg/client/clientset/versioned/typed/system/v1beta1/system_client.go index bd89a96177e..f5366abf668 100644 --- a/pkg/client/clientset/versioned/typed/system/v1beta1/system_client.go +++ b/pkg/client/clientset/versioned/typed/system/v1beta1/system_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -27,7 +27,7 @@ type SystemV1beta1Interface interface { SupportBundlesGetter } -// SystemV1beta1Client is used to interact with features provided by the system.antrea.tanzu.vmware.com group. +// SystemV1beta1Client is used to interact with features provided by the system.antrea.io group. type SystemV1beta1Client struct { restClient rest.Interface } diff --git a/pkg/client/informers/externalversions/crd/interface.go b/pkg/client/informers/externalversions/crd/interface.go new file mode 100644 index 00000000000..fab5a67e7dc --- /dev/null +++ b/pkg/client/informers/externalversions/crd/interface.go @@ -0,0 +1,60 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package crd + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha2" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1beta1" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to each of this group's versions. +type Interface interface { + // V1alpha1 provides access to shared informers for resources in V1alpha1. + V1alpha1() v1alpha1.Interface + // V1alpha2 provides access to shared informers for resources in V1alpha2. + V1alpha2() v1alpha2.Interface + // V1beta1 provides access to shared informers for resources in V1beta1. + V1beta1() v1beta1.Interface +} + +type group struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &group{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// V1alpha1 returns a new v1alpha1.Interface. +func (g *group) V1alpha1() v1alpha1.Interface { + return v1alpha1.New(g.factory, g.namespace, g.tweakListOptions) +} + +// V1alpha2 returns a new v1alpha2.Interface. +func (g *group) V1alpha2() v1alpha2.Interface { + return v1alpha2.New(g.factory, g.namespace, g.tweakListOptions) +} + +// V1beta1 returns a new v1beta1.Interface. +func (g *group) V1beta1() v1beta1.Interface { + return v1beta1.New(g.factory, g.namespace, g.tweakListOptions) +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha1/clusternetworkpolicy.go b/pkg/client/informers/externalversions/crd/v1alpha1/clusternetworkpolicy.go new file mode 100644 index 00000000000..2ba4d4f0bb6 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha1/clusternetworkpolicy.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ClusterNetworkPolicyInformer provides access to a shared informer and lister for +// ClusterNetworkPolicies. +type ClusterNetworkPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.ClusterNetworkPolicyLister +} + +type clusterNetworkPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewClusterNetworkPolicyInformer constructs a new informer for ClusterNetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewClusterNetworkPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredClusterNetworkPolicyInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredClusterNetworkPolicyInformer constructs a new informer for ClusterNetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredClusterNetworkPolicyInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().ClusterNetworkPolicies().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().ClusterNetworkPolicies().Watch(context.TODO(), options) + }, + }, + &crdv1alpha1.ClusterNetworkPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *clusterNetworkPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredClusterNetworkPolicyInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *clusterNetworkPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha1.ClusterNetworkPolicy{}, f.defaultInformer) +} + +func (f *clusterNetworkPolicyInformer) Lister() v1alpha1.ClusterNetworkPolicyLister { + return v1alpha1.NewClusterNetworkPolicyLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha1/interface.go b/pkg/client/informers/externalversions/crd/v1alpha1/interface.go new file mode 100644 index 00000000000..1a79ba0bfa0 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha1/interface.go @@ -0,0 +1,64 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // ClusterNetworkPolicies returns a ClusterNetworkPolicyInformer. + ClusterNetworkPolicies() ClusterNetworkPolicyInformer + // NetworkPolicies returns a NetworkPolicyInformer. + NetworkPolicies() NetworkPolicyInformer + // Tiers returns a TierInformer. + Tiers() TierInformer + // Traceflows returns a TraceflowInformer. + Traceflows() TraceflowInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// ClusterNetworkPolicies returns a ClusterNetworkPolicyInformer. +func (v *version) ClusterNetworkPolicies() ClusterNetworkPolicyInformer { + return &clusterNetworkPolicyInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// NetworkPolicies returns a NetworkPolicyInformer. +func (v *version) NetworkPolicies() NetworkPolicyInformer { + return &networkPolicyInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + +// Tiers returns a TierInformer. +func (v *version) Tiers() TierInformer { + return &tierInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// Traceflows returns a TraceflowInformer. +func (v *version) Traceflows() TraceflowInformer { + return &traceflowInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha1/networkpolicy.go b/pkg/client/informers/externalversions/crd/v1alpha1/networkpolicy.go new file mode 100644 index 00000000000..d75ed255b4b --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha1/networkpolicy.go @@ -0,0 +1,88 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// NetworkPolicyInformer provides access to a shared informer and lister for +// NetworkPolicies. +type NetworkPolicyInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.NetworkPolicyLister +} + +type networkPolicyInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewNetworkPolicyInformer constructs a new informer for NetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredNetworkPolicyInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredNetworkPolicyInformer constructs a new informer for NetworkPolicy type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredNetworkPolicyInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().NetworkPolicies(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().NetworkPolicies(namespace).Watch(context.TODO(), options) + }, + }, + &crdv1alpha1.NetworkPolicy{}, + resyncPeriod, + indexers, + ) +} + +func (f *networkPolicyInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredNetworkPolicyInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *networkPolicyInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha1.NetworkPolicy{}, f.defaultInformer) +} + +func (f *networkPolicyInformer) Lister() v1alpha1.NetworkPolicyLister { + return v1alpha1.NewNetworkPolicyLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha1/tier.go b/pkg/client/informers/externalversions/crd/v1alpha1/tier.go new file mode 100644 index 00000000000..bdc68b90d54 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha1/tier.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// TierInformer provides access to a shared informer and lister for +// Tiers. +type TierInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.TierLister +} + +type tierInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewTierInformer constructs a new informer for Tier type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewTierInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredTierInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredTierInformer constructs a new informer for Tier type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredTierInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().Tiers().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha1().Tiers().Watch(context.TODO(), options) + }, + }, + &crdv1alpha1.Tier{}, + resyncPeriod, + indexers, + ) +} + +func (f *tierInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredTierInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *tierInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha1.Tier{}, f.defaultInformer) +} + +func (f *tierInformer) Lister() v1alpha1.TierLister { + return v1alpha1.NewTierLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/ops/v1alpha1/traceflow.go b/pkg/client/informers/externalversions/crd/v1alpha1/traceflow.go similarity index 89% rename from pkg/client/informers/externalversions/ops/v1alpha1/traceflow.go rename to pkg/client/informers/externalversions/crd/v1alpha1/traceflow.go index 89dee79869d..4608c08b7f5 100644 --- a/pkg/client/informers/externalversions/ops/v1alpha1/traceflow.go +++ b/pkg/client/informers/externalversions/crd/v1alpha1/traceflow.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/ops/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" @@ -59,16 +59,16 @@ func NewFilteredTraceflowInformer(client versioned.Interface, resyncPeriod time. if tweakListOptions != nil { tweakListOptions(&options) } - return client.OpsV1alpha1().Traceflows().List(context.TODO(), options) + return client.CrdV1alpha1().Traceflows().List(context.TODO(), options) }, WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { if tweakListOptions != nil { tweakListOptions(&options) } - return client.OpsV1alpha1().Traceflows().Watch(context.TODO(), options) + return client.CrdV1alpha1().Traceflows().Watch(context.TODO(), options) }, }, - &opsv1alpha1.Traceflow{}, + &crdv1alpha1.Traceflow{}, resyncPeriod, indexers, ) @@ -79,7 +79,7 @@ func (f *traceflowInformer) defaultInformer(client versioned.Interface, resyncPe } func (f *traceflowInformer) Informer() cache.SharedIndexInformer { - return f.factory.InformerFor(&opsv1alpha1.Traceflow{}, f.defaultInformer) + return f.factory.InformerFor(&crdv1alpha1.Traceflow{}, f.defaultInformer) } func (f *traceflowInformer) Lister() v1alpha1.TraceflowLister { diff --git a/pkg/client/informers/externalversions/crd/v1alpha2/clustergroup.go b/pkg/client/informers/externalversions/crd/v1alpha2/clustergroup.go new file mode 100644 index 00000000000..42a52ec9088 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha2/clustergroup.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + time "time" + + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ClusterGroupInformer provides access to a shared informer and lister for +// ClusterGroups. +type ClusterGroupInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha2.ClusterGroupLister +} + +type clusterGroupInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewClusterGroupInformer constructs a new informer for ClusterGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredClusterGroupInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredClusterGroupInformer constructs a new informer for ClusterGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().ClusterGroups().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().ClusterGroups().Watch(context.TODO(), options) + }, + }, + &crdv1alpha2.ClusterGroup{}, + resyncPeriod, + indexers, + ) +} + +func (f *clusterGroupInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredClusterGroupInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *clusterGroupInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha2.ClusterGroup{}, f.defaultInformer) +} + +func (f *clusterGroupInformer) Lister() v1alpha2.ClusterGroupLister { + return v1alpha2.NewClusterGroupLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1alpha2/externalentity.go b/pkg/client/informers/externalversions/crd/v1alpha2/externalentity.go new file mode 100644 index 00000000000..609b8b452dd --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1alpha2/externalentity.go @@ -0,0 +1,88 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + time "time" + + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ExternalEntityInformer provides access to a shared informer and lister for +// ExternalEntities. +type ExternalEntityInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha2.ExternalEntityLister +} + +type externalEntityInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewExternalEntityInformer constructs a new informer for ExternalEntity type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewExternalEntityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredExternalEntityInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredExternalEntityInformer constructs a new informer for ExternalEntity type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredExternalEntityInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().ExternalEntities(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1alpha2().ExternalEntities(namespace).Watch(context.TODO(), options) + }, + }, + &crdv1alpha2.ExternalEntity{}, + resyncPeriod, + indexers, + ) +} + +func (f *externalEntityInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredExternalEntityInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *externalEntityInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1alpha2.ExternalEntity{}, f.defaultInformer) +} + +func (f *externalEntityInformer) Lister() v1alpha2.ExternalEntityLister { + return v1alpha2.NewExternalEntityLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/core/v1alpha2/interface.go b/pkg/client/informers/externalversions/crd/v1alpha2/interface.go similarity index 98% rename from pkg/client/informers/externalversions/core/v1alpha2/interface.go rename to pkg/client/informers/externalversions/crd/v1alpha2/interface.go index ad05609e16d..0a8d5900de6 100644 --- a/pkg/client/informers/externalversions/core/v1alpha2/interface.go +++ b/pkg/client/informers/externalversions/crd/v1alpha2/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/crd/v1beta1/antreaagentinfo.go b/pkg/client/informers/externalversions/crd/v1beta1/antreaagentinfo.go new file mode 100644 index 00000000000..30075a33b66 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1beta1/antreaagentinfo.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// AntreaAgentInfoInformer provides access to a shared informer and lister for +// AntreaAgentInfos. +type AntreaAgentInfoInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.AntreaAgentInfoLister +} + +type antreaAgentInfoInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAntreaAgentInfoInformer constructs a new informer for AntreaAgentInfo type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAntreaAgentInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAntreaAgentInfoInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAntreaAgentInfoInformer constructs a new informer for AntreaAgentInfo type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAntreaAgentInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().AntreaAgentInfos().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().AntreaAgentInfos().Watch(context.TODO(), options) + }, + }, + &crdv1beta1.AntreaAgentInfo{}, + resyncPeriod, + indexers, + ) +} + +func (f *antreaAgentInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAntreaAgentInfoInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *antreaAgentInfoInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1beta1.AntreaAgentInfo{}, f.defaultInformer) +} + +func (f *antreaAgentInfoInformer) Lister() v1beta1.AntreaAgentInfoLister { + return v1beta1.NewAntreaAgentInfoLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1beta1/antreacontrollerinfo.go b/pkg/client/informers/externalversions/crd/v1beta1/antreacontrollerinfo.go new file mode 100644 index 00000000000..2499b28a3e8 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1beta1/antreacontrollerinfo.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// AntreaControllerInfoInformer provides access to a shared informer and lister for +// AntreaControllerInfos. +type AntreaControllerInfoInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.AntreaControllerInfoLister +} + +type antreaControllerInfoInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewAntreaControllerInfoInformer constructs a new informer for AntreaControllerInfo type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewAntreaControllerInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredAntreaControllerInfoInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredAntreaControllerInfoInformer constructs a new informer for AntreaControllerInfo type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredAntreaControllerInfoInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().AntreaControllerInfos().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().AntreaControllerInfos().Watch(context.TODO(), options) + }, + }, + &crdv1beta1.AntreaControllerInfo{}, + resyncPeriod, + indexers, + ) +} + +func (f *antreaControllerInfoInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredAntreaControllerInfoInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *antreaControllerInfoInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1beta1.AntreaControllerInfo{}, f.defaultInformer) +} + +func (f *antreaControllerInfoInformer) Lister() v1beta1.AntreaControllerInfoLister { + return v1beta1.NewAntreaControllerInfoLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/clusterinformation/v1beta1/interface.go b/pkg/client/informers/externalversions/crd/v1beta1/interface.go similarity index 98% rename from pkg/client/informers/externalversions/clusterinformation/v1beta1/interface.go rename to pkg/client/informers/externalversions/crd/v1beta1/interface.go index 72f86c46d8b..0e62dcd15c8 100644 --- a/pkg/client/informers/externalversions/clusterinformation/v1beta1/interface.go +++ b/pkg/client/informers/externalversions/crd/v1beta1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/informers/externalversions/factory.go b/pkg/client/informers/externalversions/factory.go index 82a863b64d6..2d272e09f5c 100644 --- a/pkg/client/informers/externalversions/factory.go +++ b/pkg/client/informers/externalversions/factory.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -22,11 +22,8 @@ import ( time "time" versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - clusterinformation "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/clusterinformation" - core "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/core" + crd "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd" internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - ops "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/ops" - security "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/security" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" schema "k8s.io/apimachinery/pkg/runtime/schema" @@ -173,24 +170,9 @@ type SharedInformerFactory interface { ForResource(resource schema.GroupVersionResource) (GenericInformer, error) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool - Clusterinformation() clusterinformation.Interface - Core() core.Interface - Ops() ops.Interface - Security() security.Interface + Crd() crd.Interface } -func (f *sharedInformerFactory) Clusterinformation() clusterinformation.Interface { - return clusterinformation.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Core() core.Interface { - return core.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Ops() ops.Interface { - return ops.New(f, f.namespace, f.tweakListOptions) -} - -func (f *sharedInformerFactory) Security() security.Interface { - return security.New(f, f.namespace, f.tweakListOptions) +func (f *sharedInformerFactory) Crd() crd.Interface { + return crd.New(f, f.namespace, f.tweakListOptions) } diff --git a/pkg/client/informers/externalversions/generic.go b/pkg/client/informers/externalversions/generic.go index 3a6e0920205..4e0b7ef5499 100644 --- a/pkg/client/informers/externalversions/generic.go +++ b/pkg/client/informers/externalversions/generic.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,10 +19,9 @@ package externalversions import ( "fmt" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" schema "k8s.io/apimachinery/pkg/runtime/schema" cache "k8s.io/client-go/tools/cache" ) @@ -53,29 +52,27 @@ func (f *genericInformer) Lister() cache.GenericLister { // TODO extend this to unknown resources with a client pool func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { switch resource { - // Group=clusterinformation.antrea.tanzu.vmware.com, Version=v1beta1 - case v1beta1.SchemeGroupVersion.WithResource("antreaagentinfos"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaAgentInfos().Informer()}, nil - case v1beta1.SchemeGroupVersion.WithResource("antreacontrollerinfos"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaControllerInfos().Informer()}, nil + // Group=crd.antrea.io, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("clusternetworkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().ClusterNetworkPolicies().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("networkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().NetworkPolicies().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("tiers"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().Tiers().Informer()}, nil + case v1alpha1.SchemeGroupVersion.WithResource("traceflows"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha1().Traceflows().Informer()}, nil - // Group=core.antrea.tanzu.vmware.com, Version=v1alpha2 + // Group=crd.antrea.io, Version=v1alpha2 case v1alpha2.SchemeGroupVersion.WithResource("clustergroups"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ClusterGroups().Informer()}, nil + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha2().ClusterGroups().Informer()}, nil case v1alpha2.SchemeGroupVersion.WithResource("externalentities"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ExternalEntities().Informer()}, nil + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1alpha2().ExternalEntities().Informer()}, nil - // Group=ops.antrea.tanzu.vmware.com, Version=v1alpha1 - case v1alpha1.SchemeGroupVersion.WithResource("traceflows"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Ops().V1alpha1().Traceflows().Informer()}, nil - - // Group=security.antrea.tanzu.vmware.com, Version=v1alpha1 - case securityv1alpha1.SchemeGroupVersion.WithResource("clusternetworkpolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().ClusterNetworkPolicies().Informer()}, nil - case securityv1alpha1.SchemeGroupVersion.WithResource("networkpolicies"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().NetworkPolicies().Informer()}, nil - case securityv1alpha1.SchemeGroupVersion.WithResource("tiers"): - return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().Tiers().Informer()}, nil + // Group=crd.antrea.io, Version=v1beta1 + case v1beta1.SchemeGroupVersion.WithResource("antreaagentinfos"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().AntreaAgentInfos().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("antreacontrollerinfos"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().AntreaControllerInfos().Informer()}, nil } diff --git a/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go index e0160fc66ca..05a87ca50a7 100644 --- a/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go +++ b/pkg/client/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/security/v1alpha1/clusternetworkpolicy.go b/pkg/client/listers/crd/v1alpha1/clusternetworkpolicy.go similarity index 95% rename from pkg/client/listers/security/v1alpha1/clusternetworkpolicy.go rename to pkg/client/listers/crd/v1alpha1/clusternetworkpolicy.go index 35498566fb3..7335c3e30ba 100644 --- a/pkg/client/listers/security/v1alpha1/clusternetworkpolicy.go +++ b/pkg/client/listers/crd/v1alpha1/clusternetworkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/crd/v1alpha1/expansion_generated.go b/pkg/client/listers/crd/v1alpha1/expansion_generated.go new file mode 100644 index 00000000000..42c8584043d --- /dev/null +++ b/pkg/client/listers/crd/v1alpha1/expansion_generated.go @@ -0,0 +1,37 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +// ClusterNetworkPolicyListerExpansion allows custom methods to be added to +// ClusterNetworkPolicyLister. +type ClusterNetworkPolicyListerExpansion interface{} + +// NetworkPolicyListerExpansion allows custom methods to be added to +// NetworkPolicyLister. +type NetworkPolicyListerExpansion interface{} + +// NetworkPolicyNamespaceListerExpansion allows custom methods to be added to +// NetworkPolicyNamespaceLister. +type NetworkPolicyNamespaceListerExpansion interface{} + +// TierListerExpansion allows custom methods to be added to +// TierLister. +type TierListerExpansion interface{} + +// TraceflowListerExpansion allows custom methods to be added to +// TraceflowLister. +type TraceflowListerExpansion interface{} diff --git a/pkg/client/listers/security/v1alpha1/networkpolicy.go b/pkg/client/listers/crd/v1alpha1/networkpolicy.go similarity index 97% rename from pkg/client/listers/security/v1alpha1/networkpolicy.go rename to pkg/client/listers/crd/v1alpha1/networkpolicy.go index 5c12a3f294b..99f4a69f44b 100644 --- a/pkg/client/listers/security/v1alpha1/networkpolicy.go +++ b/pkg/client/listers/crd/v1alpha1/networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/security/v1alpha1/tier.go b/pkg/client/listers/crd/v1alpha1/tier.go similarity index 94% rename from pkg/client/listers/security/v1alpha1/tier.go rename to pkg/client/listers/crd/v1alpha1/tier.go index 87f3cf0cb3e..d1714679f1f 100644 --- a/pkg/client/listers/security/v1alpha1/tier.go +++ b/pkg/client/listers/crd/v1alpha1/tier.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/ops/v1alpha1/traceflow.go b/pkg/client/listers/crd/v1alpha1/traceflow.go similarity index 95% rename from pkg/client/listers/ops/v1alpha1/traceflow.go rename to pkg/client/listers/crd/v1alpha1/traceflow.go index bc83d32a3cc..4566ebdbe6a 100644 --- a/pkg/client/listers/ops/v1alpha1/traceflow.go +++ b/pkg/client/listers/crd/v1alpha1/traceflow.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/core/v1alpha2/clustergroup.go b/pkg/client/listers/crd/v1alpha2/clustergroup.go similarity index 95% rename from pkg/client/listers/core/v1alpha2/clustergroup.go rename to pkg/client/listers/crd/v1alpha2/clustergroup.go index 7832dfc4271..a6ee701ca91 100644 --- a/pkg/client/listers/core/v1alpha2/clustergroup.go +++ b/pkg/client/listers/crd/v1alpha2/clustergroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha2 import ( - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/core/v1alpha2/expansion_generated.go b/pkg/client/listers/crd/v1alpha2/expansion_generated.go similarity index 97% rename from pkg/client/listers/core/v1alpha2/expansion_generated.go rename to pkg/client/listers/crd/v1alpha2/expansion_generated.go index d1aad8ab65e..3b0a15efa32 100644 --- a/pkg/client/listers/core/v1alpha2/expansion_generated.go +++ b/pkg/client/listers/crd/v1alpha2/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/listers/core/v1alpha2/externalentity.go b/pkg/client/listers/crd/v1alpha2/externalentity.go similarity index 97% rename from pkg/client/listers/core/v1alpha2/externalentity.go rename to pkg/client/listers/crd/v1alpha2/externalentity.go index 64cd5011469..0aed0e215b9 100644 --- a/pkg/client/listers/core/v1alpha2/externalentity.go +++ b/pkg/client/listers/crd/v1alpha2/externalentity.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha2 import ( - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/client/listers/crd/v1beta1/antreaagentinfo.go similarity index 95% rename from pkg/client/listers/clusterinformation/v1beta1/antreaagentinfo.go rename to pkg/client/listers/crd/v1beta1/antreaagentinfo.go index b3e6cd3ed01..27e2c4caf85 100644 --- a/pkg/client/listers/clusterinformation/v1beta1/antreaagentinfo.go +++ b/pkg/client/listers/crd/v1beta1/antreaagentinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1beta1 import ( - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/client/listers/crd/v1beta1/antreacontrollerinfo.go similarity index 95% rename from pkg/client/listers/clusterinformation/v1beta1/antreacontrollerinfo.go rename to pkg/client/listers/crd/v1beta1/antreacontrollerinfo.go index f1474e9c754..170b2ddc9aa 100644 --- a/pkg/client/listers/clusterinformation/v1beta1/antreacontrollerinfo.go +++ b/pkg/client/listers/crd/v1beta1/antreacontrollerinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1beta1 import ( - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/tools/cache" diff --git a/pkg/client/listers/clusterinformation/v1beta1/expansion_generated.go b/pkg/client/listers/crd/v1beta1/expansion_generated.go similarity index 96% rename from pkg/client/listers/clusterinformation/v1beta1/expansion_generated.go rename to pkg/client/listers/crd/v1beta1/expansion_generated.go index 657a8bb524a..2181551a0c7 100644 --- a/pkg/client/listers/clusterinformation/v1beta1/expansion_generated.go +++ b/pkg/client/listers/crd/v1beta1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/controller/crdmirroring/crdhandler/clustergroup.go b/pkg/controller/crdmirroring/crdhandler/clustergroup.go new file mode 100644 index 00000000000..ce2045301a7 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/clustergroup.go @@ -0,0 +1,151 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacycore "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacycorelister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/core/v1alpha2" +) + +type ClusterGroupHandler struct { + lister crdlister.ClusterGroupLister + legacyLister legacycorelister.ClusterGroupLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewClusterGroupHandler(lister crdlister.ClusterGroupLister, + legacyLister legacycorelister.ClusterGroupLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &ClusterGroupHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new ClusterGroup struct. +func (c *ClusterGroupHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + return c.lister.Get(name) +} + +// AddNewObject creates the mirrored new ClusterGroup. +func (c *ClusterGroupHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacycore.ClusterGroup) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha2().ClusterGroups() + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + return err +} + +// SyncObject updates the mirrored new ClusterGroup. +func (c *ClusterGroupHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha2().ClusterGroups() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + + if !c.deepEqualStatus(legacyObj, newObj) { + l := c.syncLegacyObject(legacyObj, newObj) + legacyClient := c.legacyClient.CoreV1alpha2().ClusterGroups() + _, err := legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + return nil +} + +//DeleteNewObject deletes the mirrored new ClusterGroup. +func (c *ClusterGroupHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha2().ClusterGroups() + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *ClusterGroupHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ClusterGroup).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha2().ClusterGroups() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy ClusterGroup struct. +func (c *ClusterGroupHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.Get(name) +} + +// buildNewObject returns a new ClusterGroup struct. +func (c *ClusterGroupHandler) buildNewObject(obj metav1.Object) *crd.ClusterGroup { + l := obj.(*legacycore.ClusterGroup) + n := &crd.ClusterGroup{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy ClusterGroup's Spec and Labels to the new ClusterGroup. +func (c *ClusterGroupHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ClusterGroup { + l := legacyObj.(*legacycore.ClusterGroup) + n := newObj.(*crd.ClusterGroup).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +// syncLegacyObject syncs new ClusterGroup's Status to the legacy ClusterGroup. +func (c *ClusterGroupHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacycore.ClusterGroup { + l := legacyObj.(*legacycore.ClusterGroup).DeepCopy() + n := newObj.(*crd.ClusterGroup) + l.Status = *n.Status.DeepCopy() + return l +} + +func (c *ClusterGroupHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacycore.ClusterGroup) + n := newObj.(*crd.ClusterGroup) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} + +func (c *ClusterGroupHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacycore.ClusterGroup) + n := newObj.(*crd.ClusterGroup) + return reflect.DeepEqual(l.Status, n.Status) +} diff --git a/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go b/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go new file mode 100644 index 00000000000..eed314fe738 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/clusternetworkpolicy.go @@ -0,0 +1,151 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacysecurity "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacysecuritylister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" +) + +type ClusterNetworkPolicyHandler struct { + lister crdlister.ClusterNetworkPolicyLister + legacyLister legacysecuritylister.ClusterNetworkPolicyLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewClusterNetworkPolicyHandler(lister crdlister.ClusterNetworkPolicyLister, + legacyLister legacysecuritylister.ClusterNetworkPolicyLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &ClusterNetworkPolicyHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new ClusterNetworkPolicy struct. +func (c *ClusterNetworkPolicyHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + return c.lister.Get(name) +} + +// AddNewObject creates the mirrored new ClusterNetworkPolicy. +func (c *ClusterNetworkPolicyHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacysecurity.ClusterNetworkPolicy) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha1().ClusterNetworkPolicies() + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + return err +} + +// SyncObject updates the mirrored new ClusterNetworkPolicy. +func (c *ClusterNetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha1().ClusterNetworkPolicies() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + + if !c.deepEqualStatus(legacyObj, newObj) { + l := c.syncLegacyObject(legacyObj, newObj) + legacyClient := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies() + _, err := legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + return nil +} + +//DeleteNewObject deletes the mirrored new ClusterNetworkPolicy. +func (c *ClusterNetworkPolicyHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha1().ClusterNetworkPolicies() + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *ClusterNetworkPolicyHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ClusterNetworkPolicy).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha1().ClusterNetworkPolicies() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy ClusterNetworkPolicy struct. +func (c *ClusterNetworkPolicyHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.Get(name) +} + +// buildNewObject returns a new ClusterNetworkPolicy struct. +func (c *ClusterNetworkPolicyHandler) buildNewObject(obj metav1.Object) *crd.ClusterNetworkPolicy { + l := obj.(*legacysecurity.ClusterNetworkPolicy) + n := &crd.ClusterNetworkPolicy{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy ClusterNetworkPolicy' Spec and Labels to the new ClusterNetworkPolicy. +func (c *ClusterNetworkPolicyHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ClusterNetworkPolicy { + l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) + n := newObj.(*crd.ClusterNetworkPolicy).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +// syncLegacyObject syncs new ClusterNetworkPolicy's Status to the legacy ClusterNetworkPolicy. +func (c *ClusterNetworkPolicyHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacysecurity.ClusterNetworkPolicy { + l := legacyObj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() + n := newObj.(*crd.ClusterNetworkPolicy) + l.Status = *n.Status.DeepCopy() + return l +} + +func (c *ClusterNetworkPolicyHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) + n := newObj.(*crd.ClusterNetworkPolicy) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} + +func (c *ClusterNetworkPolicyHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacysecurity.ClusterNetworkPolicy) + n := newObj.(*crd.ClusterNetworkPolicy) + return reflect.DeepEqual(l.Status, n.Status) +} diff --git a/pkg/controller/crdmirroring/crdhandler/externalentity.go b/pkg/controller/crdmirroring/crdhandler/externalentity.go new file mode 100644 index 00000000000..7e7bcb4b7e4 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/externalentity.go @@ -0,0 +1,126 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacycore "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacycorelister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/core/v1alpha2" +) + +type ExternalEntityHandler struct { + lister crdlister.ExternalEntityLister + legacyLister legacycorelister.ExternalEntityLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewExternalEntityHandler(lister crdlister.ExternalEntityLister, + legacyLister legacycorelister.ExternalEntityLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &ExternalEntityHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new ExternalEntity struct. +func (c *ExternalEntityHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + return c.lister.ExternalEntities(namespace).Get(name) +} + +// AddNewObject creates the mirrored new ExternalEntity. +func (c *ExternalEntityHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacycore.ExternalEntity) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha2().ExternalEntities(obj.GetNamespace()) + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + return err +} + +// SyncObject updates the mirrored new ExternalEntity. +func (c *ExternalEntityHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha2().ExternalEntities(legacyObj.GetNamespace()) + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err + } + return nil +} + +//DeleteNewObject deletes the mirrored new ExternalEntity. +func (c *ExternalEntityHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha2().ExternalEntities(namespace) + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *ExternalEntityHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.ExternalEntity).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha2().ExternalEntities(newObj.GetNamespace()) + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy ExternalEntity struct. +func (c *ExternalEntityHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.ExternalEntities(namespace).Get(name) +} + +// buildNewObject returns a new ExternalEntity struct. +func (c *ExternalEntityHandler) buildNewObject(obj metav1.Object) *crd.ExternalEntity { + l := obj.(*legacycore.ExternalEntity) + n := &crd.ExternalEntity{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy ExternalEntity' Spec and Labels to the new ExternalEntity. +func (c *ExternalEntityHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.ExternalEntity { + l := legacyObj.(*legacycore.ExternalEntity) + n := newObj.(*crd.ExternalEntity).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +func (c *ExternalEntityHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacycore.ExternalEntity) + n := newObj.(*crd.ExternalEntity) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} diff --git a/pkg/controller/crdmirroring/crdhandler/networkpolicy.go b/pkg/controller/crdmirroring/crdhandler/networkpolicy.go new file mode 100644 index 00000000000..db45d05063b --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/networkpolicy.go @@ -0,0 +1,154 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacysecurity "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacysecuritylister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" +) + +type NetworkPolicyHandler struct { + lister crdlister.NetworkPolicyLister + legacyLister legacysecuritylister.NetworkPolicyLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewNetworkPolicyHandler(lister crdlister.NetworkPolicyLister, + legacyLister legacysecuritylister.NetworkPolicyLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &NetworkPolicyHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new NetworkPolicy struct. +func (c *NetworkPolicyHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + return c.lister.NetworkPolicies(namespace).Get(name) +} + +// AddNewObject creates the mirrored new NetworkPolicy. +func (c *NetworkPolicyHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacysecurity.NetworkPolicy) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha1().NetworkPolicies(obj.GetNamespace()) + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + if err != nil { + return err + } + return nil +} + +// SyncObject updates the mirrored new NetworkPolicy. +func (c *NetworkPolicyHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha1().NetworkPolicies(legacyObj.GetNamespace()) + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + + if !c.deepEqualStatus(legacyObj, newObj) { + l := c.syncLegacyObject(legacyObj, newObj) + legacyClient := c.legacyClient.SecurityV1alpha1().NetworkPolicies(legacyObj.GetNamespace()) + _, err := legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + return nil +} + +//DeleteNewObject deletes the mirrored new NetworkPolicy +func (c *NetworkPolicyHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha1().NetworkPolicies(namespace) + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *NetworkPolicyHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.NetworkPolicy).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha1().NetworkPolicies(newObj.GetNamespace()) + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy NetworkPolicy struct. +func (c *NetworkPolicyHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.NetworkPolicies(namespace).Get(name) +} + +// buildNewObject returns a new NetworkPolicy struct. +func (c *NetworkPolicyHandler) buildNewObject(obj metav1.Object) *crd.NetworkPolicy { + l := obj.(*legacysecurity.NetworkPolicy) + n := &crd.NetworkPolicy{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy NetworkPolicy's Spec and Labels to the new NetworkPolicy +func (c *NetworkPolicyHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.NetworkPolicy { + l := legacyObj.(*legacysecurity.NetworkPolicy) + n := newObj.(*crd.NetworkPolicy).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +// syncLegacyObject syncs new NetworkPolicy's Status to the legacy NetworkPolicy +func (c *NetworkPolicyHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacysecurity.NetworkPolicy { + l := legacyObj.(*legacysecurity.NetworkPolicy).DeepCopy() + n := newObj.(*crd.NetworkPolicy) + l.Status = *n.Status.DeepCopy() + return l +} + +func (c *NetworkPolicyHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacysecurity.NetworkPolicy) + n := newObj.(*crd.NetworkPolicy) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} + +func (c *NetworkPolicyHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacysecurity.NetworkPolicy) + n := newObj.(*crd.NetworkPolicy) + return reflect.DeepEqual(l.Status, n.Status) +} diff --git a/pkg/controller/crdmirroring/crdhandler/ops.go b/pkg/controller/crdmirroring/crdhandler/ops.go new file mode 100644 index 00000000000..f825cef83e4 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/ops.go @@ -0,0 +1,154 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacyops "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacyopslister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/ops/v1alpha1" +) + +type TraceflowHandler struct { + lister crdlister.TraceflowLister + legacyLister legacyopslister.TraceflowLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewTraceflowHandler(lister crdlister.TraceflowLister, + legacyLister legacyopslister.TraceflowLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &TraceflowHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new Traceflow struct. +func (c *TraceflowHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + return c.lister.Get(name) +} + +// AddNewObject creates the mirrored new Traceflow. +func (c *TraceflowHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacyops.Traceflow) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha1().Traceflows() + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + if err != nil { + return err + } + return nil +} + +// SyncObject updates the mirrored new Traceflow. +func (c *TraceflowHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha1().Traceflows() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + + if !c.deepEqualStatus(legacyObj, newObj) { + l := c.syncLegacyObject(legacyObj, newObj) + legacyClient := c.legacyClient.OpsV1alpha1().Traceflows() + _, err := legacyClient.UpdateStatus(context.TODO(), l, metav1.UpdateOptions{}) + if err != nil { + return err + } + } + return nil +} + +//DeleteNewObject deletes the mirrored new Traceflow. +func (c *TraceflowHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha1().Traceflows() + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *TraceflowHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.Traceflow).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha1().Traceflows() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy Traceflow struct. +func (c *TraceflowHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.Get(name) +} + +// buildNewObject returns a new Traceflow struct. +func (c *TraceflowHandler) buildNewObject(obj metav1.Object) *crd.Traceflow { + l := obj.(*legacyops.Traceflow) + n := &crd.Traceflow{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy Traceflow's Spec and Labels to the new Traceflow. +func (c *TraceflowHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.Traceflow { + l := legacyObj.(*legacyops.Traceflow) + n := newObj.(*crd.Traceflow).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +// syncLegacyObject syncs new Traceflow's Status to the legacy Traceflow. +func (c *TraceflowHandler) syncLegacyObject(legacyObj, newObj metav1.Object) *legacyops.Traceflow { + l := legacyObj.(*legacyops.Traceflow).DeepCopy() + n := newObj.(*crd.Traceflow) + l.Status = *n.Status.DeepCopy() + return l +} + +func (c *TraceflowHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacyops.Traceflow) + n := newObj.(*crd.Traceflow) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} + +func (c *TraceflowHandler) deepEqualStatus(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacyops.Traceflow) + n := newObj.(*crd.Traceflow) + return reflect.DeepEqual(l.Status, n.Status) +} diff --git a/pkg/controller/crdmirroring/crdhandler/tier.go b/pkg/controller/crdmirroring/crdhandler/tier.go new file mode 100644 index 00000000000..42c3d36b929 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/tier.go @@ -0,0 +1,127 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdhandler + +import ( + "context" + "reflect" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crd "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + crdlister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacysecurity "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacysecuritylister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" +) + +type TierHandler struct { + lister crdlister.TierLister + legacyLister legacysecuritylister.TierLister + client crdclientset.Interface + legacyClient legacycrdclientset.Interface +} + +func NewTierHandler(lister crdlister.TierLister, + legacyLister legacysecuritylister.TierLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) types.MirroringHandler { + mc := &TierHandler{ + lister: lister, + legacyLister: legacyLister, + client: client, + legacyClient: legacyClient, + } + return mc +} + +// GetNewObject gets the mirrored new Tier struct. +func (c *TierHandler) GetNewObject(namespace, name string) (metav1.Object, error) { + lister := c.lister + return lister.Get(name) +} + +// AddNewObject creates the mirrored new Tier. +func (c *TierHandler) AddNewObject(obj metav1.Object) error { + l := obj.(*legacysecurity.Tier) + n := c.buildNewObject(l) + client := c.client.CrdV1alpha1().Tiers() + _, err := client.Create(context.TODO(), n, metav1.CreateOptions{}) + return err +} + +// SyncObject updates the mirrored new Tier. +func (c *TierHandler) SyncObject(legacyObj, newObj metav1.Object) error { + if !c.deepEqualSpecAndLabels(legacyObj, newObj) { + n := c.syncNewObject(legacyObj, newObj) + newClient := c.client.CrdV1alpha1().Tiers() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err + } + return nil +} + +//DeleteNewObject deletes the mirrored new Tier. +func (c *TierHandler) DeleteNewObject(namespace, name string) error { + client := c.client.CrdV1alpha1().Tiers() + return client.Delete(context.TODO(), name, metav1.DeleteOptions{}) +} + +// LiberateNewObject updates the mirrored new ClusterGroup by deleting "crd.antrea.io/managed-by" annotation, then it +// will not be managed by mirroring controller anymore. +func (c *TierHandler) LiberateNewObject(newObj metav1.Object) error { + n := newObj.(*crd.Tier).DeepCopy() + delete(n.Annotations, types.ManagedBy) + newClient := c.client.CrdV1alpha1().Tiers() + _, err := newClient.Update(context.TODO(), n, metav1.UpdateOptions{}) + return err +} + +// GetLegacyObject gets the legacy Tier struct. +func (c *TierHandler) GetLegacyObject(namespace, name string) (metav1.Object, error) { + return c.legacyLister.Get(name) +} + +// buildNewObject returns a new Tier struct. +func (c *TierHandler) buildNewObject(obj metav1.Object) *crd.Tier { + l := obj.(*legacysecurity.Tier) + n := &crd.Tier{} + n.Spec = *l.Spec.DeepCopy() + setMetaData(l, n) + return n +} + +// syncNewObject syncs legacy Tier's Spec and Labels to the new Tier. +func (c *TierHandler) syncNewObject(legacyObj, newObj metav1.Object) *crd.Tier { + l := legacyObj.(*legacysecurity.Tier) + n := newObj.(*crd.Tier).DeepCopy() + n.Spec = *l.Spec.DeepCopy() + n.Labels = labelsDeepCopy(l) + return n +} + +func (c *TierHandler) deepEqualSpecAndLabels(legacyObj, newObj metav1.Object) bool { + l := legacyObj.(*legacysecurity.Tier) + n := newObj.(*crd.Tier) + if !reflect.DeepEqual(l.Spec, n.Spec) { + return false + } + if !reflect.DeepEqual(l.Labels, n.Labels) { + return false + } + return true +} diff --git a/pkg/controller/crdmirroring/crdhandler/utils.go b/pkg/controller/crdmirroring/crdhandler/utils.go new file mode 100644 index 00000000000..a4e875979b5 --- /dev/null +++ b/pkg/controller/crdmirroring/crdhandler/utils.go @@ -0,0 +1,35 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package crdhandler + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" +) + +func setMetaData(legacyObj, newObj metav1.Object) { + newObj.SetLabels(labelsDeepCopy(legacyObj)) + newObj.SetName(legacyObj.GetName()) + newObj.SetNamespace(legacyObj.GetNamespace()) + newObj.SetAnnotations(map[string]string{types.ManagedBy: types.ControllerName}) +} + +func labelsDeepCopy(obj metav1.Object) map[string]string { + res := map[string]string{} + for label, val := range obj.GetLabels() { + res[label] = val + } + return res +} diff --git a/pkg/controller/crdmirroring/crdmirroring_controller.go b/pkg/controller/crdmirroring/crdmirroring_controller.go new file mode 100644 index 00000000000..b5399b82fb8 --- /dev/null +++ b/pkg/controller/crdmirroring/crdmirroring_controller.go @@ -0,0 +1,240 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdmirroring + +import ( + "fmt" + "time" + + apierrors "k8s.io/apimachinery/pkg/api/errors" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/tools/cache" + "k8s.io/client-go/util/workqueue" + "k8s.io/klog" + + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" +) + +const ( + // maxRetries is the number of times an legacy CRD resource will be retried + // before it is dropped out of the queue. + maxRetries = 15 + + minRetryDelay = 5 * time.Second + maxRetryDelay = 300 * time.Second + + defaultWorkers = 4 +) + +type Controller struct { + informer cache.SharedInformer + listerSycned cache.InformerSynced + legacyInformer cache.SharedInformer + legacyListerSynced cache.InformerSynced + + workerLoopPeriod time.Duration + queue workqueue.RateLimitingInterface + + mirroringHandler types.MirroringHandler + crdName string +} + +func NewController(informer, legacyInformer cache.SharedInformer, mirroringHandler types.MirroringHandler, crdName string) *Controller { + c := &Controller{ + informer: informer, + legacyInformer: legacyInformer, + mirroringHandler: mirroringHandler, + crdName: crdName, + queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), fmt.Sprintf("%v_mirroring", crdName)), + workerLoopPeriod: time.Second, + } + + handlers := cache.ResourceEventHandlerFuncs{ + AddFunc: c.onNewCRDAdd, + UpdateFunc: c.onNewCRDUpdate, + DeleteFunc: c.onNewCRDDelete, + } + legacyHandlers := cache.ResourceEventHandlerFuncs{ + AddFunc: c.onLegacyCRDAdd, + UpdateFunc: c.onLegacyCRDUpdate, + DeleteFunc: c.onLegacyCRDDelete, + } + + c.informer.AddEventHandler(handlers) + c.listerSycned = c.informer.HasSynced + c.legacyInformer.AddEventHandler(legacyHandlers) + c.legacyListerSynced = c.legacyInformer.HasSynced + + return c +} + +func (c *Controller) Run(stopCh <-chan struct{}) { + defer utilruntime.HandleCrash() + defer c.queue.ShutDown() + + klog.Infof("Starting %vMirroringController", c.crdName) + defer klog.Infof("Shutting down %vMirroringController", c.crdName) + + if !cache.WaitForNamedCacheSync(fmt.Sprintf("%vMirroringController", c.crdName), stopCh, c.listerSycned, c.legacyListerSynced) { + return + } + + klog.Infof("Starting %d worker threads", defaultWorkers) + for i := 0; i < defaultWorkers; i++ { + go wait.Until(c.worker, c.workerLoopPeriod, stopCh) + } + + <-stopCh +} + +func (c *Controller) worker() { + for c.processNextWorkItem() { + } +} + +func (c *Controller) processNextWorkItem() bool { + cKey, quit := c.queue.Get() + if quit { + return false + } + defer c.queue.Done(cKey) + + err := c.syncMirroring(cKey.(string)) + c.handleErr(err, cKey) + + return true +} + +func (c *Controller) syncMirroring(key string) error { + startTime := time.Now() + defer func() { + klog.V(4).Infof("Finished syncing for %q legacy CRD. (%v)", key, time.Since(startTime)) + }() + + klog.V(4).Infof("Sync mirroring CRD (%q)", key) + namespace, name, err := cache.SplitMetaNamespaceKey(key) + if err != nil { + return err + } + + // Get the legacy object, and if got an error that is not "IsNotFound", return the error + legacyExist := true + legacyObj, err := c.mirroringHandler.GetLegacyObject(namespace, name) + if err != nil { + if !apierrors.IsNotFound(err) { + return fmt.Errorf("failed to get legacy %s %s/%s: %v", c.crdName, namespace, name, err) + } else { + legacyExist = false + } + } + + // Get the new object, and if got an error that is not "IsNotFound", return the error + newExist := true + newObj, err := c.mirroringHandler.GetNewObject(namespace, name) + if err != nil { + if !apierrors.IsNotFound(err) { + return fmt.Errorf("failed to get new %s %s/%s: %v", c.crdName, namespace, name, err) + } else { + newExist = false + } + } + + // If neither the old object nor the new object exists, return + if !legacyExist && !newExist { + return nil + } + + // If the legacy object annotated with "crd.antrea.io/stop-mirror" exists, and the new object does not + // exist, create a new object. + if legacyExist && !newExist { + _, exist := legacyObj.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("New %s %s/%s not found, mirroring a new %s", c.crdName, namespace, name, c.crdName) + err = c.mirroringHandler.AddNewObject(legacyObj) + if err != nil { + return fmt.Errorf("failed to mirror new %s %s/%s:%v", c.crdName, namespace, name, err) + } + } + return nil + } + + // If the legacy object doesn't exist and the new object annotated with "crd.antrea.io/managed-by" exists, + // delete the mirrored new object. + if !legacyExist && newExist { + _, managedByController := newObj.GetAnnotations()[types.ManagedBy] + if managedByController { + klog.V(4).Infof("Legacy %s %s/%s not found, deleting the mirrored new %s", c.crdName, namespace, name, c.crdName) + err = c.mirroringHandler.DeleteNewObject(namespace, name) + if err != nil { + return fmt.Errorf("failed to delete mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) + } + } + return nil + } + + // If both the legacy object and the new object exist, do something according their annotations. + _, stopMirror := legacyObj.GetAnnotations()[types.StopMirror] + _, managedByController := newObj.GetAnnotations()[types.ManagedBy] + + if managedByController { + if !stopMirror { + // Sync the legacy object's Spec and Labels to the new object. + // Sync the new object's Status to the legacy object. + klog.V(4).Infof("Sync data between legacy and new %s %s/%s", c.crdName, namespace, name) + err = c.mirroringHandler.SyncObject(legacyObj, newObj) + if err != nil { + return fmt.Errorf("failed to sync data between legacy and new %s %s/%s: %v", c.crdName, namespace, name, err) + } + + } else { + // If the legacy object annotated with "crd.antrea.io/stop-mirror" and the new object annotated with "crd.antrea.io/managed-by", + // this means that user wants to stop mirroring and liberate the new object. + klog.V(4).Infof("Update the mirrored new %s %s/%s, then the mirrored new is liberated from mirroring", c.crdName, namespace, name) + err = c.mirroringHandler.LiberateNewObject(newObj) + if err != nil { + return fmt.Errorf("failed to liberate mirrored new %s %s/%s: %v", c.crdName, namespace, name, err) + } + } + } + + return nil +} + +func (c *Controller) queueCRD(obj interface{}) { + key, err := cache.DeletionHandlingMetaNamespaceKeyFunc(obj) + if err != nil { + utilruntime.HandleError(fmt.Errorf("couldn't get key for object %+v (type %T): %v", obj, obj, err)) + return + } + c.queue.Add(key) +} + +func (c *Controller) handleErr(err error, key interface{}) { + if err == nil { + c.queue.Forget(key) + return + } + + if c.queue.NumRequeues(key) < maxRetries { + klog.Warningf("Error mirroring object for %q resource, retrying. Error: %v", key, err) + c.queue.AddRateLimited(key) + return + } + + klog.Warningf("Retry budget exceeded, dropping %q resource out of the queue: %v", key, err) + c.queue.Forget(key) + utilruntime.HandleError(err) +} diff --git a/pkg/controller/crdmirroring/crdmirroring_controller_test.go b/pkg/controller/crdmirroring/crdmirroring_controller_test.go new file mode 100644 index 00000000000..d9b2b674406 --- /dev/null +++ b/pkg/controller/crdmirroring/crdmirroring_controller_test.go @@ -0,0 +1,1606 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdmirroring + +import ( + "context" + "reflect" + "sync" + "testing" + "time" + + "github.com/stretchr/testify/assert" + v1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/tools/cache" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + fakeversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" + crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" + crdv1a1lister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + crdv1a2lister "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/crdhandler" + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" + legacycore "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacyops "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + legacysecurity "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + legacyfakeversioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/fake" + legacycrdinformers "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions" + legacycorelister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/core/v1alpha2" + legacyopslister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/ops/v1alpha1" + legacysecuritylister "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" +) + +const ( + informerDefaultResync = 30 * time.Second + timeout = 2 * time.Minute + mockWait = 200 * time.Millisecond + + NetworkPolicy = "NetworkPolicy" + ClusterNetworkPolicy = "ClusterNetworkPolicy" + Tier = "Tier" + ClusterGroup = "ClusterGroup" + ExternalEntity = "ExternalEntity" + Traceflow = "Traceflow" +) + +var ( + labelSelector1 = metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} + labelSelector2 = metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} + + endPoints1 = []crdv1alpha2.Endpoint{{IP: "192.168.1.1", Name: "ep1"}, {IP: "192.168.1.2", Name: "ep2"}} + endPoints2 = []crdv1alpha2.Endpoint{{IP: "172.16.1.1", Name: "ep1"}, {IP: "172.16.1.2", Name: "ep2"}} + + priority1 float64 = 100 + priority2 float64 = 200 + + spec1 = crdv1alpha1.TierSpec{Priority: 100, Description: "test1"} + spec2 = crdv1alpha1.TierSpec{Priority: 200, Description: "test2"} + + source1 = crdv1alpha1.Source{Namespace: "test-namespace", Pod: "test-pod1"} + source2 = crdv1alpha1.Source{Namespace: "test-namespace", Pod: "test-pod2"} + + conditions = []crdv1alpha2.GroupCondition{ + { + Type: crdv1alpha2.GroupConditionType("test"), + Status: v1.ConditionStatus("test"), + LastTransitionTime: metav1.Time{Time: time.Now()}, + }, + } + + npStatus = crdv1alpha1.NetworkPolicyStatus{ + Phase: "test", ObservedGeneration: 1, + CurrentNodesRealized: 1, + DesiredNodesRealized: 3, + } + tfStatus = crdv1alpha1.TraceflowStatus{Phase: "test", Reason: "test", DataplaneTag: 1} +) + +type mirroringController struct { + *Controller + client *fakeversioned.Clientset + legacyClient *legacyfakeversioned.Clientset + informerFactory crdinformers.SharedInformerFactory + legacyInformerFactory legacycrdinformers.SharedInformerFactory + testHandler mirroringTestHandler + wg *sync.WaitGroup +} + +func newMirroringController(crdName string) *mirroringController { + client := fakeversioned.NewSimpleClientset() + legacyClient := legacyfakeversioned.NewSimpleClientset() + crdInformerFactory := crdinformers.NewSharedInformerFactory(client, informerDefaultResync) + legacyCRDInformerFactory := legacycrdinformers.NewSharedInformerFactory(legacyClient, informerDefaultResync) + + var mirroringHandler types.MirroringHandler + var informer, legacyInformer cache.SharedInformer + var wg sync.WaitGroup + m := &mirroringController{} + + switch crdName { + case NetworkPolicy: + crdInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() + legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().NetworkPolicies() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewNetworkPolicyTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewNetworkPolicyHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + case ClusterNetworkPolicy: + crdInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() + legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewClusterNetworkPolicyTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewClusterNetworkPolicyHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + case Tier: + crdInformer := crdInformerFactory.Crd().V1alpha1().Tiers() + legacyCRDInformer := legacyCRDInformerFactory.Security().V1alpha1().Tiers() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewTierTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewTierHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + case ClusterGroup: + crdInformer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() + legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ClusterGroups() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewClusterGroupTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewClusterGroupHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + case ExternalEntity: + crdInformer := crdInformerFactory.Crd().V1alpha2().ExternalEntities() + legacyCRDInformer := legacyCRDInformerFactory.Core().V1alpha2().ExternalEntities() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewExternalEntityTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewExternalEntityHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + case Traceflow: + crdInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() + legacyCRDInformer := legacyCRDInformerFactory.Ops().V1alpha1().Traceflows() + informer = crdInformer.Informer() + legacyInformer = legacyCRDInformer.Informer() + + m.testHandler = NewTraceflowTestHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + mirroringHandler = crdhandler.NewTraceflowHandler(crdInformer.Lister(), legacyCRDInformer.Lister(), client, legacyClient) + } + + c := NewController(informer, legacyInformer, mirroringHandler, crdName) + + m.Controller = c + m.client = client + m.legacyClient = legacyClient + m.informerFactory = crdInformerFactory + m.legacyInformerFactory = legacyCRDInformerFactory + m.wg = &wg + + return m +} + +func buildObj(crdName, namespace, name string) metav1.Object { + var obj metav1.Object + + switch crdName { + case NetworkPolicy: + obj = &legacysecurity.NetworkPolicy{} + obj.SetNamespace(namespace) + obj.(*legacysecurity.NetworkPolicy).Spec.Priority = priority1 + case ClusterNetworkPolicy: + obj = &legacysecurity.ClusterNetworkPolicy{} + obj.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority1 + case Tier: + obj = &legacysecurity.Tier{} + obj.(*legacysecurity.Tier).Spec = spec1 + case ClusterGroup: + obj = &legacycore.ClusterGroup{} + obj.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector1 + case ExternalEntity: + obj = &legacycore.ExternalEntity{} + obj.SetNamespace(namespace) + obj.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints1 + case Traceflow: + obj = &legacyops.Traceflow{} + obj.(*legacyops.Traceflow).Spec.Source = source1 + } + obj.SetName(name) + obj.SetLabels(map[string]string{}) // init labels + + return obj +} + +func updateLegacyObj(crdName string, obj metav1.Object) metav1.Object { + var res metav1.Object + switch crdName { + case NetworkPolicy: + res = obj.(*legacysecurity.NetworkPolicy).DeepCopy() + res.(*legacysecurity.NetworkPolicy).Spec.Priority = priority2 + case ClusterNetworkPolicy: + res = obj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() + res.(*legacysecurity.ClusterNetworkPolicy).Spec.Priority = priority2 + case Tier: + res = obj.(*legacysecurity.Tier).DeepCopy() + res.(*legacysecurity.Tier).DeepCopy().Spec = spec2 + case ClusterGroup: + res = obj.(*legacycore.ClusterGroup).DeepCopy() + res.(*legacycore.ClusterGroup).Spec.PodSelector = &labelSelector2 + case ExternalEntity: + res = obj.(*legacycore.ExternalEntity).DeepCopy() + res.(*legacycore.ExternalEntity).Spec.Endpoints = endPoints2 + case Traceflow: + res = obj.(*legacyops.Traceflow).DeepCopy() + res.(*legacyops.Traceflow).Spec.Source = source2 + } + + return res +} + +func updateLegacyObjAnnotation(crdName string, obj metav1.Object) metav1.Object { + var res metav1.Object + switch crdName { + case NetworkPolicy: + res = obj.(*legacysecurity.NetworkPolicy).DeepCopy() + res.(*legacysecurity.NetworkPolicy).Annotations = map[string]string{types.StopMirror: "true"} + case ClusterNetworkPolicy: + res = obj.(*legacysecurity.ClusterNetworkPolicy).DeepCopy() + res.(*legacysecurity.ClusterNetworkPolicy).Annotations = map[string]string{types.StopMirror: "true"} + case Tier: + res = obj.(*legacysecurity.Tier).DeepCopy() + res.(*legacysecurity.Tier).Annotations = map[string]string{types.StopMirror: "true"} + case ClusterGroup: + res = obj.(*legacycore.ClusterGroup).DeepCopy() + res.(*legacycore.ClusterGroup).Annotations = map[string]string{types.StopMirror: "true"} + case ExternalEntity: + res = obj.(*legacycore.ExternalEntity).DeepCopy() + res.(*legacycore.ExternalEntity).Annotations = map[string]string{types.StopMirror: "true"} + case Traceflow: + res = obj.(*legacyops.Traceflow).DeepCopy() + res.(*legacyops.Traceflow).Annotations = map[string]string{types.StopMirror: "true"} + } + + return res +} + +func updateNewObj(crdName string, obj metav1.Object) metav1.Object { + var res metav1.Object + switch crdName { + case NetworkPolicy: + res = obj.(*crdv1alpha1.NetworkPolicy).DeepCopy() + res.(*crdv1alpha1.NetworkPolicy).Spec.Priority = priority2 + case ClusterNetworkPolicy: + res = obj.(*crdv1alpha1.ClusterNetworkPolicy).DeepCopy() + res.(*crdv1alpha1.ClusterNetworkPolicy).Spec.Priority = priority2 + case Tier: + res = obj.(*crdv1alpha1.Tier).DeepCopy() + res.(*crdv1alpha1.Tier).DeepCopy().Spec = spec2 + case ClusterGroup: + res = obj.(*crdv1alpha2.ClusterGroup).DeepCopy() + res.(*crdv1alpha2.ClusterGroup).Spec.PodSelector = &labelSelector2 + case ExternalEntity: + res = obj.(*crdv1alpha2.ExternalEntity).DeepCopy() + res.(*crdv1alpha2.ExternalEntity).Spec.Endpoints = endPoints2 + case Traceflow: + res = obj.(*crdv1alpha1.Traceflow).DeepCopy() + res.(*crdv1alpha1.Traceflow).Spec.Source = source2 + } + + return res +} + +func updateNewObjStatus(crdName string, obj metav1.Object) metav1.Object { + var res metav1.Object + switch crdName { + case NetworkPolicy: + res = obj.(*crdv1alpha1.NetworkPolicy).DeepCopy() + res.(*crdv1alpha1.NetworkPolicy).Status = npStatus + case ClusterNetworkPolicy: + res = obj.(*crdv1alpha1.ClusterNetworkPolicy).DeepCopy() + res.(*crdv1alpha1.ClusterNetworkPolicy).Status = npStatus + case ClusterGroup: + res = obj.(*crdv1alpha2.ClusterGroup).DeepCopy() + res.(*crdv1alpha2.ClusterGroup).Status.Conditions = conditions + case Traceflow: + res = obj.(*crdv1alpha1.Traceflow).DeepCopy() + res.(*crdv1alpha1.Traceflow).Status = tfStatus + } + + return res +} + +func assertSpec(t *testing.T, crdName string, expectedObj, res metav1.Object) { + switch crdName { + case NetworkPolicy: + assert.Equal(t, expectedObj.(*legacysecurity.NetworkPolicy).Spec, res.(*crdv1alpha1.NetworkPolicy).Spec) + case ClusterNetworkPolicy: + assert.Equal(t, expectedObj.(*legacysecurity.ClusterNetworkPolicy).Spec, res.(*crdv1alpha1.ClusterNetworkPolicy).Spec) + case Tier: + assert.Equal(t, expectedObj.(*legacysecurity.Tier).Spec, res.(*crdv1alpha1.Tier).Spec) + case ClusterGroup: + assert.Equal(t, expectedObj.(*legacycore.ClusterGroup).Spec, res.(*crdv1alpha2.ClusterGroup).Spec) + case ExternalEntity: + assert.Equal(t, expectedObj.(*legacycore.ExternalEntity).Spec, res.(*crdv1alpha2.ExternalEntity).Spec) + case Traceflow: + assert.Equal(t, expectedObj.(*legacyops.Traceflow).Spec, res.(*crdv1alpha1.Traceflow).Spec) + } +} + +type mirroringTestHandler interface { + LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) + LegacyDeleteAndWait(namespace, name string) error + LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) + NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) + NewDeleteAndWait(namespace, name string) error + NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) + NewUpdateStatusAndWait(res metav1.Object) error +} + +// ClusterGroup +type ClusterGroupTestHandler struct { + lister crdv1a2lister.ClusterGroupLister + client crdclientset.Interface + legacyLister legacycorelister.ClusterGroupLister + legacyClient legacycrdclientset.Interface +} + +func NewClusterGroupTestHandler(lister crdv1a2lister.ClusterGroupLister, + legacyLister legacycorelister.ClusterGroupLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *ClusterGroupTestHandler { + nt := &ClusterGroupTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *ClusterGroupTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacycore.ClusterGroup) + _, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ClusterGroupTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.CoreV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterGroupTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacycore.ClusterGroup) + _, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ClusterGroupTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacycore.ClusterGroup) + res1, err := c.legacyClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *ClusterGroupTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterGroupTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha2.ClusterGroup) + lCRD := legacyObj.(*legacycore.ClusterGroup) + _, err := c.client.CrdV1alpha2().ClusterGroups().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *ClusterGroupTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + crd := obj.(*crdv1alpha2.ClusterGroup) + _, err := c.client.CrdV1alpha2().ClusterGroups().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return err + } + + time.Sleep(mockWait) + err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterGroupTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha2.ClusterGroup, error) { + var crd *crdv1alpha2.ClusterGroup + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ClusterGroupTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *ClusterGroupTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha2.GroupSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha2.ClusterGroup + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ClusterGroupTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha2.GroupStatus, timeout time.Duration) error { + var crd *legacycore.ClusterGroup + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.legacyLister.Get(name) + if err == nil && reflect.DeepEqual(crd.Status, status) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *ClusterGroupTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha2.ClusterGroup + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// ExternalEntityTestHandler +type ExternalEntityTestHandler struct { + lister crdv1a2lister.ExternalEntityLister + client crdclientset.Interface + legacyLister legacycorelister.ExternalEntityLister + legacyClient legacycrdclientset.Interface +} + +func NewExternalEntityTestHandler(lister crdv1a2lister.ExternalEntityLister, + legacyLister legacycorelister.ExternalEntityLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *ExternalEntityTestHandler { + nt := &ExternalEntityTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *ExternalEntityTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacycore.ExternalEntity) + _, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ExternalEntityTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.CoreV1alpha2().ExternalEntities(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ExternalEntityTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacycore.ExternalEntity) + _, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ExternalEntityTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacycore.ExternalEntity) + res1, err := c.legacyClient.CoreV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *ExternalEntityTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha2().ExternalEntities(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ExternalEntityTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha2.ExternalEntity) + lCRD := legacyObj.(*legacycore.ExternalEntity) + _, err := c.client.CrdV1alpha2().ExternalEntities(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *ExternalEntityTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + return nil +} + +func (c *ExternalEntityTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha2.ExternalEntity, error) { + var crd *crdv1alpha2.ExternalEntity + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.ExternalEntities(namespace).Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ExternalEntityTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.ExternalEntities(namespace).Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *ExternalEntityTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha2.ExternalEntitySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha2.ExternalEntity + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.ExternalEntities(namespace).Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ExternalEntityTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha2.ExternalEntity + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.ExternalEntities(namespace).Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// NetworkPolicyTestHandler +type NetworkPolicyTestHandler struct { + lister crdv1a1lister.NetworkPolicyLister + client crdclientset.Interface + legacyLister legacysecuritylister.NetworkPolicyLister + legacyClient legacycrdclientset.Interface +} + +func NewNetworkPolicyTestHandler(lister crdv1a1lister.NetworkPolicyLister, + legacyLister legacysecuritylister.NetworkPolicyLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *NetworkPolicyTestHandler { + nt := &NetworkPolicyTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *NetworkPolicyTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.NetworkPolicy) + _, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *NetworkPolicyTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *NetworkPolicyTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.NetworkPolicy) + _, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *NetworkPolicyTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacysecurity.NetworkPolicy) + res1, err := c.legacyClient.SecurityV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *NetworkPolicyTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha1().NetworkPolicies(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *NetworkPolicyTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha1.NetworkPolicy) + lCRD := legacyObj.(*legacysecurity.NetworkPolicy) + _, err := c.client.CrdV1alpha1().NetworkPolicies(crd.Namespace).Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *NetworkPolicyTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + crd := obj.(*crdv1alpha1.NetworkPolicy) + _, err := c.client.CrdV1alpha1().NetworkPolicies(crd.Namespace).UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return err + } + + time.Sleep(mockWait) + err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) + if err != nil { + return err + } + return nil +} + +func (c *NetworkPolicyTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.NetworkPolicy, error) { + var crd *crdv1alpha1.NetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.NetworkPolicies(namespace).Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *NetworkPolicyTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.NetworkPolicies(namespace).Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *NetworkPolicyTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.NetworkPolicySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.NetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.NetworkPolicies(namespace).Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *NetworkPolicyTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.NetworkPolicyStatus, timeout time.Duration) error { + var crd *legacysecurity.NetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.legacyLister.NetworkPolicies(namespace).Get(name) + if err == nil && reflect.DeepEqual(crd.Status, status) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *NetworkPolicyTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.NetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.NetworkPolicies(namespace).Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// ClusterNetworkPolicyTestHandler +type ClusterNetworkPolicyTestHandler struct { + lister crdv1a1lister.ClusterNetworkPolicyLister + client crdclientset.Interface + legacyLister legacysecuritylister.ClusterNetworkPolicyLister + legacyClient legacycrdclientset.Interface +} + +func NewClusterNetworkPolicyTestHandler(lister crdv1a1lister.ClusterNetworkPolicyLister, + legacyLister legacysecuritylister.ClusterNetworkPolicyLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *ClusterNetworkPolicyTestHandler { + nt := &ClusterNetworkPolicyTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *ClusterNetworkPolicyTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.ClusterNetworkPolicy) + _, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ClusterNetworkPolicyTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterNetworkPolicyTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.ClusterNetworkPolicy) + _, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *ClusterNetworkPolicyTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacysecurity.ClusterNetworkPolicy) + res1, err := c.legacyClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *ClusterNetworkPolicyTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterNetworkPolicyTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha1.ClusterNetworkPolicy) + lCRD := legacyObj.(*legacysecurity.ClusterNetworkPolicy) + _, err := c.client.CrdV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *ClusterNetworkPolicyTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + crd := obj.(*crdv1alpha1.ClusterNetworkPolicy) + _, err := c.client.CrdV1alpha1().ClusterNetworkPolicies().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return err + } + + time.Sleep(mockWait) + err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) + if err != nil { + return err + } + return nil +} + +func (c *ClusterNetworkPolicyTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.ClusterNetworkPolicy, error) { + var crd *crdv1alpha1.ClusterNetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ClusterNetworkPolicyTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *ClusterNetworkPolicyTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.ClusterNetworkPolicySpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.ClusterNetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *ClusterNetworkPolicyTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.NetworkPolicyStatus, timeout time.Duration) error { + var crd *legacysecurity.ClusterNetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.legacyLister.Get(name) + if err == nil && reflect.DeepEqual(crd.Status, status) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *ClusterNetworkPolicyTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.ClusterNetworkPolicy + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// TierTestHandler +type TierTestHandler struct { + lister crdv1a1lister.TierLister + client crdclientset.Interface + legacyLister legacysecuritylister.TierLister + legacyClient legacycrdclientset.Interface +} + +func NewTierTestHandler(lister crdv1a1lister.TierLister, + legacyLister legacysecuritylister.TierLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *TierTestHandler { + nt := &TierTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *TierTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.Tier) + _, err := c.legacyClient.SecurityV1alpha1().Tiers().Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *TierTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.SecurityV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *TierTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacysecurity.Tier) + _, err := c.legacyClient.SecurityV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *TierTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacysecurity.Tier) + res1, err := c.legacyClient.SecurityV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *TierTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *TierTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha1.Tier) + lCRD := legacyObj.(*legacysecurity.Tier) + _, err := c.client.CrdV1alpha1().Tiers().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *TierTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + return nil +} + +func (c *TierTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.Tier, error) { + var crd *crdv1alpha1.Tier + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *TierTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *TierTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.TierSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.Tier + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *TierTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.Tier + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// TraceflowTestHandler +type TraceflowTestHandler struct { + lister crdv1a1lister.TraceflowLister + client crdclientset.Interface + legacyLister legacyopslister.TraceflowLister + legacyClient legacycrdclientset.Interface +} + +func NewTraceflowTestHandler(lister crdv1a1lister.TraceflowLister, + legacyLister legacyopslister.TraceflowLister, + client crdclientset.Interface, + legacyClient legacycrdclientset.Interface) *TraceflowTestHandler { + nt := &TraceflowTestHandler{ + client: client, + lister: lister, + legacyClient: legacyClient, + legacyLister: legacyLister, + } + return nt +} + +func (c *TraceflowTestHandler) LegacyAddAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacyops.Traceflow) + _, err := c.legacyClient.OpsV1alpha1().Traceflows().Create(context.TODO(), crd, metav1.CreateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewReady(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *TraceflowTestHandler) LegacyDeleteAndWait(namespace, name string) error { + err := c.legacyClient.OpsV1alpha1().Traceflows().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + err = c.waitForNewDeleted(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *TraceflowTestHandler) LegacyUpdateAndWait(obj metav1.Object) (metav1.Object, error) { + crd := obj.(*legacyops.Traceflow) + _, err := c.legacyClient.OpsV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + res, err := c.waitForNewUpdated(crd.Namespace, crd.Name, crd.Spec, crd.Labels, timeout) + if err != nil { + return nil, err + } + return res, nil +} + +func (c *TraceflowTestHandler) NewLiberateAndWait(obj metav1.Object) (metav1.Object, metav1.Object, error) { + crd := obj.(*legacyops.Traceflow) + res1, err := c.legacyClient.OpsV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, nil, err + } + + res2, err := c.waitForNewLiberate(crd.Namespace, crd.Name, timeout) + if err != nil { + return nil, nil, err + } + return res1, res2, nil +} + +func (c *TraceflowTestHandler) NewDeleteAndWait(namespace, name string) error { + err := c.client.CrdV1alpha1().Traceflows().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return err + } + time.Sleep(mockWait) + _, err = c.waitForNewReady(namespace, name, timeout) + if err != nil { + return err + } + return nil +} + +func (c *TraceflowTestHandler) NewUpdateAndWait(legacyObj, newObj metav1.Object) (metav1.Object, error) { + crd := newObj.(*crdv1alpha1.Traceflow) + lCRD := legacyObj.(*legacyops.Traceflow) + _, err := c.client.CrdV1alpha1().Traceflows().Update(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return nil, err + } + + time.Sleep(mockWait) + res, err := c.waitForNewUpdated(lCRD.Namespace, lCRD.Name, lCRD.Spec, lCRD.Labels, timeout) + if err != nil { + return nil, err + } + + return res, nil +} + +func (c *TraceflowTestHandler) NewUpdateStatusAndWait(obj metav1.Object) error { + crd := obj.(*crdv1alpha1.Traceflow) + _, err := c.client.CrdV1alpha1().Traceflows().UpdateStatus(context.TODO(), crd, metav1.UpdateOptions{}) + if err != nil { + return err + } + + time.Sleep(mockWait) + err = c.waitForLegacyUpdated(crd.Namespace, crd.Name, crd.Status, timeout) + if err != nil { + return err + } + return nil +} + +func (c *TraceflowTestHandler) waitForNewReady(namespace, name string, timeout time.Duration) (*crdv1alpha1.Traceflow, error) { + var crd *crdv1alpha1.Traceflow + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *TraceflowTestHandler) waitForNewDeleted(namespace, name string, timeout time.Duration) error { + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + _, err = c.lister.Get(name) + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *TraceflowTestHandler) waitForNewUpdated(namespace, name string, spec crdv1alpha1.TraceflowSpec, labels map[string]string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.Traceflow + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil && reflect.DeepEqual(crd.Spec, spec) && reflect.DeepEqual(crd.Labels, labels) { + return true, nil + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +func (c *TraceflowTestHandler) waitForLegacyUpdated(namespace, name string, status crdv1alpha1.TraceflowStatus, timeout time.Duration) error { + var crd *legacyops.Traceflow + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.legacyLister.Get(name) + if err == nil && reflect.DeepEqual(crd.Status, status) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + +func (c *TraceflowTestHandler) waitForNewLiberate(namespace, name string, timeout time.Duration) (metav1.Object, error) { + var crd *crdv1alpha1.Traceflow + var err error + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + crd, err = c.lister.Get(name) + if err == nil { + if _, exist := crd.Annotations[types.ManagedBy]; !exist { + return true, nil + } + } + return false, nil + }); err != nil { + return nil, err + } + return crd, nil +} + +// mirroringController +func (c *mirroringController) testLegacyAdd(t *testing.T) { + name := "legacy-add" + namespace := "test" + defer c.wg.Done() + + expectedObj := buildObj(c.crdName, namespace, name) + resObj, err := c.testHandler.LegacyAddAndWait(expectedObj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + assert.NotNil(t, resObj) + assert.Equal(t, expectedObj.GetName(), resObj.GetName()) + assert.Equal(t, expectedObj.GetLabels(), resObj.GetLabels()) + assertSpec(t, c.crdName, expectedObj, resObj) +} + +func (c *mirroringController) testLegacyDelete(t *testing.T) { + name := "legacy-delete" + namespace := "test" + defer c.wg.Done() + + obj := buildObj(c.crdName, namespace, name) + _, err := c.testHandler.LegacyAddAndWait(obj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + err = c.testHandler.LegacyDeleteAndWait(namespace, name) + if err != nil { + t.Fatalf("Expected no error running LegacyDeleteAndWait, got %v", err) + } +} + +func (c *mirroringController) testLegacyUpdate(t *testing.T) { + name := "legacy-update" + namespace := "test" + defer c.wg.Done() + + obj := buildObj(c.crdName, namespace, name) + _, err := c.testHandler.LegacyAddAndWait(obj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + expectedObj := updateLegacyObj(c.crdName, obj) + resObj, err := c.testHandler.LegacyUpdateAndWait(expectedObj) + if err != nil { + t.Fatalf("Expected no error running LegacyUpdateAndWait, got %v", err) + } + assertSpec(t, c.crdName, expectedObj, resObj) +} + +func (c *mirroringController) testNewLiberate(t *testing.T) { + name := "new-liberate" + namespace := "test" + defer c.wg.Done() + + obj := buildObj(c.crdName, namespace, name) + _, err := c.testHandler.LegacyAddAndWait(obj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + legacyObj, newObj, err := c.testHandler.NewLiberateAndWait(updateLegacyObjAnnotation(c.crdName, obj)) + if err != nil { + t.Fatalf("Expected no error running NewLiberateAndWait, got %v", err) + } + + _, managedBy := newObj.GetAnnotations()[types.ManagedBy] + _, stopMirror := legacyObj.GetAnnotations()[types.StopMirror] + + assert.Equal(t, false, managedBy) + assert.Equal(t, true, stopMirror) +} + +func (c *mirroringController) testNewDelete(t *testing.T) { + name := "new-delete" + namespace := "test" + defer c.wg.Done() + + obj := buildObj(c.crdName, namespace, name) + _, err := c.testHandler.LegacyAddAndWait(obj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + err = c.testHandler.NewDeleteAndWait(namespace, name) + if err != nil { + t.Fatalf("Expected no error running NewDeleteAndWait, got %v", err) + } +} + +func (c *mirroringController) testNewUpdate(t *testing.T) { + name := "new-update" + namespace := "test" + defer c.wg.Done() + + legacyObj := buildObj(c.crdName, namespace, name) + newObj, err := c.testHandler.LegacyAddAndWait(legacyObj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + res, err := c.testHandler.NewUpdateAndWait(legacyObj, updateNewObj(c.crdName, newObj)) + if err != nil { + t.Fatalf("Expected no error running NewUpdateAndWait, got %v", err) + } + assertSpec(t, c.crdName, legacyObj, res) +} + +func (c *mirroringController) testNewUpdateStatus(t *testing.T) { + name := "new-update-status" + namespace := "test" + defer c.wg.Done() + + obj := buildObj(c.crdName, namespace, name) + res, err := c.testHandler.LegacyAddAndWait(obj) + if err != nil { + t.Fatalf("Expected no error running LegacyAddAndWait, got %v", err) + } + + err = c.testHandler.NewUpdateStatusAndWait(updateNewObjStatus(c.crdName, res)) + if err != nil { + t.Fatalf("Expected no error running NewUpdateStatusAndWait, got %v", err) + } +} + +func testCRD(t *testing.T, crd string) { + controller := newMirroringController(crd) + stopCh := make(chan struct{}) + controller.informerFactory.Start(stopCh) + controller.legacyInformerFactory.Start(stopCh) + controller.informerFactory.WaitForCacheSync(stopCh) + controller.legacyInformerFactory.WaitForCacheSync(stopCh) + go controller.Run(stopCh) + controller.wg.Add(7) + + t.Run("LegacyAdd", func(t *testing.T) { controller.testLegacyAdd(t) }) + t.Run("LegacyDelete", func(t *testing.T) { controller.testLegacyDelete(t) }) + t.Run("LegacyUpdate", func(t *testing.T) { controller.testLegacyUpdate(t) }) + t.Run("NewLiberate", func(t *testing.T) { controller.testNewLiberate(t) }) + t.Run("NewDelete", func(t *testing.T) { controller.testNewDelete(t) }) + t.Run("NewUpdate", func(t *testing.T) { controller.testNewUpdate(t) }) + t.Run("NewUpdateStatus", func(t *testing.T) { controller.testNewUpdateStatus(t) }) + + controller.wg.Wait() + close(stopCh) +} + +func TestCRDMirroringController(t *testing.T) { + t.Run(ClusterGroup, func(t *testing.T) { testCRD(t, ClusterGroup) }) + t.Run(ExternalEntity, func(t *testing.T) { testCRD(t, ExternalEntity) }) + t.Run(NetworkPolicy, func(t *testing.T) { testCRD(t, NetworkPolicy) }) + t.Run(ClusterNetworkPolicy, func(t *testing.T) { testCRD(t, ClusterNetworkPolicy) }) + t.Run(Tier, func(t *testing.T) { testCRD(t, Tier) }) + t.Run(Traceflow, func(t *testing.T) { testCRD(t, Traceflow) }) +} diff --git a/pkg/controller/crdmirroring/crdmirroring_handlers.go b/pkg/controller/crdmirroring/crdmirroring_handlers.go new file mode 100644 index 00000000000..41f6a0967b8 --- /dev/null +++ b/pkg/controller/crdmirroring/crdmirroring_handlers.go @@ -0,0 +1,111 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package crdmirroring + +import ( + "fmt" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + "k8s.io/client-go/tools/cache" + "k8s.io/klog" + + "github.com/vmware-tanzu/antrea/pkg/controller/crdmirroring/types" +) + +func (c *Controller) onNewCRDAdd(obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onNewCRDUpdate(prevObj, obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s UPDATE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onNewCRDDelete(obj interface{}) { + crd := getCRDFromDeleteAction(obj) + if crd == nil { + return + } + + _, exist := crd.GetAnnotations()[types.ManagedBy] + if exist { + klog.V(4).Infof("Processing mirroring %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDAdd(obj interface{}) { + crd := obj.(metav1.Object) + + _, exist := crd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s ADD event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDUpdate(prevObj, obj interface{}) { + prevCrd := prevObj.(metav1.Object) + + _, exist := prevCrd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s UPDATE event", c.crdName, prevCrd.GetNamespace(), prevCrd.GetName()) + c.queueCRD(obj) + } +} + +func (c *Controller) onLegacyCRDDelete(obj interface{}) { + crd := getCRDFromDeleteAction(obj) + if crd == nil { + return + } + + _, exist := crd.GetAnnotations()[types.StopMirror] + if !exist { + klog.V(4).Infof("Processing legacy %s %s/%s DELETE event", c.crdName, crd.GetNamespace(), crd.GetName()) + c.queueCRD(obj) + } +} + +func getCRDFromDeleteAction(obj interface{}) metav1.Object { + _, ok := obj.(metav1.Object) + if ok { + return obj.(metav1.Object) + } + tombstone, ok := obj.(cache.DeletedFinalStateUnknown) + if !ok { + utilruntime.HandleError(fmt.Errorf("couldn't get object from tombstone %#v", obj)) + return nil + } + + _, ok = tombstone.Obj.(metav1.Object) + if ok { + return tombstone.Obj.(metav1.Object) + } + utilruntime.HandleError(fmt.Errorf("tombstone contained object that is not a object resource: %#v", obj)) + return nil +} diff --git a/pkg/controller/crdmirroring/types/interface.go b/pkg/controller/crdmirroring/types/interface.go new file mode 100644 index 00000000000..e1c67dccce4 --- /dev/null +++ b/pkg/controller/crdmirroring/types/interface.go @@ -0,0 +1,27 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +package types + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +type MirroringHandler interface { + GetLegacyObject(namespace, name string) (metav1.Object, error) + GetNewObject(namespace, name string) (metav1.Object, error) + AddNewObject(obj metav1.Object) error + SyncObject(legacyObj, newObj metav1.Object) error + DeleteNewObject(namespace, name string) error + LiberateNewObject(obj metav1.Object) error +} diff --git a/pkg/controller/crdmirroring/types/types.go b/pkg/controller/crdmirroring/types/types.go new file mode 100644 index 00000000000..ec491e4ea74 --- /dev/null +++ b/pkg/controller/crdmirroring/types/types.go @@ -0,0 +1,22 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +const ( + ManagedBy = "crd.antrea.io/managed-by" + ControllerName = "crdmirroring-controller" + + StopMirror = "crd.antrea.io/stop-mirror" +) diff --git a/pkg/controller/grouping/controller.go b/pkg/controller/grouping/controller.go index 4d4099491c1..2732ee24bc6 100644 --- a/pkg/controller/grouping/controller.go +++ b/pkg/controller/grouping/controller.go @@ -22,8 +22,8 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/klog" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - corev1a2informers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + crdv1a2informers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/features" ) @@ -38,7 +38,7 @@ type GroupEntityController struct { // podListerSynced is a function which returns true if the Pod shared informer has been synced at least once. podListerSynced cache.InformerSynced - externalEntityInformer corev1a2informers.ExternalEntityInformer + externalEntityInformer crdv1a2informers.ExternalEntityInformer // externalEntityListerSynced is a function which returns true if the ExternalEntity shared informer has been synced at least once. externalEntityListerSynced cache.InformerSynced @@ -52,7 +52,7 @@ type GroupEntityController struct { func NewGroupEntityController(groupEntityIndex *GroupEntityIndex, podInformer coreinformers.PodInformer, namespaceInformer coreinformers.NamespaceInformer, - externalEntityInformer corev1a2informers.ExternalEntityInformer) *GroupEntityController { + externalEntityInformer crdv1a2informers.ExternalEntityInformer) *GroupEntityController { c := &GroupEntityController{ groupEntityIndex: groupEntityIndex, podInformer: podInformer, diff --git a/pkg/controller/grouping/controller_test.go b/pkg/controller/grouping/controller_test.go index 0299151cf6b..70c76e07f8f 100644 --- a/pkg/controller/grouping/controller_test.go +++ b/pkg/controller/grouping/controller_test.go @@ -26,7 +26,7 @@ import ( "k8s.io/client-go/kubernetes/fake" featuregatetesting "k8s.io/component-base/featuregate/testing" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" fakeversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" "github.com/vmware-tanzu/antrea/pkg/features" @@ -77,7 +77,7 @@ func TestGroupEntityControllerRun(t *testing.T) { crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, informerDefaultResync) stopCh := make(chan struct{}) - c := NewGroupEntityController(index, informerFactory.Core().V1().Pods(), informerFactory.Core().V1().Namespaces(), crdInformerFactory.Core().V1alpha2().ExternalEntities()) + c := NewGroupEntityController(index, informerFactory.Core().V1().Pods(), informerFactory.Core().V1().Namespaces(), crdInformerFactory.Crd().V1alpha2().ExternalEntities()) assert.False(t, index.HasSynced(), "GroupEntityIndex has been synced before starting InformerFactories") informerFactory.Start(stopCh) diff --git a/pkg/controller/grouping/group_entity_index.go b/pkg/controller/grouping/group_entity_index.go index aaead333b15..01bd7c172db 100644 --- a/pkg/controller/grouping/group_entity_index.go +++ b/pkg/controller/grouping/group_entity_index.go @@ -26,7 +26,7 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/klog" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/controller/types" utilsets "github.com/vmware-tanzu/antrea/pkg/util/sets" ) diff --git a/pkg/controller/grouping/group_entity_index_test.go b/pkg/controller/grouping/group_entity_index_test.go index 13e0add3093..cb823fd563f 100644 --- a/pkg/controller/grouping/group_entity_index_test.go +++ b/pkg/controller/grouping/group_entity_index_test.go @@ -23,7 +23,7 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/controller/types" ) diff --git a/pkg/controller/networkpolicy/antreanetworkpolicy.go b/pkg/controller/networkpolicy/antreanetworkpolicy.go index 0858f372f2d..9c8b65c7c06 100644 --- a/pkg/controller/networkpolicy/antreanetworkpolicy.go +++ b/pkg/controller/networkpolicy/antreanetworkpolicy.go @@ -20,7 +20,7 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) @@ -28,7 +28,7 @@ import ( // which can be consumed by agents to configure corresponding rules on the Nodes. func (n *NetworkPolicyController) addANP(obj interface{}) { defer n.heartbeat("addANP") - np := obj.(*secv1alpha1.NetworkPolicy) + np := obj.(*crdv1alpha1.NetworkPolicy) klog.Infof("Processing Antrea NetworkPolicy %s/%s ADD event", np.Namespace, np.Name) // Create an internal NetworkPolicy object corresponding to this // NetworkPolicy and enqueue task to internal NetworkPolicy Workqueue. @@ -43,14 +43,14 @@ func (n *NetworkPolicyController) addANP(obj interface{}) { // which can be consumed by agents to configure corresponding rules on the Nodes. func (n *NetworkPolicyController) updateANP(old, cur interface{}) { defer n.heartbeat("updateANP") - curNP := cur.(*secv1alpha1.NetworkPolicy) + curNP := cur.(*crdv1alpha1.NetworkPolicy) klog.Infof("Processing Antrea NetworkPolicy %s/%s UPDATE event", curNP.Namespace, curNP.Name) // Update an internal NetworkPolicy, corresponding to this NetworkPolicy and // enqueue task to internal NetworkPolicy Workqueue. curInternalNP := n.processAntreaNetworkPolicy(curNP) klog.V(2).Infof("Updating existing internal NetworkPolicy %s for %s", curInternalNP.Name, curInternalNP.SourceRef.ToString()) - // Retrieve old secv1alpha1.NetworkPolicy object. - oldNP := old.(*secv1alpha1.NetworkPolicy) + // Retrieve old crdv1alpha1.NetworkPolicy object. + oldNP := old.(*crdv1alpha1.NetworkPolicy) // Old and current NetworkPolicy share the same key. key := internalNetworkPolicyKeyFunc(oldNP) // Lock access to internal NetworkPolicy store such that concurrent access @@ -87,14 +87,14 @@ func (n *NetworkPolicyController) updateANP(old, cur interface{}) { // deleteANP receives AntreaNetworkPolicy DELETED events and deletes resources // which can be consumed by agents to delete corresponding rules on the Nodes. func (n *NetworkPolicyController) deleteANP(old interface{}) { - np, ok := old.(*secv1alpha1.NetworkPolicy) + np, ok := old.(*crdv1alpha1.NetworkPolicy) if !ok { tombstone, ok := old.(cache.DeletedFinalStateUnknown) if !ok { klog.Errorf("Error decoding object when deleting Antrea NetworkPolicy, invalid type: %v", old) return } - np, ok = tombstone.Obj.(*secv1alpha1.NetworkPolicy) + np, ok = tombstone.Obj.(*crdv1alpha1.NetworkPolicy) if !ok { klog.Errorf("Error decoding object tombstone when deleting Antrea NetworkPolicy, invalid type: %v", tombstone.Obj) return @@ -118,12 +118,12 @@ func (n *NetworkPolicyController) deleteANP(old interface{}) { } // processAntreaNetworkPolicy creates an internal NetworkPolicy instance -// corresponding to the secv1alpha1.NetworkPolicy object. This method +// corresponding to the crdv1alpha1.NetworkPolicy object. This method // does not commit the internal NetworkPolicy in store, instead returns an // instance to the caller wherein, it will be either stored as a new Object // in case of ADD event or modified and store the updated instance, in case // of an UPDATE event. -func (n *NetworkPolicyController) processAntreaNetworkPolicy(np *secv1alpha1.NetworkPolicy) *antreatypes.NetworkPolicy { +func (n *NetworkPolicyController) processAntreaNetworkPolicy(np *crdv1alpha1.NetworkPolicy) *antreatypes.NetworkPolicy { appliedToPerRule := len(np.Spec.AppliedTo) == 0 // appliedToGroupNames tracks all distinct appliedToGroups referred to by the Antrea NetworkPolicy, // either in the spec section or in ingress/egress rules. diff --git a/pkg/controller/networkpolicy/antreanetworkpolicy_test.go b/pkg/controller/networkpolicy/antreanetworkpolicy_test.go index 3d6c770932d..04ecd09722e 100644 --- a/pkg/controller/networkpolicy/antreanetworkpolicy_test.go +++ b/pkg/controller/networkpolicy/antreanetworkpolicy_test.go @@ -22,7 +22,7 @@ import ( "k8s.io/apimachinery/pkg/util/intstr" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) @@ -35,32 +35,32 @@ var ( func TestProcessAntreaNetworkPolicy(t *testing.T) { p10 := float64(10) - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow protocolTCP := controlplane.ProtocolTCP tests := []struct { name string - inputPolicy *secv1alpha1.NetworkPolicy + inputPolicy *crdv1alpha1.NetworkPolicy expectedPolicy *antreatypes.NetworkPolicy expectedAppliedToGroups int expectedAddressGroups int }{ { name: "rules-with-same-selectors", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "ns1", Name: "npA", UID: "uidA"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -69,14 +69,14 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{ + Egress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -135,21 +135,21 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { }, { name: "rules-with-different-selectors", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "ns2", Name: "npB", UID: "uidB"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -157,12 +157,12 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { Action: &allowAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -220,24 +220,24 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { }, { name: "appliedTo-per-rule", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "ns3", Name: "npC", UID: "uidC"}, - Spec: secv1alpha1.NetworkPolicySpec{ + Spec: crdv1alpha1.NetworkPolicySpec{ AppliedTo: nil, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorA, }, }, - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -245,17 +245,17 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { Action: &allowAction, }, { - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, }, - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -319,23 +319,23 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { }, { name: "with-port-range", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "ns4", Name: "npD", UID: "uidD"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int1000, EndPort: &int32For1999, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -392,7 +392,7 @@ func TestProcessAntreaNetworkPolicy(t *testing.T) { func TestAddANP(t *testing.T) { p10 := float64(10) - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow protocolTCP := controlplane.ProtocolTCP int80 := intstr.FromInt(80) selectorAll := metav1.LabelSelector{} @@ -400,29 +400,29 @@ func TestAddANP(t *testing.T) { matchAllPeerEgress.AddressGroups = []string{getNormalizedUID(toGroupSelector("", nil, &selectorAll, nil).NormalizedName)} tests := []struct { name string - inputPolicy *secv1alpha1.NetworkPolicy + inputPolicy *crdv1alpha1.NetworkPolicy expPolicy *antreatypes.NetworkPolicy expAppliedToGroups int expAddressGroups int }{ { name: "application-tier-policy", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "anpA", UID: "uidA"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, Tier: "Application", - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -468,23 +468,23 @@ func TestAddANP(t *testing.T) { }, { name: "with-port-range", - inputPolicy: &secv1alpha1.NetworkPolicy{ + inputPolicy: &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsB", Name: "npB", UID: "uidB"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int1000, EndPort: &int32For1999, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -561,15 +561,15 @@ func TestDeleteANP(t *testing.T) { } // util functions for testing. -func getANP() *secv1alpha1.NetworkPolicy { +func getANP() *crdv1alpha1.NetworkPolicy { p10 := float64(10) - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} - ingressRules := []secv1alpha1.Rule{ + ingressRules := []crdv1alpha1.Rule{ { - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorB, }, @@ -577,9 +577,9 @@ func getANP() *secv1alpha1.NetworkPolicy { Action: &allowAction, }, } - egressRules := []secv1alpha1.Rule{ + egressRules := []crdv1alpha1.Rule{ { - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { ExternalEntitySelector: &selectorC, }, @@ -587,10 +587,10 @@ func getANP() *secv1alpha1.NetworkPolicy { Action: &allowAction, }, } - npObj := &secv1alpha1.NetworkPolicy{ + npObj := &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "test-ns", Name: "test-anp"}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, diff --git a/pkg/controller/networkpolicy/clustergroup.go b/pkg/controller/networkpolicy/clustergroup.go index 6c3023c612a..0bb415acffd 100644 --- a/pkg/controller/networkpolicy/clustergroup.go +++ b/pkg/controller/networkpolicy/clustergroup.go @@ -25,15 +25,15 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/controller/networkpolicy/store" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) // addClusterGroup is responsible for processing the ADD event of a ClusterGroup resource. func (n *NetworkPolicyController) addClusterGroup(curObj interface{}) { - cg := curObj.(*corev1a2.ClusterGroup) + cg := curObj.(*crdv1alpha2.ClusterGroup) key := internalGroupKeyFunc(cg) klog.V(2).Infof("Processing ADD event for ClusterGroup %s", cg.Name) newGroup := n.processClusterGroup(cg) @@ -44,8 +44,8 @@ func (n *NetworkPolicyController) addClusterGroup(curObj interface{}) { // updateClusterGroup is responsible for processing the UPDATE event of a ClusterGroup resource. func (n *NetworkPolicyController) updateClusterGroup(oldObj, curObj interface{}) { - cg := curObj.(*corev1a2.ClusterGroup) - og := oldObj.(*corev1a2.ClusterGroup) + cg := curObj.(*crdv1alpha2.ClusterGroup) + og := oldObj.(*crdv1alpha2.ClusterGroup) key := internalGroupKeyFunc(cg) klog.V(2).Infof("Processing UPDATE event for ClusterGroup %s", cg.Name) newGroup := n.processClusterGroup(cg) @@ -93,7 +93,7 @@ func (n *NetworkPolicyController) updateClusterGroup(oldObj, curObj interface{}) // deleteClusterGroup is responsible for processing the DELETE event of a ClusterGroup resource. func (n *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { - og, ok := oldObj.(*corev1a2.ClusterGroup) + og, ok := oldObj.(*crdv1alpha2.ClusterGroup) klog.V(2).Infof("Processing DELETE event for ClusterGroup %s", og.Name) if !ok { tombstone, ok := oldObj.(cache.DeletedFinalStateUnknown) @@ -101,7 +101,7 @@ func (n *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { klog.Errorf("Error decoding object when deleting ClusterGroup, invalid type: %v", oldObj) return } - og, ok = tombstone.Obj.(*corev1a2.ClusterGroup) + og, ok = tombstone.Obj.(*crdv1alpha2.ClusterGroup) if !ok { klog.Errorf("Error decoding object tombstone when deleting ClusterGroup, invalid type: %v", tombstone.Obj) return @@ -116,7 +116,7 @@ func (n *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { n.enqueueInternalGroup(key) } -func (n *NetworkPolicyController) processClusterGroup(cg *corev1a2.ClusterGroup) *antreatypes.Group { +func (n *NetworkPolicyController) processClusterGroup(cg *crdv1alpha2.ClusterGroup) *antreatypes.Group { internalGroup := antreatypes.Group{ Name: cg.Name, UID: cg.UID, @@ -255,7 +255,7 @@ func (n *NetworkPolicyController) triggerParentGroupSync(grp *antreatypes.Group) } // triggerCNPUpdates triggers processing of ClusterNetworkPolicies associated with the input ClusterGroup. -func (n *NetworkPolicyController) triggerCNPUpdates(cg *corev1a2.ClusterGroup) error { +func (n *NetworkPolicyController) triggerCNPUpdates(cg *crdv1alpha2.ClusterGroup) error { // If a ClusterGroup is added/updated, it might have a reference in ClusterNetworkPolicy. cnps, err := n.cnpInformer.Informer().GetIndexer().ByIndex(ClusterGroupIndex, cg.Name) if err != nil { @@ -263,7 +263,7 @@ func (n *NetworkPolicyController) triggerCNPUpdates(cg *corev1a2.ClusterGroup) e return err } for _, obj := range cnps { - cnp := obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp := obj.(*crdv1alpha1.ClusterNetworkPolicy) // Re-process ClusterNetworkPolicies which may be affected due to updates to CG. curInternalNP := n.processClusterNetworkPolicy(cnp) klog.V(2).Infof("Updating existing internal NetworkPolicy %s for %s", curInternalNP.Name, curInternalNP.SourceRef.ToString()) @@ -304,31 +304,31 @@ func (n *NetworkPolicyController) triggerCNPUpdates(cg *corev1a2.ClusterGroup) e } // updateGroupStatus updates the Status subresource for a ClusterGroup. -func (n *NetworkPolicyController) updateGroupStatus(cg *corev1a2.ClusterGroup, cStatus v1.ConditionStatus) error { - condStatus := corev1a2.GroupCondition{ +func (n *NetworkPolicyController) updateGroupStatus(cg *crdv1alpha2.ClusterGroup, cStatus v1.ConditionStatus) error { + condStatus := crdv1alpha2.GroupCondition{ Status: cStatus, - Type: corev1a2.GroupMembersComputed, + Type: crdv1alpha2.GroupMembersComputed, } if groupMembersComputedConditionEqual(cg.Status.Conditions, condStatus) { // There is no change in conditions. return nil } condStatus.LastTransitionTime = metav1.Now() - status := corev1a2.GroupStatus{ - Conditions: []corev1a2.GroupCondition{condStatus}, + status := crdv1alpha2.GroupStatus{ + Conditions: []crdv1alpha2.GroupCondition{condStatus}, } klog.V(4).Infof("Updating ClusterGroup %s status to %#v", cg.Name, condStatus) toUpdate := cg.DeepCopy() toUpdate.Status = status - _, err := n.crdClient.CoreV1alpha2().ClusterGroups().UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) + _, err := n.crdClient.CrdV1alpha2().ClusterGroups().UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) return err } // groupMembersComputedConditionEqual checks whether the condition status for GroupMembersComputed condition // is same. Returns true if equal, otherwise returns false. It disregards the lastTransitionTime field. -func groupMembersComputedConditionEqual(conds []corev1a2.GroupCondition, condition corev1a2.GroupCondition) bool { +func groupMembersComputedConditionEqual(conds []crdv1alpha2.GroupCondition, condition crdv1alpha2.GroupCondition) bool { for _, c := range conds { - if c.Type == corev1a2.GroupMembersComputed { + if c.Type == crdv1alpha2.GroupMembersComputed { if c.Status == condition.Status { return true } diff --git a/pkg/controller/networkpolicy/clustergroup_test.go b/pkg/controller/networkpolicy/clustergroup_test.go index 5e5241af0fc..e03fd809bfc 100644 --- a/pkg/controller/networkpolicy/clustergroup_test.go +++ b/pkg/controller/networkpolicy/clustergroup_test.go @@ -23,8 +23,8 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) @@ -37,14 +37,14 @@ func TestProcessClusterGroup(t *testing.T) { cidrIPNet, _ := cidrStrToIPNet(cidr) tests := []struct { name string - inputGroup *corev1a2.ClusterGroup + inputGroup *crdv1alpha2.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-with-ns-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -56,9 +56,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-pod-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: &selectorB, }, }, @@ -70,9 +70,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-pod-ns-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -85,10 +85,10 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-ip-block", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: corev1a2.GroupSpec{ - IPBlock: &secv1alpha1.IPBlock{ + Spec: crdv1alpha2.GroupSpec{ + IPBlock: &crdv1alpha1.IPBlock{ CIDR: cidr, }, }, @@ -104,10 +104,10 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-svc-reference", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgE", UID: "uidE"}, - Spec: corev1a2.GroupSpec{ - ServiceReference: &corev1a2.ServiceReference{ + Spec: crdv1alpha2.GroupSpec{ + ServiceReference: &crdv1alpha2.ServiceReference{ Name: "test-svc", Namespace: "test-ns", }, @@ -124,10 +124,10 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-child-groups", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgF", UID: "uidF"}, - Spec: corev1a2.GroupSpec{ - ChildGroups: []corev1a2.ClusterGroupReference{"cgA", "cgB"}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{"cgA", "cgB"}, }, }, expectedGroup: &antreatypes.Group{ @@ -155,14 +155,14 @@ func TestAddClusterGroup(t *testing.T) { cidrIPNet, _ := cidrStrToIPNet(cidr) tests := []struct { name string - inputGroup *corev1a2.ClusterGroup + inputGroup *crdv1alpha2.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-with-ns-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -174,9 +174,9 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-pod-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: &selectorB, }, }, @@ -188,9 +188,9 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-pod-ns-selector", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -203,10 +203,10 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-ip-block", - inputGroup: &corev1a2.ClusterGroup{ + inputGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: corev1a2.GroupSpec{ - IPBlock: &secv1alpha1.IPBlock{ + Spec: crdv1alpha2.GroupSpec{ + IPBlock: &crdv1alpha1.IPBlock{ CIDR: cidr, }, }, @@ -238,9 +238,9 @@ func TestUpdateClusterGroup(t *testing.T) { selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} selectorD := metav1.LabelSelector{MatchLabels: map[string]string{"foo4": "bar4"}} - testCG := corev1a2.ClusterGroup{ + testCG := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -248,14 +248,14 @@ func TestUpdateClusterGroup(t *testing.T) { cidrIPNet, _ := cidrStrToIPNet(cidr) tests := []struct { name string - updatedGroup *corev1a2.ClusterGroup + updatedGroup *crdv1alpha2.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-update-ns-selector", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorB, }, }, @@ -267,9 +267,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-pod-selector", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: &selectorC, }, }, @@ -281,9 +281,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-pod-ns-selector", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -296,10 +296,10 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-ip-block", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ - IPBlock: &secv1alpha1.IPBlock{ + Spec: crdv1alpha2.GroupSpec{ + IPBlock: &crdv1alpha1.IPBlock{ CIDR: cidr, }, }, @@ -315,10 +315,10 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-svc-reference", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ - ServiceReference: &corev1a2.ServiceReference{ + Spec: crdv1alpha2.GroupSpec{ + ServiceReference: &crdv1alpha2.ServiceReference{ Name: "test-svc", Namespace: "test-ns", }, @@ -335,10 +335,10 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-child-groups", - updatedGroup: &corev1a2.ClusterGroup{ + updatedGroup: &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ - ChildGroups: []corev1a2.ClusterGroupReference{"cgB", "cgC"}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{"cgB", "cgC"}, }, }, expectedGroup: &antreatypes.Group{ @@ -363,9 +363,9 @@ func TestUpdateClusterGroup(t *testing.T) { func TestDeleteCG(t *testing.T) { selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - testCG := corev1a2.ClusterGroup{ + testCG := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -380,15 +380,15 @@ func TestDeleteCG(t *testing.T) { func TestGroupMembersComputedConditionEqual(t *testing.T) { tests := []struct { name string - existingConds []corev1a2.GroupCondition + existingConds []crdv1alpha2.GroupCondition checkStatus corev1.ConditionStatus expValue bool }{ { name: "groupmem-cond-exists-not-equal", - existingConds: []corev1a2.GroupCondition{ + existingConds: []crdv1alpha2.GroupCondition{ { - Type: corev1a2.GroupMembersComputed, + Type: crdv1alpha2.GroupMembersComputed, Status: corev1.ConditionFalse, }, }, @@ -397,9 +397,9 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-exists-equal", - existingConds: []corev1a2.GroupCondition{ + existingConds: []crdv1alpha2.GroupCondition{ { - Type: corev1a2.GroupMembersComputed, + Type: crdv1alpha2.GroupMembersComputed, Status: corev1.ConditionTrue, }, }, @@ -408,7 +408,7 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-not-exists-not-equal", - existingConds: []corev1a2.GroupCondition{ + existingConds: []crdv1alpha2.GroupCondition{ { Status: corev1.ConditionFalse, }, @@ -419,8 +419,8 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - inCond := corev1a2.GroupCondition{ - Type: corev1a2.GroupMembersComputed, + inCond := crdv1alpha2.GroupCondition{ + Type: crdv1alpha2.GroupMembersComputed, Status: tt.checkStatus, } actualValue := groupMembersComputedConditionEqual(tt.existingConds, inCond) @@ -649,7 +649,7 @@ var testPods = []*corev1.Pod{ }, } -var externalEntities = []*corev1a2.ExternalEntity{ +var externalEntities = []*crdv1alpha2.ExternalEntity{ { ObjectMeta: metav1.ObjectMeta{ Name: "ee1", @@ -657,8 +657,8 @@ var externalEntities = []*corev1a2.ExternalEntity{ UID: "uid3", Labels: map[string]string{"app": "meh"}, }, - Spec: corev1a2.ExternalEntitySpec{ - Endpoints: []corev1a2.Endpoint{ + Spec: crdv1alpha2.ExternalEntitySpec{ + Endpoints: []crdv1alpha2.Endpoint{ { IP: "60.10.0.1", Name: "vm1", @@ -674,8 +674,8 @@ var externalEntities = []*corev1a2.ExternalEntity{ UID: "uid4", Labels: map[string]string{"app": "bruh"}, }, - Spec: corev1a2.ExternalEntitySpec{ - Endpoints: []corev1a2.Endpoint{ + Spec: crdv1alpha2.ExternalEntitySpec{ + Endpoints: []crdv1alpha2.Endpoint{ { IP: "60.10.0.2", Name: "vm2", diff --git a/pkg/controller/networkpolicy/clusternetworkpolicy.go b/pkg/controller/networkpolicy/clusternetworkpolicy.go index 0cfc48dc841..d0f1b9e5318 100644 --- a/pkg/controller/networkpolicy/clusternetworkpolicy.go +++ b/pkg/controller/networkpolicy/clusternetworkpolicy.go @@ -20,7 +20,7 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) @@ -28,7 +28,7 @@ import ( // which can be consumed by agents to configure corresponding rules on the Nodes. func (n *NetworkPolicyController) addCNP(obj interface{}) { defer n.heartbeat("addCNP") - cnp := obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp := obj.(*crdv1alpha1.ClusterNetworkPolicy) klog.Infof("Processing ClusterNetworkPolicy %s ADD event", cnp.Name) // Create an internal NetworkPolicy object corresponding to this // ClusterNetworkPolicy and enqueue task to internal NetworkPolicy Workqueue. @@ -43,14 +43,14 @@ func (n *NetworkPolicyController) addCNP(obj interface{}) { // which can be consumed by agents to configure corresponding rules on the Nodes. func (n *NetworkPolicyController) updateCNP(old, cur interface{}) { defer n.heartbeat("updateCNP") - curCNP := cur.(*secv1alpha1.ClusterNetworkPolicy) + curCNP := cur.(*crdv1alpha1.ClusterNetworkPolicy) klog.Infof("Processing ClusterNetworkPolicy %s UPDATE event", curCNP.Name) // Update an internal NetworkPolicy, corresponding to this NetworkPolicy and // enqueue task to internal NetworkPolicy Workqueue. curInternalNP := n.processClusterNetworkPolicy(curCNP) klog.V(2).Infof("Updating existing internal NetworkPolicy %s for %s", curInternalNP.Name, curInternalNP.SourceRef.ToString()) - // Retrieve old secv1alpha1.NetworkPolicy object. - oldCNP := old.(*secv1alpha1.ClusterNetworkPolicy) + // Retrieve old crdv1alpha1.NetworkPolicy object. + oldCNP := old.(*crdv1alpha1.ClusterNetworkPolicy) // Old and current NetworkPolicy share the same key. key := internalNetworkPolicyKeyFunc(oldCNP) // Lock access to internal NetworkPolicy store such that concurrent access @@ -87,14 +87,14 @@ func (n *NetworkPolicyController) updateCNP(old, cur interface{}) { // deleteCNP receives ClusterNetworkPolicy DELETED events and deletes resources // which can be consumed by agents to delete corresponding rules on the Nodes. func (n *NetworkPolicyController) deleteCNP(old interface{}) { - cnp, ok := old.(*secv1alpha1.ClusterNetworkPolicy) + cnp, ok := old.(*crdv1alpha1.ClusterNetworkPolicy) if !ok { tombstone, ok := old.(cache.DeletedFinalStateUnknown) if !ok { klog.Errorf("Error decoding object when deleting ClusterNetworkPolicy, invalid type: %v", old) return } - cnp, ok = tombstone.Obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp, ok = tombstone.Obj.(*crdv1alpha1.ClusterNetworkPolicy) if !ok { klog.Errorf("Error decoding object tombstone when deleting ClusterNetworkPolicy, invalid type: %v", tombstone.Obj) return @@ -118,12 +118,12 @@ func (n *NetworkPolicyController) deleteCNP(old interface{}) { } // processClusterNetworkPolicy creates an internal NetworkPolicy instance -// corresponding to the secv1alpha1.ClusterNetworkPolicy object. This method +// corresponding to the crdv1alpha1.ClusterNetworkPolicy object. This method // does not commit the internal NetworkPolicy in store, instead returns an // instance to the caller wherein, it will be either stored as a new Object // in case of ADD event or modified and store the updated instance, in case // of an UPDATE event. -func (n *NetworkPolicyController) processClusterNetworkPolicy(cnp *secv1alpha1.ClusterNetworkPolicy) *antreatypes.NetworkPolicy { +func (n *NetworkPolicyController) processClusterNetworkPolicy(cnp *crdv1alpha1.ClusterNetworkPolicy) *antreatypes.NetworkPolicy { appliedToPerRule := len(cnp.Spec.AppliedTo) == 0 // appliedToGroupNames tracks all distinct appliedToGroups referred to by the ClusterNetworkPolicy, // either in the spec section or in ingress/egress rules. diff --git a/pkg/controller/networkpolicy/clusternetworkpolicy_test.go b/pkg/controller/networkpolicy/clusternetworkpolicy_test.go index ebef59f6e99..b4730b5c6cc 100644 --- a/pkg/controller/networkpolicy/clusternetworkpolicy_test.go +++ b/pkg/controller/networkpolicy/clusternetworkpolicy_test.go @@ -21,57 +21,57 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) func TestProcessClusterNetworkPolicy(t *testing.T) { p10 := float64(10) t10 := int32(10) - tierA := secv1alpha1.Tier{ + tierA := crdv1alpha1.Tier{ ObjectMeta: metav1.ObjectMeta{Name: "tier-A", UID: "uidA"}, - Spec: secv1alpha1.TierSpec{ + Spec: crdv1alpha1.TierSpec{ Priority: t10, Description: "tier-A", }, } - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow protocolTCP := controlplane.ProtocolTCP selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} - cgA := corev1a2.ClusterGroup{ + cgA := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } tests := []struct { name string - inputPolicy *secv1alpha1.ClusterNetworkPolicy + inputPolicy *crdv1alpha1.ClusterNetworkPolicy expectedPolicy *antreatypes.NetworkPolicy expectedAppliedToGroups int expectedAddressGroups int }{ { name: "rules-with-same-selectors", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpA", UID: "uidA"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -80,14 +80,14 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{ + Egress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -145,21 +145,21 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "rules-with-different-selectors", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "cnpB", UID: "uidB"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -167,12 +167,12 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -229,22 +229,22 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "with-tier-A", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "cnpC", UID: "uidC"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, Tier: "tier-A", - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -252,12 +252,12 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -314,23 +314,23 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "with-port-range", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "cnpD", UID: "uidD"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int1000, EndPort: &int32For1999, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -374,24 +374,24 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "appliedTo-per-rule", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpH", UID: "uidH"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ AppliedTo: nil, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorA, }, }, - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -399,18 +399,18 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, { - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, }, }, - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -473,21 +473,21 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "with-cluster-group-ingress-egress", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpI", UID: "uidI"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, @@ -495,14 +495,14 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{ + Egress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, @@ -559,23 +559,23 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { }, { name: "with-applied-to-cluster-group-ingress-egress", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpI", UID: "uidI"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, }, - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, @@ -583,19 +583,19 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{ + Egress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, }, - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, @@ -672,19 +672,19 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { func TestAddCNP(t *testing.T) { p10 := float64(10) emergencyTierPriority := int32(1) - emergencyTier := secv1alpha1.Tier{ + emergencyTier := crdv1alpha1.Tier{ ObjectMeta: metav1.ObjectMeta{Name: "emergency", UID: "tE"}, - Spec: secv1alpha1.TierSpec{ + Spec: crdv1alpha1.TierSpec{ Priority: emergencyTierPriority, }, } - appTier := secv1alpha1.Tier{ + appTier := crdv1alpha1.Tier{ ObjectMeta: metav1.ObjectMeta{Name: "application", UID: "tA"}, - Spec: secv1alpha1.TierSpec{ + Spec: crdv1alpha1.TierSpec{ Priority: DefaultTierPriority, }, } - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow protocolTCP := controlplane.ProtocolTCP selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} @@ -694,29 +694,29 @@ func TestAddCNP(t *testing.T) { matchAllPeerEgress.AddressGroups = []string{getNormalizedUID(toGroupSelector("", nil, &selectorAll, nil).NormalizedName)} tests := []struct { name string - inputPolicy *secv1alpha1.ClusterNetworkPolicy + inputPolicy *crdv1alpha1.ClusterNetworkPolicy expPolicy *antreatypes.NetworkPolicy expAppliedToGroups int expAddressGroups int }{ { name: "application-tier-policy", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpA", UID: "uidA"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, Tier: "application", - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -760,21 +760,21 @@ func TestAddCNP(t *testing.T) { }, { name: "empty-tier-policy", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpB", UID: "uidB"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -818,22 +818,22 @@ func TestAddCNP(t *testing.T) { }, { name: "emergency-tier-policy", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpD", UID: "uidD"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, Tier: "emergency", - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -877,22 +877,22 @@ func TestAddCNP(t *testing.T) { }, { name: "static-tier-policy", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpE", UID: "uidE"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, Tier: "Emergency", - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -936,21 +936,21 @@ func TestAddCNP(t *testing.T) { }, { name: "rules-with-same-selectors", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpF", UID: "uidF"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -959,14 +959,14 @@ func TestAddCNP(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{ + Egress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, NamespaceSelector: &selectorC, @@ -1024,21 +1024,21 @@ func TestAddCNP(t *testing.T) { }, { name: "rules-with-different-selectors", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnpG", UID: "uidG"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int80, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -1046,12 +1046,12 @@ func TestAddCNP(t *testing.T) { Action: &allowAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &int81, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorC, }, @@ -1108,23 +1108,23 @@ func TestAddCNP(t *testing.T) { }, { name: "with-port-range", - inputPolicy: &secv1alpha1.ClusterNetworkPolicy{ + inputPolicy: &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "cnpH", UID: "uidH"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int1000, EndPort: &int32For1999, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -1210,7 +1210,7 @@ func TestGetTierPriority(t *testing.T) { p10 := int32(10) tests := []struct { name string - inputTier *secv1alpha1.Tier + inputTier *crdv1alpha1.Tier expPrio int32 }{ { @@ -1220,9 +1220,9 @@ func TestGetTierPriority(t *testing.T) { }, { name: "tier10", - inputTier: &secv1alpha1.Tier{ + inputTier: &crdv1alpha1.Tier{ ObjectMeta: metav1.ObjectMeta{Name: "tA", UID: "uidA"}, - Spec: secv1alpha1.TierSpec{ + Spec: crdv1alpha1.TierSpec{ Priority: p10, Description: "tier10", }, @@ -1249,25 +1249,25 @@ func TestProcessRefCG(t *testing.T) { cidr := "10.0.0.0/24" cidrIPNet, _ := cidrStrToIPNet(cidr) // cgA with selector present in cache - cgA := corev1a2.ClusterGroup{ + cgA := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } // cgB with IPBlock present in cache - cgB := corev1a2.ClusterGroup{ + cgB := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: corev1a2.GroupSpec{ - IPBlock: &secv1alpha1.IPBlock{ + Spec: crdv1alpha2.GroupSpec{ + IPBlock: &crdv1alpha1.IPBlock{ CIDR: cidr, }, }, } // cgC not found in cache - cgC := corev1a2.ClusterGroup{ + cgC := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -1323,25 +1323,25 @@ func TestProcessAppliedToGroupsForCGs(t *testing.T) { selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} cidr := "10.0.0.0/24" // cgA with selector present in cache - cgA := corev1a2.ClusterGroup{ + cgA := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } // cgB with IPBlock present in cache - cgB := corev1a2.ClusterGroup{ + cgB := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: corev1a2.GroupSpec{ - IPBlock: &secv1alpha1.IPBlock{ + Spec: crdv1alpha2.GroupSpec{ + IPBlock: &crdv1alpha1.IPBlock{ CIDR: cidr, }, }, } // cgC not found in cache - cgC := corev1a2.ClusterGroup{ + cgC := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -1386,15 +1386,15 @@ func TestProcessAppliedToGroupsForCGs(t *testing.T) { // util functions for testing. -func getCNP() *secv1alpha1.ClusterNetworkPolicy { +func getCNP() *crdv1alpha1.ClusterNetworkPolicy { p10 := float64(10) - allowAction := secv1alpha1.RuleActionAllow + allowAction := crdv1alpha1.RuleActionAllow selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} - ingressRules := []secv1alpha1.Rule{ + ingressRules := []crdv1alpha1.Rule{ { - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { NamespaceSelector: &selectorB, }, @@ -1402,9 +1402,9 @@ func getCNP() *secv1alpha1.ClusterNetworkPolicy { Action: &allowAction, }, } - egressRules := []secv1alpha1.Rule{ + egressRules := []crdv1alpha1.Rule{ { - To: []secv1alpha1.NetworkPolicyPeer{ + To: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorC, }, @@ -1412,10 +1412,10 @@ func getCNP() *secv1alpha1.ClusterNetworkPolicy { Action: &allowAction, }, } - npObj := &secv1alpha1.ClusterNetworkPolicy{ + npObj := &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "test-cnp"}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorA}, }, Priority: p10, diff --git a/pkg/controller/networkpolicy/crd_utils.go b/pkg/controller/networkpolicy/crd_utils.go index dd21f9ecd27..cbc0c440a99 100644 --- a/pkg/controller/networkpolicy/crd_utils.go +++ b/pkg/controller/networkpolicy/crd_utils.go @@ -22,7 +22,7 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/controller/networkpolicy/store" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) diff --git a/pkg/controller/networkpolicy/crd_utils_test.go b/pkg/controller/networkpolicy/crd_utils_test.go index 125e465cf6e..4c56d784267 100644 --- a/pkg/controller/networkpolicy/crd_utils_test.go +++ b/pkg/controller/networkpolicy/crd_utils_test.go @@ -24,18 +24,18 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" ) func TestToAntreaServicesForCRD(t *testing.T) { tables := []struct { - ports []secv1alpha1.NetworkPolicyPort + ports []crdv1alpha1.NetworkPolicyPort expServices []controlplane.Service expNamedPortExists bool }{ { - ports: []secv1alpha1.NetworkPolicyPort{ + ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int80, @@ -50,7 +50,7 @@ func TestToAntreaServicesForCRD(t *testing.T) { expNamedPortExists: false, }, { - ports: []secv1alpha1.NetworkPolicyPort{ + ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &strHTTP, @@ -65,7 +65,7 @@ func TestToAntreaServicesForCRD(t *testing.T) { expNamedPortExists: true, }, { - ports: []secv1alpha1.NetworkPolicyPort{ + ports: []crdv1alpha1.NetworkPolicyPort{ { Protocol: &k8sProtocolTCP, Port: &int1000, @@ -95,12 +95,12 @@ func TestToAntreaIPBlockForCRD(t *testing.T) { PrefixLength: 24, } tables := []struct { - ipBlock *secv1alpha1.IPBlock + ipBlock *crdv1alpha1.IPBlock expValue controlplane.IPBlock err error }{ { - &secv1alpha1.IPBlock{ + &crdv1alpha1.IPBlock{ CIDR: "10.0.0.0/24", }, controlplane.IPBlock{ @@ -109,7 +109,7 @@ func TestToAntreaIPBlockForCRD(t *testing.T) { nil, }, { - &secv1alpha1.IPBlock{ + &crdv1alpha1.IPBlock{ CIDR: "10.0.0.0", }, controlplane.IPBlock{}, @@ -137,14 +137,14 @@ func TestToAntreaIPBlockForCRD(t *testing.T) { } func TestToAntreaPeerForCRD(t *testing.T) { - testCNPObj := &secv1alpha1.ClusterNetworkPolicy{ + testCNPObj := &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: "cnpA", }, } cidr := "10.0.0.0/16" cidrIPNet, _ := cidrStrToIPNet(cidr) - selectorIP := secv1alpha1.IPBlock{CIDR: cidr} + selectorIP := crdv1alpha1.IPBlock{CIDR: cidr} selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} @@ -152,15 +152,15 @@ func TestToAntreaPeerForCRD(t *testing.T) { matchAllPodsPeer := matchAllPeer matchAllPodsPeer.AddressGroups = []string{getNormalizedUID(toGroupSelector("", nil, &selectorAll, nil).NormalizedName)} // cgA with selector present in cache - cgA := corev1a2.ClusterGroup{ + cgA := crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: corev1a2.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: &selectorA, }, } tests := []struct { name string - inPeers []secv1alpha1.NetworkPolicyPeer + inPeers []crdv1alpha1.NetworkPolicyPeer outPeer controlplane.NetworkPolicyPeer direction controlplane.Direction namedPortExists bool @@ -168,7 +168,7 @@ func TestToAntreaPeerForCRD(t *testing.T) { }{ { name: "pod-ns-selector-peer-ingress", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorA, NamespaceSelector: &selectorB, @@ -187,7 +187,7 @@ func TestToAntreaPeerForCRD(t *testing.T) { }, { name: "pod-ns-selector-peer-egress", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorA, NamespaceSelector: &selectorB, @@ -206,7 +206,7 @@ func TestToAntreaPeerForCRD(t *testing.T) { }, { name: "ipblock-selector-peer-ingress", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { IPBlock: &selectorIP, }, @@ -222,7 +222,7 @@ func TestToAntreaPeerForCRD(t *testing.T) { }, { name: "ipblock-selector-peer-egress", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { IPBlock: &selectorIP, }, @@ -238,13 +238,13 @@ func TestToAntreaPeerForCRD(t *testing.T) { }, { name: "empty-peer-ingress", - inPeers: []secv1alpha1.NetworkPolicyPeer{}, + inPeers: []crdv1alpha1.NetworkPolicyPeer{}, outPeer: matchAllPeer, direction: controlplane.DirectionIn, }, { name: "peer-ingress-with-cg", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, @@ -256,20 +256,20 @@ func TestToAntreaPeerForCRD(t *testing.T) { }, { name: "empty-peer-egress-with-named-port", - inPeers: []secv1alpha1.NetworkPolicyPeer{}, + inPeers: []crdv1alpha1.NetworkPolicyPeer{}, outPeer: matchAllPodsPeer, direction: controlplane.DirectionOut, namedPortExists: true, }, { name: "empty-peer-egress-without-named-port", - inPeers: []secv1alpha1.NetworkPolicyPeer{}, + inPeers: []crdv1alpha1.NetworkPolicyPeer{}, outPeer: matchAllPeer, direction: controlplane.DirectionOut, }, { name: "peer-egress-with-cg", - inPeers: []secv1alpha1.NetworkPolicyPeer{ + inPeers: []crdv1alpha1.NetworkPolicyPeer{ { Group: cgA.Name, }, diff --git a/pkg/controller/networkpolicy/mutate.go b/pkg/controller/networkpolicy/mutate.go index d7c7ca60846..803e02e13f0 100644 --- a/pkg/controller/networkpolicy/mutate.go +++ b/pkg/controller/networkpolicy/mutate.go @@ -25,7 +25,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/klog" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) type NetworkPolicyMutator struct { @@ -54,7 +54,7 @@ func (m *NetworkPolicyMutator) Mutate(ar *admv1.AdmissionReview) *admv1.Admissio switch ar.Request.Kind.Kind { case "ClusterNetworkPolicy": klog.V(2).Info("Mutating Antrea ClusterNetworkPolicy CRD") - var curACNP, oldACNP secv1alpha1.ClusterNetworkPolicy + var curACNP, oldACNP crdv1alpha1.ClusterNetworkPolicy if curRaw != nil { if err := json.Unmarshal(curRaw, &curACNP); err != nil { klog.Errorf("Error de-serializing current Antrea ClusterNetworkPolicy") @@ -70,7 +70,7 @@ func (m *NetworkPolicyMutator) Mutate(ar *admv1.AdmissionReview) *admv1.Admissio msg, allowed, patch = m.mutateAntreaPolicy(op, curACNP.Spec.Ingress, curACNP.Spec.Egress, curACNP.Spec.Tier) case "NetworkPolicy": klog.V(2).Info("Mutating Antrea NetworkPolicy CRD") - var curANP, oldANP secv1alpha1.NetworkPolicy + var curANP, oldANP crdv1alpha1.NetworkPolicy if curRaw != nil { if err := json.Unmarshal(curRaw, &curANP); err != nil { klog.Errorf("Error de-serializing current Antrea NetworkPolicy") @@ -104,7 +104,7 @@ func (m *NetworkPolicyMutator) Mutate(ar *admv1.AdmissionReview) *admv1.Admissio // mutateAntreaPolicy will auto-generate a name for this rule. In // addition to the rule names, it also mutates the Tier field to the default // tier name if it is unset. -func (m *NetworkPolicyMutator) mutateAntreaPolicy(op admv1.Operation, ingress, egress []secv1alpha1.Rule, tier string) (string, bool, []byte) { +func (m *NetworkPolicyMutator) mutateAntreaPolicy(op admv1.Operation, ingress, egress []crdv1alpha1.Rule, tier string) (string, bool, []byte) { allowed := true reason := "" var patch []byte @@ -136,7 +136,7 @@ func (m *NetworkPolicyMutator) mutateAntreaPolicy(op admv1.Operation, ingress, e } // generateRuleNames generates unique rule names and returns a list of json paths and the corresponding list of generated names -func generateRuleNames(prefix string, rules []secv1alpha1.Rule) ([]string, []string) { +func generateRuleNames(prefix string, rules []crdv1alpha1.Rule) ([]string, []string) { var paths []string var values []string for idx, rule := range rules { @@ -187,7 +187,7 @@ func createReplacePatch(paths []string, values []string) ([]byte, error) { const ruleNameSuffixLen = 7 // hashRule calculates a string based on the rule's content. -func hashRule(r secv1alpha1.Rule) string { +func hashRule(r crdv1alpha1.Rule) string { hash := sha1.New() // #nosec G401: not used for security purposes b, _ := json.Marshal(r) hash.Write(b) diff --git a/pkg/controller/networkpolicy/networkpolicy_controller.go b/pkg/controller/networkpolicy/networkpolicy_controller.go index 4c97a7fd78a..9339f8b8357 100644 --- a/pkg/controller/networkpolicy/networkpolicy_controller.go +++ b/pkg/controller/networkpolicy/networkpolicy_controller.go @@ -47,14 +47,14 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/apiserver/storage" "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - corev1a2informers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/core/v1alpha2" - secinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/security/v1alpha1" - corev1a2listers "github.com/vmware-tanzu/antrea/pkg/client/listers/core/v1alpha2" - seclisters "github.com/vmware-tanzu/antrea/pkg/client/listers/security/v1alpha1" + secinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" + corev1a2informers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha2" + seclisters "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" + corev1a2listers "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/controller/grouping" "github.com/vmware-tanzu/antrea/pkg/controller/metrics" "github.com/vmware-tanzu/antrea/pkg/controller/networkpolicy/store" diff --git a/pkg/controller/networkpolicy/networkpolicy_controller_test.go b/pkg/controller/networkpolicy/networkpolicy_controller_test.go index 376a6126aa3..7c184ad61e8 100644 --- a/pkg/controller/networkpolicy/networkpolicy_controller_test.go +++ b/pkg/controller/networkpolicy/networkpolicy_controller_test.go @@ -37,7 +37,7 @@ import ( "k8s.io/client-go/util/workqueue" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/apiserver/storage" fakeversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" @@ -91,20 +91,21 @@ func newController(objects ...runtime.Object) (*fake.Clientset, *networkPolicyCo addressGroupStore := store.NewAddressGroupStore() internalNetworkPolicyStore := store.NewNetworkPolicyStore() internalGroupStore := store.NewGroupStore() - cgInformer := crdInformerFactory.Core().V1alpha2().ClusterGroups() + cgInformer := crdInformerFactory.Crd().V1alpha2().ClusterGroups() + cgStore := crdInformerFactory.Crd().V1alpha2().ClusterGroups().Informer().GetStore() groupEntityIndex := grouping.NewGroupEntityIndex() groupingController := grouping.NewGroupEntityController(groupEntityIndex, informerFactory.Core().V1().Pods(), informerFactory.Core().V1().Namespaces(), - crdInformerFactory.Core().V1alpha2().ExternalEntities()) + crdInformerFactory.Crd().V1alpha2().ExternalEntities()) npController := NewNetworkPolicyController(client, crdClient, groupEntityIndex, informerFactory.Core().V1().Services(), informerFactory.Networking().V1().NetworkPolicies(), - crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies(), - crdInformerFactory.Security().V1alpha1().NetworkPolicies(), - crdInformerFactory.Security().V1alpha1().Tiers(), + crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies(), + crdInformerFactory.Crd().V1alpha1().NetworkPolicies(), + crdInformerFactory.Crd().V1alpha1().Tiers(), cgInformer, addressGroupStore, appliedToGroupStore, @@ -112,7 +113,7 @@ func newController(objects ...runtime.Object) (*fake.Clientset, *networkPolicyCo internalGroupStore) npController.networkPolicyListerSynced = alwaysReady npController.cnpListerSynced = alwaysReady - npController.tierLister = crdInformerFactory.Security().V1alpha1().Tiers().Lister() + npController.tierLister = crdInformerFactory.Crd().V1alpha1().Tiers().Lister() npController.tierListerSynced = alwaysReady npController.cgInformer = cgInformer npController.cgLister = cgInformer.Lister() @@ -123,9 +124,9 @@ func newController(objects ...runtime.Object) (*fake.Clientset, *networkPolicyCo npController, informerFactory.Core().V1().Services().Informer().GetStore(), informerFactory.Networking().V1().NetworkPolicies().Informer().GetStore(), - crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies().Informer().GetStore(), - crdInformerFactory.Security().V1alpha1().Tiers().Informer().GetStore(), - crdInformerFactory.Core().V1alpha2().ClusterGroups().Informer().GetStore(), + crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies().Informer().GetStore(), + crdInformerFactory.Crd().V1alpha1().Tiers().Informer().GetStore(), + cgStore, appliedToGroupStore, addressGroupStore, internalNetworkPolicyStore, @@ -147,7 +148,7 @@ func newControllerWithoutEventHandler(objects ...runtime.Object) (*fake.Clientse internalNetworkPolicyStore := store.NewNetworkPolicyStore() internalGroupStore := store.NewGroupStore() networkPolicyInformer := informerFactory.Networking().V1().NetworkPolicies() - cgStore := crdInformerFactory.Core().V1alpha2().ClusterGroups().Informer().GetStore() + cgStore := crdInformerFactory.Crd().V1alpha2().ClusterGroups().Informer().GetStore() groupEntityIndex := grouping.NewGroupEntityIndex() npController := &NetworkPolicyController{ kubeClient: client, @@ -169,8 +170,8 @@ func newControllerWithoutEventHandler(objects ...runtime.Object) (*fake.Clientse npController, informerFactory.Core().V1().Services().Informer().GetStore(), informerFactory.Networking().V1().NetworkPolicies().Informer().GetStore(), - crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies().Informer().GetStore(), - crdInformerFactory.Security().V1alpha1().Tiers().Informer().GetStore(), + crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies().Informer().GetStore(), + crdInformerFactory.Crd().V1alpha1().Tiers().Informer().GetStore(), cgStore, appliedToGroupStore, addressGroupStore, diff --git a/pkg/controller/networkpolicy/status_controller.go b/pkg/controller/networkpolicy/status_controller.go index e96976ee7ba..5ecc1531262 100644 --- a/pkg/controller/networkpolicy/status_controller.go +++ b/pkg/controller/networkpolicy/status_controller.go @@ -29,11 +29,11 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/apiserver/storage" antreaclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - secinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/security/v1alpha1" - seclisters "github.com/vmware-tanzu/antrea/pkg/client/listers/security/v1alpha1" + crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" + crdlisters "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/controller/metrics" antreatypes "github.com/vmware-tanzu/antrea/pkg/controller/types" ) @@ -61,17 +61,17 @@ type StatusController struct { // cnpLister is able to list/get ClusterNetworkPolicies and is populated by the shared informer passed to // NewClusterNetworkPolicyController. - cnpLister seclisters.ClusterNetworkPolicyLister + cnpLister crdlisters.ClusterNetworkPolicyLister // cnpListerSynced is a function which returns true if the ClusterNetworkPolicies shared informer has been synced at least once. cnpListerSynced cache.InformerSynced // anpLister is able to list/get AntreaNetworkPolicies and is populated by the shared informer passed to // NewNetworkPolicyController. - anpLister seclisters.NetworkPolicyLister + anpLister crdlisters.NetworkPolicyLister // anpListerSynced is a function which returns true if the AntreaNetworkPolicies shared informer has been synced at least once. anpListerSynced cache.InformerSynced } -func NewStatusController(antreaClient antreaclientset.Interface, internalNetworkPolicyStore storage.Interface, cnpInformer secinformers.ClusterNetworkPolicyInformer, anpInformer secinformers.NetworkPolicyInformer) *StatusController { +func NewStatusController(antreaClient antreaclientset.Interface, internalNetworkPolicyStore storage.Interface, cnpInformer crdinformers.ClusterNetworkPolicyInformer, anpInformer crdinformers.NetworkPolicyInformer) *StatusController { c := &StatusController{ npControlInterface: &networkPolicyControl{ antreaClient: antreaClient, @@ -107,8 +107,8 @@ func NewStatusController(antreaClient antreaclientset.Interface, internalNetwork } func (c *StatusController) updateCNP(old, cur interface{}) { - curCNP := cur.(*secv1alpha1.ClusterNetworkPolicy) - oldCNP := old.(*secv1alpha1.ClusterNetworkPolicy) + curCNP := cur.(*crdv1alpha1.ClusterNetworkPolicy) + oldCNP := old.(*crdv1alpha1.ClusterNetworkPolicy) if oldCNP.Status == curCNP.Status { return } @@ -117,8 +117,8 @@ func (c *StatusController) updateCNP(old, cur interface{}) { } func (c *StatusController) updateANP(old, cur interface{}) { - curANP := cur.(*secv1alpha1.NetworkPolicy) - oldANP := old.(*secv1alpha1.NetworkPolicy) + curANP := cur.(*crdv1alpha1.NetworkPolicy) + oldANP := old.(*crdv1alpha1.NetworkPolicy) if oldANP.Status == curANP.Status { return } @@ -269,8 +269,8 @@ func (c *StatusController) syncHandler(key string) error { // It means the NetworkPolicy hasn't been processed once. Set it to Pending to differentiate from NetworkPolicies // that spans 0 Node. if internalNP.SpanMeta.NodeNames == nil { - return c.npControlInterface.UpdateAntreaNetworkPolicyStatus(internalNP.SourceRef.Namespace, internalNP.SourceRef.Name, &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyPending, + return c.npControlInterface.UpdateAntreaNetworkPolicyStatus(internalNP.SourceRef.Namespace, internalNP.SourceRef.Name, &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyPending, ObservedGeneration: internalNP.Generation, }) } @@ -288,12 +288,12 @@ func (c *StatusController) syncHandler(key string) error { } } - phase := secv1alpha1.NetworkPolicyRealizing + phase := crdv1alpha1.NetworkPolicyRealizing if currentNodes == desiredNodes { - phase = secv1alpha1.NetworkPolicyRealized + phase = crdv1alpha1.NetworkPolicyRealized } - status := &secv1alpha1.NetworkPolicyStatus{ + status := &crdv1alpha1.NetworkPolicyStatus{ Phase: phase, ObservedGeneration: internalNP.Generation, CurrentNodesRealized: int32(currentNodes), @@ -310,17 +310,17 @@ func (c *StatusController) syncHandler(key string) error { // networkPolicyControlInterface is an interface that knows how to update Antrea NetworkPolicy status. // It's created as an interface to allow testing. type networkPolicyControlInterface interface { - UpdateAntreaNetworkPolicyStatus(namespace, name string, status *secv1alpha1.NetworkPolicyStatus) error - UpdateAntreaClusterNetworkPolicyStatus(name string, status *secv1alpha1.NetworkPolicyStatus) error + UpdateAntreaNetworkPolicyStatus(namespace, name string, status *crdv1alpha1.NetworkPolicyStatus) error + UpdateAntreaClusterNetworkPolicyStatus(name string, status *crdv1alpha1.NetworkPolicyStatus) error } type networkPolicyControl struct { antreaClient antreaclientset.Interface - cnpLister seclisters.ClusterNetworkPolicyLister - anpLister seclisters.NetworkPolicyLister + cnpLister crdlisters.ClusterNetworkPolicyLister + anpLister crdlisters.NetworkPolicyLister } -func (c *networkPolicyControl) UpdateAntreaNetworkPolicyStatus(namespace, name string, status *secv1alpha1.NetworkPolicyStatus) error { +func (c *networkPolicyControl) UpdateAntreaNetworkPolicyStatus(namespace, name string, status *crdv1alpha1.NetworkPolicyStatus) error { anp, err := c.anpLister.NetworkPolicies(namespace).Get(name) if err != nil { klog.Infof("Didn't find the original Antrea NetworkPolicy %s/%s, skip updating status", namespace, name) @@ -332,11 +332,11 @@ func (c *networkPolicyControl) UpdateAntreaNetworkPolicyStatus(namespace, name s metrics.AntreaNetworkPolicyStatusUpdates.Inc() toUpdate := anp.DeepCopy() toUpdate.Status = *status - _, err = c.antreaClient.SecurityV1alpha1().NetworkPolicies(namespace).UpdateStatus(context.TODO(), toUpdate, v1.UpdateOptions{}) + _, err = c.antreaClient.CrdV1alpha1().NetworkPolicies(namespace).UpdateStatus(context.TODO(), toUpdate, v1.UpdateOptions{}) return err } -func (c *networkPolicyControl) UpdateAntreaClusterNetworkPolicyStatus(name string, status *secv1alpha1.NetworkPolicyStatus) error { +func (c *networkPolicyControl) UpdateAntreaClusterNetworkPolicyStatus(name string, status *crdv1alpha1.NetworkPolicyStatus) error { cnp, err := c.cnpLister.Get(name) if err != nil { klog.Infof("Didn't find the original Antrea ClusterNetworkPolicy %s, skip updating status", name) @@ -349,6 +349,6 @@ func (c *networkPolicyControl) UpdateAntreaClusterNetworkPolicyStatus(name strin metrics.AntreaClusterNetworkPolicyStatusUpdates.Inc() toUpdate := cnp.DeepCopy() toUpdate.Status = *status - _, err = c.antreaClient.SecurityV1alpha1().ClusterNetworkPolicies().UpdateStatus(context.TODO(), toUpdate, v1.UpdateOptions{}) + _, err = c.antreaClient.CrdV1alpha1().ClusterNetworkPolicies().UpdateStatus(context.TODO(), toUpdate, v1.UpdateOptions{}) return err } diff --git a/pkg/controller/networkpolicy/status_controller_test.go b/pkg/controller/networkpolicy/status_controller_test.go index 6a428b9eb61..a9da632914a 100644 --- a/pkg/controller/networkpolicy/status_controller_test.go +++ b/pkg/controller/networkpolicy/status_controller_test.go @@ -27,7 +27,7 @@ import ( "k8s.io/client-go/util/workqueue" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/apiserver/storage" antreaclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" antreafakeclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" @@ -38,31 +38,31 @@ import ( type fakeNetworkPolicyControl struct { sync.Mutex - anpStatus *secv1alpha1.NetworkPolicyStatus - cnpStatus *secv1alpha1.NetworkPolicyStatus + anpStatus *crdv1alpha1.NetworkPolicyStatus + cnpStatus *crdv1alpha1.NetworkPolicyStatus } -func (c *fakeNetworkPolicyControl) UpdateAntreaNetworkPolicyStatus(namespace, name string, status *secv1alpha1.NetworkPolicyStatus) error { +func (c *fakeNetworkPolicyControl) UpdateAntreaNetworkPolicyStatus(namespace, name string, status *crdv1alpha1.NetworkPolicyStatus) error { c.Lock() defer c.Unlock() c.anpStatus = status return nil } -func (c *fakeNetworkPolicyControl) UpdateAntreaClusterNetworkPolicyStatus(name string, status *secv1alpha1.NetworkPolicyStatus) error { +func (c *fakeNetworkPolicyControl) UpdateAntreaClusterNetworkPolicyStatus(name string, status *crdv1alpha1.NetworkPolicyStatus) error { c.Lock() defer c.Unlock() c.cnpStatus = status return nil } -func (c *fakeNetworkPolicyControl) getAntreaNetworkPolicyStatus() *secv1alpha1.NetworkPolicyStatus { +func (c *fakeNetworkPolicyControl) getAntreaNetworkPolicyStatus() *crdv1alpha1.NetworkPolicyStatus { c.Lock() defer c.Unlock() return c.anpStatus } -func (c *fakeNetworkPolicyControl) getAntreaClusterNetworkPolicyStatus() *secv1alpha1.NetworkPolicyStatus { +func (c *fakeNetworkPolicyControl) getAntreaClusterNetworkPolicyStatus() *crdv1alpha1.NetworkPolicyStatus { c.Lock() defer c.Unlock() return c.cnpStatus @@ -75,8 +75,8 @@ func newTestStatusController(initialObjects ...runtime.Object) (*StatusControlle antreaInformerFactory := antreainformers.NewSharedInformerFactory(antreaClientset, 0) networkPolicyControl := &fakeNetworkPolicyControl{} - cnpInformer := antreaInformerFactory.Security().V1alpha1().ClusterNetworkPolicies() - anpInformer := antreaInformerFactory.Security().V1alpha1().NetworkPolicies() + cnpInformer := antreaInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() + anpInformer := antreaInformerFactory.Crd().V1alpha1().NetworkPolicies() statusController := &StatusController{ npControlInterface: networkPolicyControl, queue: workqueue.NewNamedRateLimitingQueue(workqueue.NewItemExponentialFailureRateLimiter(minRetryDelay, maxRetryDelay), "networkpolicy"), @@ -113,7 +113,7 @@ func newNetworkPolicyStatus(name string, nodeName string, generation int64) *con func toAntreaNetworkPolicy(inp *types.NetworkPolicy) runtime.Object { if inp.SourceRef.Type == controlplane.AntreaNetworkPolicy { - return &secv1alpha1.NetworkPolicy{ + return &crdv1alpha1.NetworkPolicy{ ObjectMeta: v1.ObjectMeta{ Namespace: inp.SourceRef.Namespace, Name: inp.SourceRef.Name, @@ -121,7 +121,7 @@ func toAntreaNetworkPolicy(inp *types.NetworkPolicy) runtime.Object { }, } } else { - return &secv1alpha1.ClusterNetworkPolicy{ + return &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: v1.ObjectMeta{ Name: inp.SourceRef.Name, Generation: inp.Generation, @@ -150,8 +150,8 @@ func TestCreateAntreaNetworkPolicy(t *testing.T) { name string networkPolicy []*types.NetworkPolicy collectedNetworkPolicyStatus []*controlplane.NetworkPolicyStatus - expectedANPStatus *secv1alpha1.NetworkPolicyStatus - expectedCNPStatus *secv1alpha1.NetworkPolicyStatus + expectedANPStatus *crdv1alpha1.NetworkPolicyStatus + expectedCNPStatus *crdv1alpha1.NetworkPolicyStatus }{ { name: "no realization status", @@ -159,14 +159,14 @@ func TestCreateAntreaNetworkPolicy(t *testing.T) { newInternalNetworkPolicy("anp1", 1, []string{"node1", "node2"}, newAntreaNetworkPolicyReference("ns1", "anp1")), newInternalNetworkPolicy("cnp1", 1, []string{"node1", "node2"}, newAntreaClusterNetworkPolicyReference("cnp1")), }, - expectedANPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + expectedANPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 1, CurrentNodesRealized: 0, DesiredNodesRealized: 2, }, - expectedCNPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + expectedCNPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 1, CurrentNodesRealized: 0, DesiredNodesRealized: 2, @@ -184,14 +184,14 @@ func TestCreateAntreaNetworkPolicy(t *testing.T) { newNetworkPolicyStatus("cnp1", "node1", 2), newNetworkPolicyStatus("cnp1", "node2", 3), }, - expectedANPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + expectedANPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 2, CurrentNodesRealized: 1, DesiredNodesRealized: 2, }, - expectedCNPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + expectedCNPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 3, CurrentNodesRealized: 1, DesiredNodesRealized: 2, @@ -209,14 +209,14 @@ func TestCreateAntreaNetworkPolicy(t *testing.T) { newNetworkPolicyStatus("cnp1", "node1", 4), newNetworkPolicyStatus("cnp1", "node2", 4), }, - expectedANPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealized, + expectedANPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, ObservedGeneration: 3, CurrentNodesRealized: 2, DesiredNodesRealized: 2, }, - expectedCNPStatus: &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealized, + expectedCNPStatus: &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, ObservedGeneration: 4, CurrentNodesRealized: 2, DesiredNodesRealized: 2, @@ -268,14 +268,14 @@ func TestUpdateAntreaNetworkPolicy(t *testing.T) { statusController.UpdateStatus(newNetworkPolicyStatus("cnp1", "node5", 2)) // TODO: Use a determinate mechanism. time.Sleep(500 * time.Millisecond) - assert.Equal(t, &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealized, + assert.Equal(t, &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, ObservedGeneration: 1, CurrentNodesRealized: 2, DesiredNodesRealized: 2, }, networkPolicyControl.getAntreaNetworkPolicyStatus()) - assert.Equal(t, &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealized, + assert.Equal(t, &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, ObservedGeneration: 2, CurrentNodesRealized: 3, DesiredNodesRealized: 3, @@ -287,14 +287,14 @@ func TestUpdateAntreaNetworkPolicy(t *testing.T) { networkPolicyStore.Update(cnp1Updated) // TODO: Use a determinate mechanism. time.Sleep(500 * time.Millisecond) - assert.Equal(t, &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + assert.Equal(t, &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 2, CurrentNodesRealized: 0, DesiredNodesRealized: 3, }, networkPolicyControl.getAntreaNetworkPolicyStatus()) - assert.Equal(t, &secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealizing, + assert.Equal(t, &crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealizing, ObservedGeneration: 3, CurrentNodesRealized: 0, DesiredNodesRealized: 2, diff --git a/pkg/controller/networkpolicy/tier.go b/pkg/controller/networkpolicy/tier.go index 49a08ad2060..4e1ff977b1d 100644 --- a/pkg/controller/networkpolicy/tier.go +++ b/pkg/controller/networkpolicy/tier.go @@ -27,7 +27,7 @@ import ( "k8s.io/apimachinery/pkg/util/sets" "k8s.io/klog" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) var ( @@ -153,7 +153,7 @@ func (n *NetworkPolicyController) initTier(t *secv1alpha1.Tier) { retryAttempt := 1 for { klog.V(2).Infof("Creating %s Tier", t.Name) - _, err = n.crdClient.SecurityV1alpha1().Tiers().Create(context.TODO(), t, metav1.CreateOptions{}) + _, err = n.crdClient.CrdV1alpha1().Tiers().Create(context.TODO(), t, metav1.CreateOptions{}) // Attempt to recreate Tier after a backoff only if it does not exist. if err != nil && !errors.IsAlreadyExists(err) { klog.Warningf("Failed to create %s Tier on init: %v. Retry attempt: %d", t.Name, err, retryAttempt) @@ -181,7 +181,7 @@ func (n *NetworkPolicyController) updateTier(t *secv1alpha1.Tier) { retryAttempt := 1 for { klog.V(2).Infof("Updating %s Tier", t.Name) - _, err = n.crdClient.SecurityV1alpha1().Tiers().Update(context.TODO(), t, metav1.UpdateOptions{}) + _, err = n.crdClient.CrdV1alpha1().Tiers().Update(context.TODO(), t, metav1.UpdateOptions{}) // Attempt to update Tier after a backoff. if err != nil { klog.Warningf("Failed to update %s Tier on init: %v. Retry attempt: %d", t.Name, err, retryAttempt) diff --git a/pkg/controller/networkpolicy/validate.go b/pkg/controller/networkpolicy/validate.go index ae219dd1373..781ebc8dc2a 100644 --- a/pkg/controller/networkpolicy/validate.go +++ b/pkg/controller/networkpolicy/validate.go @@ -27,8 +27,8 @@ import ( "k8s.io/apiserver/pkg/authentication/serviceaccount" "k8s.io/klog" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/controller/networkpolicy/store" "github.com/vmware-tanzu/antrea/pkg/controller/types" "github.com/vmware-tanzu/antrea/pkg/util/env" @@ -148,7 +148,7 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi switch ar.Request.Kind.Kind { case "Tier": klog.V(2).Info("Validating Tier CRD") - var curTier, oldTier secv1alpha1.Tier + var curTier, oldTier crdv1alpha1.Tier if curRaw != nil { if err := json.Unmarshal(curRaw, &curTier); err != nil { klog.Errorf("Error de-serializing current Tier") @@ -164,7 +164,7 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi msg, allowed = v.validateTier(&curTier, &oldTier, op, ui) case "ClusterGroup": klog.V(2).Info("Validating ClusterGroup CRD") - var curCG, oldCG corev1a2.ClusterGroup + var curCG, oldCG crdv1alpha2.ClusterGroup if curRaw != nil { if err := json.Unmarshal(curRaw, &curCG); err != nil { klog.Errorf("Error de-serializing current ClusterGroup") @@ -180,7 +180,7 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi msg, allowed = v.validateAntreaGroup(&curCG, &oldCG, op, ui) case "ClusterNetworkPolicy": klog.V(2).Info("Validating Antrea ClusterNetworkPolicy CRD") - var curCNP, oldCNP secv1alpha1.ClusterNetworkPolicy + var curCNP, oldCNP crdv1alpha1.ClusterNetworkPolicy if curRaw != nil { if err := json.Unmarshal(curRaw, &curCNP); err != nil { klog.Errorf("Error de-serializing current Antrea ClusterNetworkPolicy") @@ -196,7 +196,7 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi msg, allowed = v.validateAntreaPolicy(&curCNP, &oldCNP, op, ui) case "NetworkPolicy": klog.V(2).Info("Validating Antrea NetworkPolicy CRD") - var curANP, oldANP secv1alpha1.NetworkPolicy + var curANP, oldANP crdv1alpha1.NetworkPolicy if curRaw != nil { if err := json.Unmarshal(curRaw, &curANP); err != nil { klog.Errorf("Error de-serializing current Antrea NetworkPolicy") @@ -255,8 +255,8 @@ func (v *NetworkPolicyValidator) validateAntreaPolicy(curObj, oldObj interface{} } // validatePort validates if ports is valid -func (a *antreaPolicyValidator) validatePort(ingress, egress []secv1alpha1.Rule) error { - isValid := func(rules []secv1alpha1.Rule) error { +func (a *antreaPolicyValidator) validatePort(ingress, egress []crdv1alpha1.Rule) error { + isValid := func(rules []crdv1alpha1.Rule) error { for _, rule := range rules { for _, port := range rule.Ports { if port.EndPort == nil { @@ -285,7 +285,7 @@ func (a *antreaPolicyValidator) validatePort(ingress, egress []secv1alpha1.Rule) } // validateAntreaGroup validates the admission of a ClusterGroup resource -func (v *NetworkPolicyValidator) validateAntreaGroup(curCG, oldCG *corev1a2.ClusterGroup, op admv1.Operation, userInfo authenticationv1.UserInfo) (string, bool) { +func (v *NetworkPolicyValidator) validateAntreaGroup(curCG, oldCG *crdv1alpha2.ClusterGroup, op admv1.Operation, userInfo authenticationv1.UserInfo) (string, bool) { allowed := true reason := "" switch op { @@ -318,7 +318,7 @@ func (v *NetworkPolicyValidator) validateAntreaGroup(curCG, oldCG *corev1a2.Clus } // validateTier validates the admission of a Tier resource -func (v *NetworkPolicyValidator) validateTier(curTier, oldTier *secv1alpha1.Tier, op admv1.Operation, userInfo authenticationv1.UserInfo) (string, bool) { +func (v *NetworkPolicyValidator) validateTier(curTier, oldTier *crdv1alpha1.Tier, op admv1.Operation, userInfo authenticationv1.UserInfo) (string, bool) { allowed := true reason := "" switch op { @@ -383,17 +383,17 @@ func GetAdmissionResponseForErr(err error) *admv1.AdmissionResponse { // createValidate validates the CREATE events of Antrea-native policies, func (a *antreaPolicyValidator) createValidate(curObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { var tier string - var ingress, egress []secv1alpha1.Rule - var specAppliedTo []secv1alpha1.NetworkPolicyPeer + var ingress, egress []crdv1alpha1.Rule + var specAppliedTo []crdv1alpha1.NetworkPolicyPeer switch curObj.(type) { - case *secv1alpha1.ClusterNetworkPolicy: - curCNP := curObj.(*secv1alpha1.ClusterNetworkPolicy) + case *crdv1alpha1.ClusterNetworkPolicy: + curCNP := curObj.(*crdv1alpha1.ClusterNetworkPolicy) tier = curCNP.Spec.Tier ingress = curCNP.Spec.Ingress egress = curCNP.Spec.Egress specAppliedTo = curCNP.Spec.AppliedTo - case *secv1alpha1.NetworkPolicy: - curANP := curObj.(*secv1alpha1.NetworkPolicy) + case *crdv1alpha1.NetworkPolicy: + curANP := curObj.(*crdv1alpha1.NetworkPolicy) tier = curANP.Spec.Tier ingress = curANP.Spec.Ingress egress = curANP.Spec.Egress @@ -421,9 +421,9 @@ func (a *antreaPolicyValidator) createValidate(curObj interface{}, userInfo auth } // validateRuleName validates if the name of each rule is unique within a policy -func (v *antreaPolicyValidator) validateRuleName(ingress, egress []secv1alpha1.Rule) bool { +func (v *antreaPolicyValidator) validateRuleName(ingress, egress []crdv1alpha1.Rule) bool { uniqueRuleName := sets.NewString() - isUnique := func(rules []secv1alpha1.Rule) bool { + isUnique := func(rules []crdv1alpha1.Rule) bool { for _, rule := range rules { if uniqueRuleName.Has(rule.Name) { return false @@ -435,9 +435,9 @@ func (v *antreaPolicyValidator) validateRuleName(ingress, egress []secv1alpha1.R return isUnique(ingress) && isUnique(egress) } -func (a *antreaPolicyValidator) validateAppliedTo(ingress, egress []secv1alpha1.Rule, specAppliedTo []secv1alpha1.NetworkPolicyPeer) (string, bool) { +func (a *antreaPolicyValidator) validateAppliedTo(ingress, egress []crdv1alpha1.Rule, specAppliedTo []crdv1alpha1.NetworkPolicyPeer) (string, bool) { appliedToInSpec := len(specAppliedTo) != 0 - countAppliedToInRules := func(rules []secv1alpha1.Rule) int { + countAppliedToInRules := func(rules []crdv1alpha1.Rule) int { num := 0 for _, rule := range rules { if len(rule.AppliedTo) != 0 { @@ -459,7 +459,7 @@ func (a *antreaPolicyValidator) validateAppliedTo(ingress, egress []secv1alpha1. return "appliedTo field should either be set in all rules or in none of them", false } // Ensure CG exists - checkAppTo := func(appTos []secv1alpha1.NetworkPolicyPeer) bool { + checkAppTo := func(appTos []crdv1alpha1.NetworkPolicyPeer) bool { for _, appTo := range specAppliedTo { if appTo.Group != "" { // Ensure that group exists @@ -491,8 +491,8 @@ func (a *antreaPolicyValidator) validateAppliedTo(ingress, egress []secv1alpha1. // validatePeers ensures that the NetworkPolicyPeer object set in rules are valid, i.e. // currently it ensures that a Group cannot be set with other stand-alone selectors or IPBlock. -func (a *antreaPolicyValidator) validatePeers(ingress, egress []secv1alpha1.Rule) (string, bool) { - checkPeers := func(peers []secv1alpha1.NetworkPolicyPeer) (string, bool) { +func (a *antreaPolicyValidator) validatePeers(ingress, egress []crdv1alpha1.Rule) (string, bool) { + checkPeers := func(peers []crdv1alpha1.NetworkPolicyPeer) (string, bool) { for _, peer := range peers { if peer.Group == "" { continue @@ -539,17 +539,17 @@ func (v *antreaPolicyValidator) validateTierForPolicy(tier string) (string, bool // updateValidate validates the UPDATE events of Antrea-native policies. func (a *antreaPolicyValidator) updateValidate(curObj, oldObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { var tier string - var ingress, egress []secv1alpha1.Rule - var specAppliedTo []secv1alpha1.NetworkPolicyPeer + var ingress, egress []crdv1alpha1.Rule + var specAppliedTo []crdv1alpha1.NetworkPolicyPeer switch curObj.(type) { - case *secv1alpha1.ClusterNetworkPolicy: - curCNP := curObj.(*secv1alpha1.ClusterNetworkPolicy) + case *crdv1alpha1.ClusterNetworkPolicy: + curCNP := curObj.(*crdv1alpha1.ClusterNetworkPolicy) tier = curCNP.Spec.Tier ingress = curCNP.Spec.Ingress egress = curCNP.Spec.Egress specAppliedTo = curCNP.Spec.AppliedTo - case *secv1alpha1.NetworkPolicy: - curANP := curObj.(*secv1alpha1.NetworkPolicy) + case *crdv1alpha1.NetworkPolicy: + curANP := curObj.(*crdv1alpha1.NetworkPolicy) tier = curANP.Spec.Tier ingress = curANP.Spec.Ingress egress = curANP.Spec.Egress @@ -582,7 +582,7 @@ func (t *tierValidator) createValidate(curObj interface{}, userInfo authenticati if len(t.networkPolicyController.tierInformer.Informer().GetIndexer().ListIndexFuncValues(PriorityIndex)) >= maxSupportedTiers { return fmt.Sprintf("maximum number of Tiers supported: %d", maxSupportedTiers), false } - curTier := curObj.(*secv1alpha1.Tier) + curTier := curObj.(*crdv1alpha1.Tier) // Tier priority must not overlap reserved tier's priority. if reservedTierPriorities.Has(curTier.Spec.Priority) { return fmt.Sprintf("tier %s priority %d is reserved", curTier.Name, curTier.Spec.Priority), false @@ -599,8 +599,8 @@ func (t *tierValidator) createValidate(curObj interface{}, userInfo authenticati func (t *tierValidator) updateValidate(curObj, oldObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { allowed := true reason := "" - curTier := curObj.(*secv1alpha1.Tier) - oldTier := oldObj.(*secv1alpha1.Tier) + curTier := curObj.(*crdv1alpha1.Tier) + oldTier := oldObj.(*crdv1alpha1.Tier) // Retrieve antrea-controller's Namespace namespace := env.GetAntreaNamespace() // Allow exception of Tier Priority updates performed by the antrea-controller @@ -616,7 +616,7 @@ func (t *tierValidator) updateValidate(curObj, oldObj interface{}, userInfo auth // deleteValidate validates the DELETE events of Tier resources. func (t *tierValidator) deleteValidate(oldObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { - oldTier := oldObj.(*secv1alpha1.Tier) + oldTier := oldObj.(*crdv1alpha1.Tier) if reservedTierNames.Has(oldTier.Name) { return fmt.Sprintf("cannot delete reserved tier %s", oldTier.Name), false } @@ -634,7 +634,7 @@ func (t *tierValidator) deleteValidate(oldObj interface{}, userInfo authenticati // validateAntreaGroupSpec ensures that an IPBlock is not set along with namespaceSelector and/or a // podSelector. Similarly, ExternalEntitySelector cannot be set with PodSelector. -func validateAntreaGroupSpec(s corev1a2.GroupSpec) (string, bool) { +func validateAntreaGroupSpec(s crdv1alpha2.GroupSpec) (string, bool) { selector, serviceRef, ipBlock, childGroups := 0, 0, 0, 0 if s.NamespaceSelector != nil || s.ExternalEntitySelector != nil || s.PodSelector != nil { selector = 1 @@ -657,7 +657,7 @@ func validateAntreaGroupSpec(s corev1a2.GroupSpec) (string, bool) { return "", true } -func (g *groupValidator) validateChildGroup(s *corev1a2.ClusterGroup, isUpdate bool) (string, bool) { +func (g *groupValidator) validateChildGroup(s *crdv1alpha2.ClusterGroup, isUpdate bool) (string, bool) { if len(s.Spec.ChildGroups) > 0 { if isUpdate { parentGrps, err := g.networkPolicyController.internalGroupStore.GetByIndex(store.ChildGroupIndex, s.Name) @@ -685,7 +685,7 @@ func (g *groupValidator) validateChildGroup(s *corev1a2.ClusterGroup, isUpdate b // createValidate validates the CREATE events of ClusterGroup resources. func (g *groupValidator) createValidate(curObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { - curCG := curObj.(*corev1a2.ClusterGroup) + curCG := curObj.(*crdv1alpha2.ClusterGroup) reason, allowed := validateAntreaGroupSpec(curCG.Spec) if !allowed { return reason, allowed @@ -695,7 +695,7 @@ func (g *groupValidator) createValidate(curObj interface{}, userInfo authenticat // updateValidate validates the UPDATE events of ClusterGroup resources. func (g *groupValidator) updateValidate(curObj, oldObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { - curCG := curObj.(*corev1a2.ClusterGroup) + curCG := curObj.(*crdv1alpha2.ClusterGroup) reason, allowed := validateAntreaGroupSpec(curCG.Spec) if !allowed { return reason, allowed @@ -705,7 +705,7 @@ func (g *groupValidator) updateValidate(curObj, oldObj interface{}, userInfo aut // deleteValidate validates the DELETE events of ClusterGroup resources. func (g *groupValidator) deleteValidate(oldObj interface{}, userInfo authenticationv1.UserInfo) (string, bool) { - oldCG := oldObj.(*corev1a2.ClusterGroup) + oldCG := oldObj.(*crdv1alpha2.ClusterGroup) // ClusterGroup with existing ACNP references cannot be deleted. cnps, err := g.networkPolicyController.cnpInformer.Informer().GetIndexer().ByIndex(ClusterGroupIndex, oldCG.Name) if err != nil { @@ -714,7 +714,7 @@ func (g *groupValidator) deleteValidate(oldObj interface{}, userInfo authenticat if len(cnps) > 0 { cnpNameList := make([]string, len(cnps)) for i := range cnps { - cnpObj := cnps[i].(*secv1alpha1.ClusterNetworkPolicy) + cnpObj := cnps[i].(*crdv1alpha1.ClusterNetworkPolicy) cnpNameList[i] = cnpObj.Name } return fmt.Sprintf("ClusterGroup %s is referenced by %d Antrea ClusterNetworkPolicies: %v", oldCG.Name, len(cnps), cnpNameList), false diff --git a/pkg/controller/querier/querier.go b/pkg/controller/querier/querier.go index c88805fb61d..abdf8385842 100644 --- a/pkg/controller/querier/querier.go +++ b/pkg/controller/querier/querier.go @@ -18,7 +18,7 @@ import ( v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" "github.com/vmware-tanzu/antrea/pkg/querier" ) diff --git a/pkg/controller/querier/testing/mock_querier.go b/pkg/controller/querier/testing/mock_querier.go index 7e1bea37db0..6358fd34c88 100644 --- a/pkg/controller/querier/testing/mock_querier.go +++ b/pkg/controller/querier/testing/mock_querier.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -21,7 +21,7 @@ package testing import ( gomock "github.com/golang/mock/gomock" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" reflect "reflect" ) diff --git a/pkg/controller/stats/aggregator.go b/pkg/controller/stats/aggregator.go index 2c975e0514a..06c2c7ab297 100644 --- a/pkg/controller/stats/aggregator.go +++ b/pkg/controller/stats/aggregator.go @@ -26,9 +26,9 @@ import ( "k8s.io/klog" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" - secvinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/security/v1alpha1" + crdvinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/features" "github.com/vmware-tanzu/antrea/pkg/k8s" ) @@ -69,7 +69,7 @@ func uidIndexFunc(obj interface{}) ([]string, error) { return []string{string(meta.GetUID())}, nil } -func NewAggregator(networkPolicyInformer networkinginformers.NetworkPolicyInformer, cnpInformer secvinformers.ClusterNetworkPolicyInformer, anpInformer secvinformers.NetworkPolicyInformer) *Aggregator { +func NewAggregator(networkPolicyInformer networkinginformers.NetworkPolicyInformer, cnpInformer crdvinformers.ClusterNetworkPolicyInformer, anpInformer crdvinformers.NetworkPolicyInformer) *Aggregator { aggregator := &Aggregator{ networkPolicyStats: cache.NewIndexer(cache.MetaNamespaceKeyFunc, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc, uidIndex: uidIndexFunc}), dataCh: make(chan *controlplane.NodeStatsSummary, 1000), @@ -158,7 +158,7 @@ func (a *Aggregator) deleteNetworkPolicy(obj interface{}) { // addCNP handles ClusterNetworkPolicy ADD events and creates corresponding ClusterNetworkPolicyStats objects. func (a *Aggregator) addCNP(obj interface{}) { - cnp := obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp := obj.(*crdv1alpha1.ClusterNetworkPolicy) stats := &statsv1alpha1.AntreaClusterNetworkPolicyStats{ ObjectMeta: metav1.ObjectMeta{ Name: cnp.Name, @@ -173,14 +173,14 @@ func (a *Aggregator) addCNP(obj interface{}) { // deleteCNP handles ClusterNetworkPolicy DELETE events and deletes corresponding ClusterNetworkPolicyStats objects. func (a *Aggregator) deleteCNP(obj interface{}) { - cnp, ok := obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp, ok := obj.(*crdv1alpha1.ClusterNetworkPolicy) if !ok { tombstone, ok := obj.(cache.DeletedFinalStateUnknown) if !ok { klog.Errorf("Error decoding object when deleting Antrea ClusterNetworkPolicy, invalid type: %v", obj) return } - cnp, ok = tombstone.Obj.(*secv1alpha1.ClusterNetworkPolicy) + cnp, ok = tombstone.Obj.(*crdv1alpha1.ClusterNetworkPolicy) if !ok { klog.Errorf("Error decoding object tombstone when deleting Antrea ClusterNetworkPolicy, invalid type: %v", tombstone.Obj) return @@ -197,7 +197,7 @@ func (a *Aggregator) deleteCNP(obj interface{}) { // addANP handles Antrea NetworkPolicy ADD events and creates corresponding AntreaNetworkPolicyStats objects. func (a *Aggregator) addANP(obj interface{}) { - anp := obj.(*secv1alpha1.NetworkPolicy) + anp := obj.(*crdv1alpha1.NetworkPolicy) stats := &statsv1alpha1.AntreaNetworkPolicyStats{ ObjectMeta: metav1.ObjectMeta{ Namespace: anp.Namespace, @@ -213,14 +213,14 @@ func (a *Aggregator) addANP(obj interface{}) { // deleteANP handles Antrea NetworkPolicy DELETE events and deletes corresponding AntreaNetworkPolicyStats objects. func (a *Aggregator) deleteANP(obj interface{}) { - anp, ok := obj.(*secv1alpha1.NetworkPolicy) + anp, ok := obj.(*crdv1alpha1.NetworkPolicy) if !ok { tombstone, ok := obj.(cache.DeletedFinalStateUnknown) if !ok { klog.Errorf("Error decoding object when deleting Antrea NetworkPolicy, invalid type: %v", obj) return } - anp, ok = tombstone.Obj.(*secv1alpha1.NetworkPolicy) + anp, ok = tombstone.Obj.(*crdv1alpha1.NetworkPolicy) if !ok { klog.Errorf("Error decoding object tombstone when deleting Antrea NetworkPolicy, invalid type: %v", tombstone.Obj) return diff --git a/pkg/controller/stats/aggregator_test.go b/pkg/controller/stats/aggregator_test.go index f4c50f1deb2..79e33a974c3 100644 --- a/pkg/controller/stats/aggregator_test.go +++ b/pkg/controller/stats/aggregator_test.go @@ -30,7 +30,7 @@ import ( featuregatetesting "k8s.io/component-base/featuregate/testing" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" fakeversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" @@ -44,16 +44,16 @@ var ( np2 = &networkingv1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "baz", UID: "uid2"}, } - cnp1 = &secv1alpha1.ClusterNetworkPolicy{ + cnp1 = &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "bar", UID: "uid3"}, } - cnp2 = &secv1alpha1.ClusterNetworkPolicy{ + cnp2 = &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "", Name: "baz", UID: "uid4"}, } - anp1 = &secv1alpha1.NetworkPolicy{ + anp1 = &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar", UID: "uid5"}, } - anp2 = &secv1alpha1.NetworkPolicy{ + anp2 = &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "baz", UID: "uid6"}, } ) @@ -491,7 +491,7 @@ func TestAggregatorCollectListGet(t *testing.T) { informerFactory := informers.NewSharedInformerFactory(client, 12*time.Hour) crdClient := fakeversioned.NewSimpleClientset(append(tt.existingAntreaClusterNetworkPolicies, tt.existingAntreaNetworkPolicies...)...) crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, 12*time.Hour) - a := NewAggregator(informerFactory.Networking().V1().NetworkPolicies(), crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies(), crdInformerFactory.Security().V1alpha1().NetworkPolicies()) + a := NewAggregator(informerFactory.Networking().V1().NetworkPolicies(), crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies(), crdInformerFactory.Crd().V1alpha1().NetworkPolicies()) informerFactory.Start(stopCh) crdInformerFactory.Start(stopCh) go a.Run(stopCh) @@ -537,7 +537,7 @@ func TestDeleteNetworkPolicy(t *testing.T) { informerFactory := informers.NewSharedInformerFactory(client, 12*time.Hour) crdClient := fakeversioned.NewSimpleClientset(cnp1, anp1) crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, 12*time.Hour) - a := NewAggregator(informerFactory.Networking().V1().NetworkPolicies(), crdInformerFactory.Security().V1alpha1().ClusterNetworkPolicies(), crdInformerFactory.Security().V1alpha1().NetworkPolicies()) + a := NewAggregator(informerFactory.Networking().V1().NetworkPolicies(), crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies(), crdInformerFactory.Crd().V1alpha1().NetworkPolicies()) informerFactory.Start(stopCh) crdInformerFactory.Start(stopCh) go a.Run(stopCh) @@ -597,8 +597,8 @@ func TestDeleteNetworkPolicy(t *testing.T) { require.Equal(t, 1, len(a.ListAntreaNetworkPolicyStats(""))) client.NetworkingV1().NetworkPolicies(np1.Namespace).Delete(context.TODO(), np1.Name, metav1.DeleteOptions{}) - crdClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), cnp1.Name, metav1.DeleteOptions{}) - crdClient.SecurityV1alpha1().NetworkPolicies(anp1.Namespace).Delete(context.TODO(), anp1.Name, metav1.DeleteOptions{}) + crdClient.CrdV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), cnp1.Name, metav1.DeleteOptions{}) + crdClient.CrdV1alpha1().NetworkPolicies(anp1.Namespace).Delete(context.TODO(), anp1.Name, metav1.DeleteOptions{}) // Event handlers are asynchronous, it's supposed to finish very soon. err = wait.PollImmediate(100*time.Millisecond, time.Second, func() (done bool, err error) { return len(a.ListNetworkPolicyStats("")) == 0 && len(a.ListAntreaClusterNetworkPolicyStats()) == 0 && len(a.ListAntreaNetworkPolicyStats("")) == 0, nil diff --git a/pkg/controller/traceflow/controller.go b/pkg/controller/traceflow/controller.go index 046fbd55981..ff6ad72c1f6 100644 --- a/pkg/controller/traceflow/controller.go +++ b/pkg/controller/traceflow/controller.go @@ -31,10 +31,10 @@ import ( "k8s.io/client-go/util/workqueue" "k8s.io/klog" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - opsinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/ops/v1alpha1" - opslisters "github.com/vmware-tanzu/antrea/pkg/client/listers/ops/v1alpha1" + crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/crd/v1alpha1" + crdlisters "github.com/vmware-tanzu/antrea/pkg/client/listers/crd/v1alpha1" ) const ( @@ -74,8 +74,8 @@ var ( type Controller struct { client versioned.Interface podInformer coreinformers.PodInformer - traceflowInformer opsinformers.TraceflowInformer - traceflowLister opslisters.TraceflowLister + traceflowInformer crdinformers.TraceflowInformer + traceflowLister crdlisters.TraceflowLister traceflowListerSynced cache.InformerSynced queue workqueue.RateLimitingInterface runningTraceflowsMutex sync.Mutex @@ -83,7 +83,7 @@ type Controller struct { } // NewTraceflowController creates a new traceflow controller and adds podIP indexer to podInformer. -func NewTraceflowController(client versioned.Interface, podInformer coreinformers.PodInformer, traceflowInformer opsinformers.TraceflowInformer) *Controller { +func NewTraceflowController(client versioned.Interface, podInformer coreinformers.PodInformer, traceflowInformer crdinformers.TraceflowInformer) *Controller { c := &Controller{ client: client, podInformer: podInformer, @@ -123,7 +123,7 @@ func podIPsIndexFunc(obj interface{}) ([]string, error) { } // enqueueTraceflow adds an object to the controller work queue. -func (c *Controller) enqueueTraceflow(tf *opsv1alpha1.Traceflow) { +func (c *Controller) enqueueTraceflow(tf *crdv1alpha1.Traceflow) { c.queue.Add(tf.Name) } @@ -143,7 +143,7 @@ func (c *Controller) Run(stopCh <-chan struct{}) { klog.Errorf("Failed to list all Antrea Traceflows") } for _, tf := range tfs { - if tf.Status.Phase == opsv1alpha1.Running { + if tf.Status.Phase == crdv1alpha1.Running { if err := c.occupyTag(tf); err != nil { klog.Errorf("Load Traceflow data plane tag failed %v+: %v", tf, err) } @@ -161,19 +161,19 @@ func (c *Controller) Run(stopCh <-chan struct{}) { } func (c *Controller) addTraceflow(obj interface{}) { - tf := obj.(*opsv1alpha1.Traceflow) + tf := obj.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s ADD event", tf.Name) c.enqueueTraceflow(tf) } func (c *Controller) updateTraceflow(_, curObj interface{}) { - tf := curObj.(*opsv1alpha1.Traceflow) + tf := curObj.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s UPDATE event", tf.Name) c.enqueueTraceflow(tf) } func (c *Controller) deleteTraceflow(old interface{}) { - tf := old.(*opsv1alpha1.Traceflow) + tf := old.(*crdv1alpha1.Traceflow) klog.Infof("Processing Traceflow %s DELETE event", tf.Name) c.deallocateTagForTF(tf) } @@ -252,18 +252,18 @@ func (c *Controller) syncTraceflow(traceflowName string) error { return err } switch tf.Status.Phase { - case "", opsv1alpha1.Pending: + case "", crdv1alpha1.Pending: err = c.startTraceflow(tf) - case opsv1alpha1.Running: + case crdv1alpha1.Running: err = c.checkTraceflowStatus(tf) - case opsv1alpha1.Failed: + case crdv1alpha1.Failed: // Deallocate tag when agent set Traceflow status to Failed. c.deallocateTagForTF(tf) } return err } -func (c *Controller) startTraceflow(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) startTraceflow(tf *crdv1alpha1.Traceflow) error { // Allocate data plane tag. tag, err := c.allocateTag(tf.Name) if err != nil { @@ -273,22 +273,22 @@ func (c *Controller) startTraceflow(tf *opsv1alpha1.Traceflow) error { return nil } - err = c.updateTraceflowStatus(tf, opsv1alpha1.Running, "", tag) + err = c.updateTraceflowStatus(tf, crdv1alpha1.Running, "", tag) if err != nil { c.deallocateTag(tf.Name, tag) } return err } -func (c *Controller) checkTraceflowStatus(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) checkTraceflowStatus(tf *crdv1alpha1.Traceflow) error { sender := false receiver := false for i, nodeResult := range tf.Status.Results { for j, ob := range nodeResult.Observations { - if ob.Component == opsv1alpha1.SpoofGuard { + if ob.Component == crdv1alpha1.SpoofGuard { sender = true } - if ob.Action == opsv1alpha1.Delivered || ob.Action == opsv1alpha1.Dropped || ob.Action == opsv1alpha1.ForwardedOutOfOverlay { + if ob.Action == crdv1alpha1.Delivered || ob.Action == crdv1alpha1.Dropped || ob.Action == crdv1alpha1.ForwardedOutOfOverlay { receiver = true } if ob.TranslatedDstIP != "" { @@ -309,28 +309,28 @@ func (c *Controller) checkTraceflowStatus(tf *opsv1alpha1.Traceflow) error { } if sender && receiver { c.deallocateTagForTF(tf) - return c.updateTraceflowStatus(tf, opsv1alpha1.Succeeded, "", 0) + return c.updateTraceflowStatus(tf, crdv1alpha1.Succeeded, "", 0) } // CreationTimestamp is of second accuracy. if time.Now().Unix() > tf.CreationTimestamp.Unix()+int64(timeoutDuration.Seconds()) { c.deallocateTagForTF(tf) - return c.updateTraceflowStatus(tf, opsv1alpha1.Failed, traceflowTimeout, 0) + return c.updateTraceflowStatus(tf, crdv1alpha1.Failed, traceflowTimeout, 0) } return nil } -func (c *Controller) updateTraceflowStatus(tf *opsv1alpha1.Traceflow, phase opsv1alpha1.TraceflowPhase, reason string, dataPlaneTag uint8) error { +func (c *Controller) updateTraceflowStatus(tf *crdv1alpha1.Traceflow, phase crdv1alpha1.TraceflowPhase, reason string, dataPlaneTag uint8) error { update := tf.DeepCopy() update.Status.Phase = phase update.Status.DataplaneTag = dataPlaneTag if reason != "" { update.Status.Reason = reason } - _, err := c.client.OpsV1alpha1().Traceflows().UpdateStatus(context.TODO(), update, metav1.UpdateOptions{}) + _, err := c.client.CrdV1alpha1().Traceflows().UpdateStatus(context.TODO(), update, metav1.UpdateOptions{}) return err } -func (c *Controller) occupyTag(tf *opsv1alpha1.Traceflow) error { +func (c *Controller) occupyTag(tf *crdv1alpha1.Traceflow) error { tag := tf.Status.DataplaneTag if tag < minTagNum || tag > maxTagNum { return errors.New("this Traceflow CRD's data plane tag is out of range") @@ -373,7 +373,7 @@ func (c *Controller) allocateTag(name string) (uint8, error) { } // Deallocates tag from cache. Ignore DataplaneTag == 0 which is an invalid case. -func (c *Controller) deallocateTagForTF(tf *opsv1alpha1.Traceflow) { +func (c *Controller) deallocateTagForTF(tf *crdv1alpha1.Traceflow) { if tf.Status.DataplaneTag != 0 { c.deallocateTag(tf.Name, tf.Status.DataplaneTag) } diff --git a/pkg/controller/traceflow/controller_test.go b/pkg/controller/traceflow/controller_test.go index f38b9aefa45..58a8d9c2e3d 100644 --- a/pkg/controller/traceflow/controller_test.go +++ b/pkg/controller/traceflow/controller_test.go @@ -29,7 +29,7 @@ import ( "k8s.io/client-go/kubernetes/fake" k8stesting "k8s.io/client-go/testing" - ops "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" fakeversioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/fake" crdinformers "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions" @@ -53,7 +53,7 @@ func newController() *traceflowController { crdInformerFactory := crdinformers.NewSharedInformerFactory(crdClient, informerDefaultResync) controller := NewTraceflowController(crdClient, informerFactory.Core().V1().Pods(), - crdInformerFactory.Ops().V1alpha1().Traceflows()) + crdInformerFactory.Crd().V1alpha1().Traceflows()) controller.traceflowListerSynced = alwaysReady return &traceflowController{ controller, @@ -79,46 +79,46 @@ func TestTraceflow(t *testing.T) { return len(tfc.runningTraceflows) } - tf1 := ops.Traceflow{ + tf1 := crdv1alpha1.Traceflow{ ObjectMeta: metav1.ObjectMeta{Name: "tf1", UID: "uid1"}, - Spec: ops.TraceflowSpec{ - Source: ops.Source{Namespace: "ns1", Pod: "pod1"}, - Destination: ops.Destination{Namespace: "ns2", Pod: "pod2"}, + Spec: crdv1alpha1.TraceflowSpec{ + Source: crdv1alpha1.Source{Namespace: "ns1", Pod: "pod1"}, + Destination: crdv1alpha1.Destination{Namespace: "ns2", Pod: "pod2"}, }, } - tfc.client.OpsV1alpha1().Traceflows().Create(context.TODO(), &tf1, metav1.CreateOptions{}) - res, _ := tfc.waitForTraceflow("tf1", ops.Running, time.Second) + tfc.client.CrdV1alpha1().Traceflows().Create(context.TODO(), &tf1, metav1.CreateOptions{}) + res, _ := tfc.waitForTraceflow("tf1", crdv1alpha1.Running, time.Second) assert.NotNil(t, res) // DataplaneTag should be allocated by Controller. assert.True(t, res.Status.DataplaneTag > 0) assert.Equal(t, numRunningTraceflows(), 1) // Test Controller handling of successful Traceflow. - res.Status.Results = []ops.NodeResult{ + res.Status.Results = []crdv1alpha1.NodeResult{ // Sender { - Observations: []ops.Observation{{Component: ops.SpoofGuard}}, + Observations: []crdv1alpha1.Observation{{Component: crdv1alpha1.SpoofGuard}}, }, // Receiver { - Observations: []ops.Observation{{Action: ops.Delivered}}, + Observations: []crdv1alpha1.Observation{{Action: crdv1alpha1.Delivered}}, }, } - tfc.client.OpsV1alpha1().Traceflows().Update(context.TODO(), res, metav1.UpdateOptions{}) - res, _ = tfc.waitForTraceflow("tf1", ops.Succeeded, time.Second) + tfc.client.CrdV1alpha1().Traceflows().Update(context.TODO(), res, metav1.UpdateOptions{}) + res, _ = tfc.waitForTraceflow("tf1", crdv1alpha1.Succeeded, time.Second) assert.NotNil(t, res) // DataplaneTag should be deallocated by Controller. assert.True(t, res.Status.DataplaneTag == 0) assert.Equal(t, numRunningTraceflows(), 0) - tfc.client.OpsV1alpha1().Traceflows().Delete(context.TODO(), "tf1", metav1.DeleteOptions{}) + tfc.client.CrdV1alpha1().Traceflows().Delete(context.TODO(), "tf1", metav1.DeleteOptions{}) // Test Traceflow timeout. startTime := time.Now() - tfc.client.OpsV1alpha1().Traceflows().Create(context.TODO(), &tf1, metav1.CreateOptions{}) - res, _ = tfc.waitForTraceflow("tf1", ops.Running, time.Second) + tfc.client.CrdV1alpha1().Traceflows().Create(context.TODO(), &tf1, metav1.CreateOptions{}) + res, _ = tfc.waitForTraceflow("tf1", crdv1alpha1.Running, time.Second) assert.NotNil(t, res) - res, _ = tfc.waitForTraceflow("tf1", ops.Failed, timeoutDuration*2) + res, _ = tfc.waitForTraceflow("tf1", crdv1alpha1.Failed, timeoutDuration*2) assert.NotNil(t, res) assert.True(t, time.Now().Sub(startTime) >= timeoutDuration) assert.Equal(t, res.Status.Reason, traceflowTimeout) @@ -128,11 +128,11 @@ func TestTraceflow(t *testing.T) { close(stopCh) } -func (tfc *traceflowController) waitForTraceflow(name string, phase ops.TraceflowPhase, timeout time.Duration) (*ops.Traceflow, error) { - var tf *ops.Traceflow +func (tfc *traceflowController) waitForTraceflow(name string, phase crdv1alpha1.TraceflowPhase, timeout time.Duration) (*crdv1alpha1.Traceflow, error) { + var tf *crdv1alpha1.Traceflow var err error if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { - tf, err = tfc.client.OpsV1alpha1().Traceflows().Get(context.TODO(), name, metav1.GetOptions{}) + tf, err = tfc.client.CrdV1alpha1().Traceflows().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil || tf.Status.Phase != phase { return false, nil } @@ -147,7 +147,7 @@ func newCRDClientset() *fakeversioned.Clientset { client := fakeversioned.NewSimpleClientset() client.PrependReactor("create", "traceflows", k8stesting.ReactionFunc(func(action k8stesting.Action) (bool, runtime.Object, error) { - tf := action.(k8stesting.CreateAction).GetObject().(*ops.Traceflow) + tf := action.(k8stesting.CreateAction).GetObject().(*crdv1alpha1.Traceflow) // Fake client does not set CreationTimestamp. if tf.ObjectMeta.CreationTimestamp == (metav1.Time{}) { diff --git a/pkg/graphviz/traceflow.go b/pkg/graphviz/traceflow.go index e38ef7e06df..e71c56a9d20 100644 --- a/pkg/graphviz/traceflow.go +++ b/pkg/graphviz/traceflow.go @@ -22,7 +22,7 @@ import ( "github.com/awalterschulze/gographviz" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ) const ( @@ -106,21 +106,21 @@ func createClusterWithDefaultStyle(graph *gographviz.Graph, name string) (*gogra return graph.SubGraphs.SubGraphs[name], nil } -func isSender(result *opsv1alpha1.NodeResult) bool { +func isSender(result *crdv1alpha1.NodeResult) bool { if len(result.Observations) == 0 { return false } - if result.Observations[0].Component != opsv1alpha1.SpoofGuard || result.Observations[0].Action != opsv1alpha1.Forwarded { + if result.Observations[0].Component != crdv1alpha1.SpoofGuard || result.Observations[0].Action != crdv1alpha1.Forwarded { return false } return true } -func isReceiver(result *opsv1alpha1.NodeResult) bool { +func isReceiver(result *crdv1alpha1.NodeResult) bool { if len(result.Observations) == 0 { return false } - if result.Observations[0].Component != opsv1alpha1.Forwarding || result.Observations[0].Action != opsv1alpha1.Received { + if result.Observations[0].Component != crdv1alpha1.Forwarding || result.Observations[0].Action != crdv1alpha1.Received { return false } return true @@ -137,7 +137,7 @@ func getWrappedStr(str string) string { return `"` + wStr + `"` } -func getNodeResult(tf *opsv1alpha1.Traceflow, fn func(result *opsv1alpha1.NodeResult) bool) *opsv1alpha1.NodeResult { +func getNodeResult(tf *crdv1alpha1.Traceflow, fn func(result *crdv1alpha1.NodeResult) bool) *crdv1alpha1.NodeResult { for i := range tf.Status.Results { result := tf.Status.Results[i] if fn(&result) { @@ -147,14 +147,14 @@ func getNodeResult(tf *opsv1alpha1.Traceflow, fn func(result *opsv1alpha1.NodeRe return nil } -func getSrcNodeName(tf *opsv1alpha1.Traceflow) string { +func getSrcNodeName(tf *crdv1alpha1.Traceflow) string { if len(tf.Spec.Source.Namespace) > 0 && len(tf.Spec.Source.Pod) > 0 { return getWrappedStr(tf.Spec.Source.Namespace + "/" + tf.Spec.Source.Pod) } return "" } -func getDstNodeName(tf *opsv1alpha1.Traceflow) string { +func getDstNodeName(tf *crdv1alpha1.Traceflow) string { if len(tf.Spec.Destination.Namespace) > 0 && len(tf.Spec.Destination.Service) > 0 { return getWrappedStr(tf.Spec.Destination.Namespace + "/" + tf.Spec.Destination.Pod + "\nService: " + tf.Spec.Destination.Service) @@ -169,13 +169,13 @@ func getDstNodeName(tf *opsv1alpha1.Traceflow) string { } // getTraceflowMessage gets the shown message string in traceflow graph. -func getTraceflowMessage(o *opsv1alpha1.Observation, spec *opsv1alpha1.TraceflowSpec) string { +func getTraceflowMessage(o *crdv1alpha1.Observation, spec *crdv1alpha1.TraceflowSpec) string { str := string(o.Component) if len(o.ComponentInfo) > 0 { str += "\n" + o.ComponentInfo } str += "\n" + string(o.Action) - if o.Component == opsv1alpha1.NetworkPolicy && len(o.NetworkPolicy) > 0 { + if o.Component == crdv1alpha1.ComponentNetworkPolicy && len(o.NetworkPolicy) > 0 { str += "\nNetpol: " + o.NetworkPolicy } if len(o.Pod) > 0 { @@ -184,10 +184,10 @@ func getTraceflowMessage(o *opsv1alpha1.Observation, spec *opsv1alpha1.Traceflow spec.Destination.Pod = o.Pod[strings.Index(o.Pod, `/`)+1:] } } - if o.Action != opsv1alpha1.Dropped && len(o.TranslatedDstIP) > 0 { + if o.Action != crdv1alpha1.Dropped && len(o.TranslatedDstIP) > 0 { str += "\nTranslated Destination IP: " + o.TranslatedDstIP } - if o.Action != opsv1alpha1.Dropped && len(o.TunnelDstIP) > 0 { + if o.Action != crdv1alpha1.Dropped && len(o.TunnelDstIP) > 0 { str += "\nTunnel Destination IP : " + o.TunnelDstIP } return str @@ -233,20 +233,20 @@ func genOutput(graph *gographviz.Graph, isSingleCluster bool) string { return str } -func getTraceflowStatusMessage(tf *opsv1alpha1.Traceflow) string { +func getTraceflowStatusMessage(tf *crdv1alpha1.Traceflow) string { switch tf.Status.Phase { - case opsv1alpha1.Failed: + case crdv1alpha1.Failed: return getWrappedStr(fmt.Sprintf("Traceflow %s failed: %s", tf.Name, tf.Status.Reason)) - case opsv1alpha1.Running: + case crdv1alpha1.Running: return getWrappedStr(fmt.Sprintf("Traceflow %s is running...", tf.Name)) - case opsv1alpha1.Pending: + case crdv1alpha1.Pending: return getWrappedStr(fmt.Sprintf("Traceflow %s is pending...", tf.Name)) default: return getWrappedStr("Unknown Traceflow status. Please check whether Antrea is running.") } } -func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result *opsv1alpha1.NodeResult, spec *opsv1alpha1.TraceflowSpec, +func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result *crdv1alpha1.NodeResult, spec *crdv1alpha1.TraceflowSpec, endpointNodeName string, isForwardDir bool, addNodeNum int) ([]*gographviz.Node, error) { var nodes []*gographviz.Node @@ -272,7 +272,7 @@ func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result * // Reorder the observations according to the direction of edges. // Before that, deep copy observations to prevent possible risks of the original traceflow being modified. - obs := make([]opsv1alpha1.Observation, len(result.Observations)) + obs := make([]crdv1alpha1.Observation, len(result.Observations)) copy(obs, result.Observations) if !isForwardDir { for i := len(obs)/2 - 1; i >= 0; i-- { @@ -303,12 +303,12 @@ func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result * } else { edge.Attrs[gographviz.MinLen] = "1" } - if o.Action == opsv1alpha1.Dropped && !isForwardDir { + if o.Action == crdv1alpha1.Dropped && !isForwardDir { edge.Attrs[gographviz.Style] = `"invis"` } } // Set the pattern of node. - if o.Action == opsv1alpha1.Dropped { + if o.Action == crdv1alpha1.Dropped { node.Attrs[gographviz.Color] = fireBrick node.Attrs[gographviz.FillColor] = mistyRose } else { @@ -321,7 +321,7 @@ func genSubGraph(graph *gographviz.Graph, cluster *gographviz.SubGraph, result * return nodes, nil } -func GenGraph(tf *opsv1alpha1.Traceflow) (string, error) { +func GenGraph(tf *crdv1alpha1.Traceflow) (string, error) { g, _ := gographviz.ParseString(`digraph G {}`) graph := gographviz.NewGraph() if err := gographviz.Analyse(g, graph); err != nil { @@ -337,10 +337,10 @@ func GenGraph(tf *opsv1alpha1.Traceflow) (string, error) { senderRst := getNodeResult(tf, isSender) receiverRst := getNodeResult(tf, isReceiver) - if tf.Status.Phase != opsv1alpha1.Succeeded { + if tf.Status.Phase != crdv1alpha1.Succeeded { graph.Attrs[gographviz.Label] = getTraceflowStatusMessage(tf) } - if tf == nil || senderRst == nil || tf.Status.Phase != opsv1alpha1.Succeeded || len(senderRst.Observations) == 0 { + if tf == nil || senderRst == nil || tf.Status.Phase != crdv1alpha1.Succeeded || len(senderRst.Observations) == 0 { return genOutput(graph, true), nil } @@ -361,7 +361,7 @@ func GenGraph(tf *opsv1alpha1.Traceflow) (string, error) { switch senderRst.Observations[len(senderRst.Observations)-1].Action { // If the last action of the sender is FORWARDED, // then the packet has been sent out by sender, implying that there is a disconnection. - case opsv1alpha1.Forwarded: + case crdv1alpha1.Forwarded: lastNode, err := createEndpointNodeWithDefaultStyle(graph, graph.Name, getDstNodeName(tf)) if err != nil { return "", err @@ -374,7 +374,7 @@ func GenGraph(tf *opsv1alpha1.Traceflow) (string, error) { if err != nil { return "", err } - case opsv1alpha1.Delivered: + case crdv1alpha1.Delivered: lastNode, err := createEndpointNodeWithDefaultStyle(graph, cluster1.Name, getDstNodeName(tf)) if err != nil { return "", err diff --git a/pkg/k8s/client.go b/pkg/k8s/client.go index 6cc25053c21..fb41cb46704 100644 --- a/pkg/k8s/client.go +++ b/pkg/k8s/client.go @@ -23,6 +23,7 @@ import ( aggregatorclientset "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset" crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" ) // CreateClients creates kube clients from the given config. @@ -68,3 +69,37 @@ func CreateClients(config componentbaseconfig.ClientConnectionConfiguration, kub } return client, aggregatorClient, crdClient, nil } + +// CreateLegacyCRD creates legacyCRD client from the given config. +func CreateLegacyCRDClient(config componentbaseconfig.ClientConnectionConfiguration, kubeAPIServerOverride string) (legacycrdclientset.Interface, error) { + var kubeConfig *rest.Config + var err error + + if len(config.Kubeconfig) == 0 { + klog.Info("No kubeconfig file was specified. Falling back to in-cluster config") + kubeConfig, err = rest.InClusterConfig() + } else { + kubeConfig, err = clientcmd.NewNonInteractiveDeferredLoadingClientConfig( + &clientcmd.ClientConfigLoadingRules{ExplicitPath: config.Kubeconfig}, + &clientcmd.ConfigOverrides{}).ClientConfig() + } + + if len(kubeAPIServerOverride) != 0 { + kubeConfig.Host = kubeAPIServerOverride + } + + if err != nil { + return nil, err + } + + kubeConfig.AcceptContentTypes = config.AcceptContentTypes + kubeConfig.ContentType = config.ContentType + kubeConfig.QPS = config.QPS + kubeConfig.Burst = int(config.Burst) + + legacyCrdClient, err := legacycrdclientset.NewForConfig(kubeConfig) + if err != nil { + return nil, err + } + return legacyCrdClient, nil +} diff --git a/pkg/apis/clusterinformation/v1beta1/doc.go b/pkg/legacyapis/clusterinformation/v1beta1/doc.go similarity index 100% rename from pkg/apis/clusterinformation/v1beta1/doc.go rename to pkg/legacyapis/clusterinformation/v1beta1/doc.go diff --git a/pkg/apis/clusterinformation/v1beta1/register.go b/pkg/legacyapis/clusterinformation/v1beta1/register.go similarity index 100% rename from pkg/apis/clusterinformation/v1beta1/register.go rename to pkg/legacyapis/clusterinformation/v1beta1/register.go diff --git a/pkg/legacyapis/clusterinformation/v1beta1/types.go b/pkg/legacyapis/clusterinformation/v1beta1/types.go new file mode 100644 index 00000000000..b1fa22852bd --- /dev/null +++ b/pkg/legacyapis/clusterinformation/v1beta1/types.go @@ -0,0 +1,73 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type AntreaAgentInfo struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Version string `json:"version,omitempty"` // Antrea binary version + PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Agent is running in + NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Agent is running in + NodeSubnets []string `json:"nodeSubnets,omitempty"` // Node subnets + OVSInfo crdv1beta1.OVSInfo `json:"ovsInfo,omitempty"` // OVS Information + NetworkPolicyControllerInfo crdv1beta1.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Agent NetworkPolicy information + LocalPodNum int32 `json:"localPodNum,omitempty"` // The number of Pods which the agent is in charge of + AgentConditions []crdv1beta1.AgentCondition `json:"agentConditions,omitempty"` // Agent condition contains types like AgentHealthy + APIPort int `json:"apiPort,omitempty"` // The port of antrea agent API Server +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type AntreaAgentInfoList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []AntreaAgentInfo `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type AntreaControllerInfo struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Version string `json:"version,omitempty"` // Antrea binary version + PodRef corev1.ObjectReference `json:"podRef,omitempty"` // The Pod that Antrea Controller is running in + NodeRef corev1.ObjectReference `json:"nodeRef,omitempty"` // The Node that Antrea Controller is running in + ServiceRef corev1.ObjectReference `json:"serviceRef,omitempty"` // Antrea Controller Service + NetworkPolicyControllerInfo crdv1beta1.NetworkPolicyControllerInfo `json:"networkPolicyControllerInfo,omitempty"` // Antrea Controller NetworkPolicy information + ConnectedAgentNum int32 `json:"connectedAgentNum,omitempty"` // Number of agents which are connected to this controller + ControllerConditions []crdv1beta1.ControllerCondition `json:"controllerConditions,omitempty"` // Controller condition contains types like ControllerHealthy + APIPort int `json:"apiPort,omitempty"` // The port of antrea controller API Server +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type AntreaControllerInfoList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []AntreaControllerInfo `json:"items"` +} diff --git a/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go b/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..169eb69f3a2 --- /dev/null +++ b/pkg/legacyapis/clusterinformation/v1beta1/zz_generated.deepcopy.go @@ -0,0 +1,169 @@ +// +build !ignore_autogenerated + +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1beta1 + +import ( + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AntreaAgentInfo) DeepCopyInto(out *AntreaAgentInfo) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.PodRef = in.PodRef + out.NodeRef = in.NodeRef + if in.NodeSubnets != nil { + in, out := &in.NodeSubnets, &out.NodeSubnets + *out = make([]string, len(*in)) + copy(*out, *in) + } + in.OVSInfo.DeepCopyInto(&out.OVSInfo) + out.NetworkPolicyControllerInfo = in.NetworkPolicyControllerInfo + if in.AgentConditions != nil { + in, out := &in.AgentConditions, &out.AgentConditions + *out = make([]crdv1beta1.AgentCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaAgentInfo. +func (in *AntreaAgentInfo) DeepCopy() *AntreaAgentInfo { + if in == nil { + return nil + } + out := new(AntreaAgentInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AntreaAgentInfo) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AntreaAgentInfoList) DeepCopyInto(out *AntreaAgentInfoList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AntreaAgentInfo, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaAgentInfoList. +func (in *AntreaAgentInfoList) DeepCopy() *AntreaAgentInfoList { + if in == nil { + return nil + } + out := new(AntreaAgentInfoList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AntreaAgentInfoList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AntreaControllerInfo) DeepCopyInto(out *AntreaControllerInfo) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.PodRef = in.PodRef + out.NodeRef = in.NodeRef + out.ServiceRef = in.ServiceRef + out.NetworkPolicyControllerInfo = in.NetworkPolicyControllerInfo + if in.ControllerConditions != nil { + in, out := &in.ControllerConditions, &out.ControllerConditions + *out = make([]crdv1beta1.ControllerCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaControllerInfo. +func (in *AntreaControllerInfo) DeepCopy() *AntreaControllerInfo { + if in == nil { + return nil + } + out := new(AntreaControllerInfo) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AntreaControllerInfo) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *AntreaControllerInfoList) DeepCopyInto(out *AntreaControllerInfoList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]AntreaControllerInfo, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AntreaControllerInfoList. +func (in *AntreaControllerInfoList) DeepCopy() *AntreaControllerInfoList { + if in == nil { + return nil + } + out := new(AntreaControllerInfoList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *AntreaControllerInfoList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/pkg/legacyapis/controlplane/doc.go b/pkg/legacyapis/controlplane/doc.go new file mode 100644 index 00000000000..ef2d47997be --- /dev/null +++ b/pkg/legacyapis/controlplane/doc.go @@ -0,0 +1,24 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:deepcopy-gen=package +// +groupName=controlplane.antrea.tanzu.vmware.com + +// Package controlplane contains the latest (or "internal") version of the Antrea +// NetworkPolicy API messages. This is the API messages as represented in memory. +// The contract presented to clients is located in the versioned packages, +// which are sub-directories. The first one is "v1beta1". +// The messages are generated based on the stored NetworkPolicy objects, i.e. +// the objects defined in antrea/pkg/controller/types/networkpolicy.go. +package controlplane diff --git a/pkg/legacyapis/controlplane/install/install.go b/pkg/legacyapis/controlplane/install/install.go new file mode 100644 index 00000000000..574b0c3086d --- /dev/null +++ b/pkg/legacyapis/controlplane/install/install.go @@ -0,0 +1,32 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane" + "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta2" +) + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + utilruntime.Must(controlplane.AddToScheme(scheme)) + utilruntime.Must(v1beta1.AddToScheme(scheme)) + utilruntime.Must(v1beta2.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1beta2.SchemeGroupVersion, v1beta1.SchemeGroupVersion)) +} diff --git a/pkg/legacyapis/controlplane/register.go b/pkg/legacyapis/controlplane/register.go new file mode 100644 index 00000000000..027b16d25f4 --- /dev/null +++ b/pkg/legacyapis/controlplane/register.go @@ -0,0 +1,64 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package controlplane + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + newcontrolplane "github.com/vmware-tanzu/antrea/pkg/apis/controlplane" +) + +// GroupName is the group name used in this package. +const GroupName = "controlplane.antrea.tanzu.vmware.com" + +// SchemeGroupVersion is group version used to register these objects. +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns a Group qualified GroupKind. +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder points to a list of functions added to Scheme. + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme applies all the stored functions to the scheme. + AddToScheme = SchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &newcontrolplane.AppliedToGroup{}, + &newcontrolplane.AppliedToGroupPatch{}, + &newcontrolplane.AppliedToGroupList{}, + &newcontrolplane.AddressGroup{}, + &newcontrolplane.AddressGroupPatch{}, + &newcontrolplane.AddressGroupList{}, + &newcontrolplane.NetworkPolicy{}, + &newcontrolplane.NetworkPolicyList{}, + &newcontrolplane.NetworkPolicyStatus{}, + &newcontrolplane.NodeStatsSummary{}, + &newcontrolplane.ClusterGroupMembers{}, + &newcontrolplane.GroupAssociation{}, + ) + return nil +} diff --git a/pkg/legacyapis/controlplane/v1beta1/doc.go b/pkg/legacyapis/controlplane/v1beta1/doc.go new file mode 100644 index 00000000000..73fe4910483 --- /dev/null +++ b/pkg/legacyapis/controlplane/v1beta1/doc.go @@ -0,0 +1,22 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:protobuf-gen=package +// +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/controlplane +// +groupName=controlplane.antrea.tanzu.vmware.com + +// Package v1beta1 is the v1beta1 version of the Antrea NetworkPolicy API messages. +package v1beta1 diff --git a/pkg/legacyapis/controlplane/v1beta1/register.go b/pkg/legacyapis/controlplane/v1beta1/register.go new file mode 100644 index 00000000000..b25ac7d5264 --- /dev/null +++ b/pkg/legacyapis/controlplane/v1beta1/register.go @@ -0,0 +1,60 @@ +// Copyright 2019 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" +) + +// GroupName is the group name used in this package. +const GroupName = "controlplane.antrea.tanzu.vmware.com" + +var ( + // SchemeGroupVersion is group version used to register these objects. + SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"} +) + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &v1beta2.AppliedToGroup{}, + &v1beta2.AppliedToGroupPatch{}, + &v1beta2.AppliedToGroupList{}, + &v1beta2.AddressGroup{}, + &v1beta2.AddressGroupPatch{}, + &v1beta2.AddressGroupList{}, + &v1beta2.NetworkPolicy{}, + &v1beta2.NetworkPolicyList{}, + &v1beta2.NodeStatsSummary{}, + ) + + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/networking/v1beta1/conversion.go b/pkg/legacyapis/controlplane/v1beta2/conversion.go similarity index 98% rename from pkg/apis/networking/v1beta1/conversion.go rename to pkg/legacyapis/controlplane/v1beta2/conversion.go index 254871b613c..1d4c6ce62b5 100644 --- a/pkg/apis/networking/v1beta1/conversion.go +++ b/pkg/legacyapis/controlplane/v1beta2/conversion.go @@ -12,7 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package v1beta1 +package v1beta2 import ( "fmt" diff --git a/pkg/legacyapis/controlplane/v1beta2/doc.go b/pkg/legacyapis/controlplane/v1beta2/doc.go new file mode 100644 index 00000000000..1acbfc59126 --- /dev/null +++ b/pkg/legacyapis/controlplane/v1beta2/doc.go @@ -0,0 +1,22 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:protobuf-gen=package +// +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/controlplane +// +groupName=controlplane.antrea.tanzu.vmware.com + +// Package v1beta2 is the v1beta2 version of the Antrea NetworkPolicy API messages. +package v1beta2 diff --git a/pkg/legacyapis/controlplane/v1beta2/register.go b/pkg/legacyapis/controlplane/v1beta2/register.go new file mode 100644 index 00000000000..0d6ce0b8bde --- /dev/null +++ b/pkg/legacyapis/controlplane/v1beta2/register.go @@ -0,0 +1,81 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" +) + +// GroupName is the group name used in this package. +const GroupName = "controlplane.antrea.tanzu.vmware.com" + +var ( + // SchemeGroupVersion is group version used to register these objects. + SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta2"} + + AppliedToGroupVersionResource = schema.GroupVersionResource{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Resource: "appliedtogroups"} + AddressGroupVersionResource = schema.GroupVersionResource{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Resource: "addressgroups"} + NetworkPolicyVersionResource = schema.GroupVersionResource{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Resource: "networkpolicies"} + GroupVersionResource = schema.GroupVersionResource{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Resource: "groups", + } +) + +// Resource takes an unqualified resource and returns a Group qualified GroupResource. +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +// Adds the list of known types to the given scheme. +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &v1beta2.AppliedToGroup{}, + &v1beta2.AppliedToGroupPatch{}, + &v1beta2.AppliedToGroupList{}, + &v1beta2.AddressGroup{}, + &v1beta2.AddressGroupPatch{}, + &v1beta2.AddressGroupList{}, + &v1beta2.NetworkPolicy{}, + &v1beta2.NetworkPolicyList{}, + &v1beta2.NetworkPolicyStatus{}, + &v1beta2.NodeStatsSummary{}, + &v1beta2.ClusterGroupMembers{}, + &v1beta2.GroupAssociation{}, + ) + + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/apis/core/doc.go b/pkg/legacyapis/core/doc.go similarity index 100% rename from pkg/apis/core/doc.go rename to pkg/legacyapis/core/doc.go diff --git a/pkg/apis/core/register.go b/pkg/legacyapis/core/register.go similarity index 100% rename from pkg/apis/core/register.go rename to pkg/legacyapis/core/register.go diff --git a/pkg/apis/core/v1alpha2/doc.go b/pkg/legacyapis/core/v1alpha2/doc.go similarity index 95% rename from pkg/apis/core/v1alpha2/doc.go rename to pkg/legacyapis/core/v1alpha2/doc.go index 61b109a303c..0174a21f723 100644 --- a/pkg/apis/core/v1alpha2/doc.go +++ b/pkg/legacyapis/core/v1alpha2/doc.go @@ -16,4 +16,4 @@ // +k8s:deepcopy-gen=package // +groupName=core.antrea.tanzu.vmware.com -package v1alpha2 // import "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" +package v1alpha2 // import "github.com/vmware-tanzu/antrea/pkg/apis/legacyclient/core/v1alpha2" diff --git a/pkg/apis/core/v1alpha2/register.go b/pkg/legacyapis/core/v1alpha2/register.go similarity index 100% rename from pkg/apis/core/v1alpha2/register.go rename to pkg/legacyapis/core/v1alpha2/register.go diff --git a/pkg/legacyapis/core/v1alpha2/types.go b/pkg/legacyapis/core/v1alpha2/types.go new file mode 100644 index 00000000000..5e49c826500 --- /dev/null +++ b/pkg/legacyapis/core/v1alpha2/types.go @@ -0,0 +1,67 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha2 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" +) + +// +genclient +// +genclient:noStatus +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ExternalEntity struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + // Desired state of the external entity. + Spec crdv1alpha2.ExternalEntitySpec `json:"spec,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ExternalEntityList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ExternalEntity `json:"items,omitempty"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterGroup struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + // Desired state of the group. + Spec crdv1alpha2.GroupSpec `json:"spec"` + // Most recently observed status of the group. + Status crdv1alpha2.GroupStatus `json:"status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterGroupList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ClusterGroup `json:"items,omitempty"` +} diff --git a/pkg/apis/core/v1alpha2/webhook.go b/pkg/legacyapis/core/v1alpha2/webhook.go similarity index 100% rename from pkg/apis/core/v1alpha2/webhook.go rename to pkg/legacyapis/core/v1alpha2/webhook.go diff --git a/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go b/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go new file mode 100644 index 00000000000..b56e2318c61 --- /dev/null +++ b/pkg/legacyapis/core/v1alpha2/zz_generated.deepcopy.go @@ -0,0 +1,144 @@ +// +build !ignore_autogenerated + +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterGroup) DeepCopyInto(out *ClusterGroup) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroup. +func (in *ClusterGroup) DeepCopy() *ClusterGroup { + if in == nil { + return nil + } + out := new(ClusterGroup) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterGroup) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterGroupList) DeepCopyInto(out *ClusterGroupList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ClusterGroup, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroupList. +func (in *ClusterGroupList) DeepCopy() *ClusterGroupList { + if in == nil { + return nil + } + out := new(ClusterGroupList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterGroupList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalEntity) DeepCopyInto(out *ExternalEntity) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEntity. +func (in *ExternalEntity) DeepCopy() *ExternalEntity { + if in == nil { + return nil + } + out := new(ExternalEntity) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ExternalEntity) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ExternalEntityList) DeepCopyInto(out *ExternalEntityList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ExternalEntity, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalEntityList. +func (in *ExternalEntityList) DeepCopy() *ExternalEntityList { + if in == nil { + return nil + } + out := new(ExternalEntityList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ExternalEntityList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/pkg/apis/networking/doc.go b/pkg/legacyapis/networking/doc.go similarity index 100% rename from pkg/apis/networking/doc.go rename to pkg/legacyapis/networking/doc.go diff --git a/pkg/apis/networking/install/install.go b/pkg/legacyapis/networking/install/install.go similarity index 88% rename from pkg/apis/networking/install/install.go rename to pkg/legacyapis/networking/install/install.go index a28aff0b8f4..d55261862f3 100644 --- a/pkg/apis/networking/install/install.go +++ b/pkg/legacyapis/networking/install/install.go @@ -18,8 +18,8 @@ import ( "k8s.io/apimachinery/pkg/runtime" utilruntime "k8s.io/apimachinery/pkg/util/runtime" - "github.com/vmware-tanzu/antrea/pkg/apis/networking" - "github.com/vmware-tanzu/antrea/pkg/apis/networking/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/legacyapis/networking" + "github.com/vmware-tanzu/antrea/pkg/legacyapis/networking/v1beta1" ) // Install registers the API group and adds types to a scheme diff --git a/pkg/apis/networking/register.go b/pkg/legacyapis/networking/register.go similarity index 100% rename from pkg/apis/networking/register.go rename to pkg/legacyapis/networking/register.go diff --git a/pkg/apis/networking/v1beta1/doc.go b/pkg/legacyapis/networking/v1beta1/doc.go similarity index 100% rename from pkg/apis/networking/v1beta1/doc.go rename to pkg/legacyapis/networking/v1beta1/doc.go diff --git a/pkg/apis/networking/v1beta1/register.go b/pkg/legacyapis/networking/v1beta1/register.go similarity index 100% rename from pkg/apis/networking/v1beta1/register.go rename to pkg/legacyapis/networking/v1beta1/register.go diff --git a/pkg/apis/ops/v1alpha1/doc.go b/pkg/legacyapis/ops/v1alpha1/doc.go similarity index 100% rename from pkg/apis/ops/v1alpha1/doc.go rename to pkg/legacyapis/ops/v1alpha1/doc.go diff --git a/pkg/apis/ops/v1alpha1/register.go b/pkg/legacyapis/ops/v1alpha1/register.go similarity index 100% rename from pkg/apis/ops/v1alpha1/register.go rename to pkg/legacyapis/ops/v1alpha1/register.go diff --git a/pkg/legacyapis/ops/v1alpha1/types.go b/pkg/legacyapis/ops/v1alpha1/types.go new file mode 100644 index 00000000000..0120577669e --- /dev/null +++ b/pkg/legacyapis/ops/v1alpha1/types.go @@ -0,0 +1,40 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" +) + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type Traceflow struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + + Spec v1alpha1.TraceflowSpec `json:"spec,omitempty"` + Status v1alpha1.TraceflowStatus `json:"status,omitempty"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +type TraceflowList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + + Items []Traceflow `json:"items"` +} diff --git a/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go b/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..41ebb2194e8 --- /dev/null +++ b/pkg/legacyapis/ops/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,84 @@ +// +build !ignore_autogenerated + +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Traceflow) DeepCopyInto(out *Traceflow) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Traceflow. +func (in *Traceflow) DeepCopy() *Traceflow { + if in == nil { + return nil + } + out := new(Traceflow) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Traceflow) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TraceflowList) DeepCopyInto(out *TraceflowList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Traceflow, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TraceflowList. +func (in *TraceflowList) DeepCopy() *TraceflowList { + if in == nil { + return nil + } + out := new(TraceflowList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TraceflowList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/pkg/apis/security/doc.go b/pkg/legacyapis/security/doc.go similarity index 100% rename from pkg/apis/security/doc.go rename to pkg/legacyapis/security/doc.go diff --git a/pkg/apis/security/register.go b/pkg/legacyapis/security/register.go similarity index 100% rename from pkg/apis/security/register.go rename to pkg/legacyapis/security/register.go diff --git a/pkg/apis/security/v1alpha1/doc.go b/pkg/legacyapis/security/v1alpha1/doc.go similarity index 100% rename from pkg/apis/security/v1alpha1/doc.go rename to pkg/legacyapis/security/v1alpha1/doc.go diff --git a/pkg/apis/security/v1alpha1/register.go b/pkg/legacyapis/security/v1alpha1/register.go similarity index 100% rename from pkg/apis/security/v1alpha1/register.go rename to pkg/legacyapis/security/v1alpha1/register.go diff --git a/pkg/legacyapis/security/v1alpha1/types.go b/pkg/legacyapis/security/v1alpha1/types.go new file mode 100644 index 00000000000..d9a0dfd1f21 --- /dev/null +++ b/pkg/legacyapis/security/v1alpha1/types.go @@ -0,0 +1,94 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" +) + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type NetworkPolicy struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Specification of the desired behavior of NetworkPolicy. + Spec v1alpha1.NetworkPolicySpec `json:"spec"` + // Most recently observed status of the NetworkPolicy. + Status v1alpha1.NetworkPolicyStatus `json:"status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type NetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []NetworkPolicy `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterNetworkPolicy struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Specification of the desired behavior of ClusterNetworkPolicy. + Spec v1alpha1.ClusterNetworkPolicySpec `json:"spec"` + // Most recently observed status of the NetworkPolicy. + Status v1alpha1.NetworkPolicyStatus `json:"status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterNetworkPolicyList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ClusterNetworkPolicy `json:"items"` +} + +// +genclient +// +genclient:nonNamespaced +// +genclient:noStatus +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type Tier struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Specification of the desired behavior of Tier. + Spec v1alpha1.TierSpec `json:"spec"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type TierList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []Tier `json:"items"` +} diff --git a/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go b/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go new file mode 100644 index 00000000000..6bb79b6d223 --- /dev/null +++ b/pkg/legacyapis/security/v1alpha1/zz_generated.deepcopy.go @@ -0,0 +1,205 @@ +// +build !ignore_autogenerated + +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by deepcopy-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + runtime "k8s.io/apimachinery/pkg/runtime" +) + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterNetworkPolicy) DeepCopyInto(out *ClusterNetworkPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetworkPolicy. +func (in *ClusterNetworkPolicy) DeepCopy() *ClusterNetworkPolicy { + if in == nil { + return nil + } + out := new(ClusterNetworkPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterNetworkPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterNetworkPolicyList) DeepCopyInto(out *ClusterNetworkPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ClusterNetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterNetworkPolicyList. +func (in *ClusterNetworkPolicyList) DeepCopy() *ClusterNetworkPolicyList { + if in == nil { + return nil + } + out := new(ClusterNetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterNetworkPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicy) DeepCopyInto(out *NetworkPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + out.Status = in.Status + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicy. +func (in *NetworkPolicy) DeepCopy() *NetworkPolicy { + if in == nil { + return nil + } + out := new(NetworkPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *NetworkPolicyList) DeepCopyInto(out *NetworkPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]NetworkPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NetworkPolicyList. +func (in *NetworkPolicyList) DeepCopy() *NetworkPolicyList { + if in == nil { + return nil + } + out := new(NetworkPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *NetworkPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Tier) DeepCopyInto(out *Tier) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + out.Spec = in.Spec + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tier. +func (in *Tier) DeepCopy() *Tier { + if in == nil { + return nil + } + out := new(Tier) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Tier) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TierList) DeepCopyInto(out *TierList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Tier, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TierList. +func (in *TierList) DeepCopy() *TierList { + if in == nil { + return nil + } + out := new(TierList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *TierList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} diff --git a/pkg/legacyapis/stats/doc.go b/pkg/legacyapis/stats/doc.go new file mode 100644 index 00000000000..29c41dc8264 --- /dev/null +++ b/pkg/legacyapis/stats/doc.go @@ -0,0 +1,21 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:deepcopy-gen=package +// +groupName=stats.antrea.tanzu.vmware.com + +// Package stats is the internal version of the Antrea Stats API. +// Refer to https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api_changes.md doc +// for more information. +package stats diff --git a/pkg/legacyapis/stats/install/install.go b/pkg/legacyapis/stats/install/install.go new file mode 100644 index 00000000000..b769a39a9ff --- /dev/null +++ b/pkg/legacyapis/stats/install/install.go @@ -0,0 +1,30 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats" + "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats/v1alpha1" +) + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + utilruntime.Must(stats.AddToScheme(scheme)) + utilruntime.Must(v1alpha1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1alpha1.SchemeGroupVersion)) +} diff --git a/pkg/legacyapis/stats/register.go b/pkg/legacyapis/stats/register.go new file mode 100644 index 00000000000..f475c59f2de --- /dev/null +++ b/pkg/legacyapis/stats/register.go @@ -0,0 +1,57 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package stats + +import ( + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + newstats "github.com/vmware-tanzu/antrea/pkg/apis/stats" +) + +// GroupName is the group name use in this package +const GroupName = "stats.antrea.tanzu.vmware.com" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal} + +// Kind takes an unqualified kind and returns back a Group qualified GroupKind +func Kind(kind string) schema.GroupKind { + return SchemeGroupVersion.WithKind(kind).GroupKind() +} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder points to a list of functions added to Scheme. + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme applies all the stored functions to the scheme. + AddToScheme = SchemeBuilder.AddToScheme +) + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &newstats.AntreaClusterNetworkPolicyStats{}, + &newstats.AntreaClusterNetworkPolicyStatsList{}, + &newstats.AntreaNetworkPolicyStats{}, + &newstats.AntreaNetworkPolicyStatsList{}, + &newstats.NetworkPolicyStats{}, + &newstats.NetworkPolicyStatsList{}, + ) + return nil +} diff --git a/pkg/legacyapis/stats/v1alpha1/doc.go b/pkg/legacyapis/stats/v1alpha1/doc.go new file mode 100644 index 00000000000..d93613fed17 --- /dev/null +++ b/pkg/legacyapis/stats/v1alpha1/doc.go @@ -0,0 +1,22 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:protobuf-gen=package +// +k8s:conversion-gen=github.com/vmware-tanzu/antrea/pkg/apis/stats +// +groupName=stats.antrea.tanzu.vmware.com + +// Package v1alpha1 is the v1alpha1 version of the Antrea Stats API. +package v1alpha1 diff --git a/pkg/legacyapis/stats/v1alpha1/register.go b/pkg/legacyapis/stats/v1alpha1/register.go new file mode 100644 index 00000000000..fedcb452e4c --- /dev/null +++ b/pkg/legacyapis/stats/v1alpha1/register.go @@ -0,0 +1,54 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1alpha1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + "github.com/vmware-tanzu/antrea/pkg/apis/stats/v1alpha1" +) + +// GroupName is the group name use in this package +const GroupName = "stats.antrea.tanzu.vmware.com" + +// SchemeGroupVersion is group version used to register these objects +var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"} + +// Resource takes an unqualified resource and returns a Group qualified GroupResource +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +var ( + // SchemeBuilder points to a list of functions added to Scheme. + SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) + // AddToScheme applies all the stored functions to the scheme. + AddToScheme = SchemeBuilder.AddToScheme +) + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes(SchemeGroupVersion, + &v1alpha1.AntreaClusterNetworkPolicyStats{}, + &v1alpha1.AntreaClusterNetworkPolicyStatsList{}, + &v1alpha1.AntreaNetworkPolicyStats{}, + &v1alpha1.AntreaNetworkPolicyStatsList{}, + &v1alpha1.NetworkPolicyStats{}, + &v1alpha1.NetworkPolicyStatsList{}, + ) + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/legacyapis/system/doc.go b/pkg/legacyapis/system/doc.go new file mode 100644 index 00000000000..27578102f06 --- /dev/null +++ b/pkg/legacyapis/system/doc.go @@ -0,0 +1,19 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package system contains the Antrea "system" API group definitions. +// The contract presented to clients is located in the versioned packages, +// which are sub-directories. Right now, only version "v1beta1" is supported +// for the API group; the internal version is not needed. +package system diff --git a/pkg/legacyapis/system/install/install.go b/pkg/legacyapis/system/install/install.go new file mode 100644 index 00000000000..84f7c3e224c --- /dev/null +++ b/pkg/legacyapis/system/install/install.go @@ -0,0 +1,28 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package install + +import ( + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + + "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/v1beta1" +) + +// Install registers the API group and adds types to a scheme +func Install(scheme *runtime.Scheme) { + utilruntime.Must(v1beta1.AddToScheme(scheme)) + utilruntime.Must(scheme.SetVersionPriority(v1beta1.SchemeGroupVersion)) +} diff --git a/pkg/legacyapis/system/v1beta1/doc.go b/pkg/legacyapis/system/v1beta1/doc.go new file mode 100644 index 00000000000..d0c483ed44e --- /dev/null +++ b/pkg/legacyapis/system/v1beta1/doc.go @@ -0,0 +1,22 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +k8s:openapi-gen=true +// +k8s:deepcopy-gen=package +// +k8s:defaulter-gen=TypeMeta +// +groupName=system.antrea.tanzu.vmware.com + +// Package v1beta1 contains the v1beta1 version of the Antrea "system" API +// group definitions. +package v1beta1 diff --git a/pkg/legacyapis/system/v1beta1/register.go b/pkg/legacyapis/system/v1beta1/register.go new file mode 100644 index 00000000000..02ebf074c80 --- /dev/null +++ b/pkg/legacyapis/system/v1beta1/register.go @@ -0,0 +1,63 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + crdv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/system/v1beta1" +) + +const GroupName = "system.antrea.tanzu.vmware.com" + +var ( + SchemeGroupVersion = schema.GroupVersion{ + Group: GroupName, + Version: "v1beta1"} + + ControllerInfoVersionResource = schema.GroupVersionResource{ + Group: SchemeGroupVersion.Group, + Version: SchemeGroupVersion.Version, + Resource: "controllerinfos"} +) + +var ( + SchemeBuilder runtime.SchemeBuilder + localSchemeBuilder = &SchemeBuilder + AddToScheme = localSchemeBuilder.AddToScheme +) + +func init() { + localSchemeBuilder.Register(addKnownTypes) +} + +func Resource(resource string) schema.GroupResource { + return SchemeGroupVersion.WithResource(resource).GroupResource() +} + +func addKnownTypes(scheme *runtime.Scheme) error { + scheme.AddKnownTypes( + SchemeGroupVersion, + &crdv1beta1.AntreaControllerInfo{}, + &crdv1beta1.AntreaControllerInfoList{}, + &v1beta1.SupportBundle{}, + ) + + metav1.AddToGroupVersion(scheme, SchemeGroupVersion) + return nil +} diff --git a/pkg/legacyclient/clientset/versioned/clientset.go b/pkg/legacyclient/clientset/versioned/clientset.go new file mode 100644 index 00000000000..a05843fea48 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/clientset.go @@ -0,0 +1,193 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package versioned + +import ( + "fmt" + + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" + controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1" + controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" + statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1" + systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1" + discovery "k8s.io/client-go/discovery" + rest "k8s.io/client-go/rest" + flowcontrol "k8s.io/client-go/util/flowcontrol" +) + +type Interface interface { + Discovery() discovery.DiscoveryInterface + ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface + ControlplaneV1beta1() controlplanev1beta1.ControlplaneV1beta1Interface + ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface + CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface + OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface + SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface + StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface + SystemV1beta1() systemv1beta1.SystemV1beta1Interface +} + +// Clientset contains the clients for groups. Each group has exactly one +// version included in a Clientset. +type Clientset struct { + *discovery.DiscoveryClient + clusterinformationV1beta1 *clusterinformationv1beta1.ClusterinformationV1beta1Client + controlplaneV1beta1 *controlplanev1beta1.ControlplaneV1beta1Client + controlplaneV1beta2 *controlplanev1beta2.ControlplaneV1beta2Client + coreV1alpha2 *corev1alpha2.CoreV1alpha2Client + opsV1alpha1 *opsv1alpha1.OpsV1alpha1Client + securityV1alpha1 *securityv1alpha1.SecurityV1alpha1Client + statsV1alpha1 *statsv1alpha1.StatsV1alpha1Client + systemV1beta1 *systemv1beta1.SystemV1beta1Client +} + +// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client +func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { + return c.clusterinformationV1beta1 +} + +// ControlplaneV1beta1 retrieves the ControlplaneV1beta1Client +func (c *Clientset) ControlplaneV1beta1() controlplanev1beta1.ControlplaneV1beta1Interface { + return c.controlplaneV1beta1 +} + +// ControlplaneV1beta2 retrieves the ControlplaneV1beta2Client +func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface { + return c.controlplaneV1beta2 +} + +// CoreV1alpha2 retrieves the CoreV1alpha2Client +func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { + return c.coreV1alpha2 +} + +// OpsV1alpha1 retrieves the OpsV1alpha1Client +func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { + return c.opsV1alpha1 +} + +// SecurityV1alpha1 retrieves the SecurityV1alpha1Client +func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { + return c.securityV1alpha1 +} + +// StatsV1alpha1 retrieves the StatsV1alpha1Client +func (c *Clientset) StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface { + return c.statsV1alpha1 +} + +// SystemV1beta1 retrieves the SystemV1beta1Client +func (c *Clientset) SystemV1beta1() systemv1beta1.SystemV1beta1Interface { + return c.systemV1beta1 +} + +// Discovery retrieves the DiscoveryClient +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + if c == nil { + return nil + } + return c.DiscoveryClient +} + +// NewForConfig creates a new Clientset for the given config. +// If config's RateLimiter is not set and QPS and Burst are acceptable, +// NewForConfig will generate a rate-limiter in configShallowCopy. +func NewForConfig(c *rest.Config) (*Clientset, error) { + configShallowCopy := *c + if configShallowCopy.RateLimiter == nil && configShallowCopy.QPS > 0 { + if configShallowCopy.Burst <= 0 { + return nil, fmt.Errorf("burst is required to be greater than 0 when RateLimiter is not set and QPS is set to greater than 0") + } + configShallowCopy.RateLimiter = flowcontrol.NewTokenBucketRateLimiter(configShallowCopy.QPS, configShallowCopy.Burst) + } + var cs Clientset + var err error + cs.clusterinformationV1beta1, err = clusterinformationv1beta1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.controlplaneV1beta1, err = controlplanev1beta1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.controlplaneV1beta2, err = controlplanev1beta2.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.coreV1alpha2, err = corev1alpha2.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.opsV1alpha1, err = opsv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.securityV1alpha1, err = securityv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.statsV1alpha1, err = statsv1alpha1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + cs.systemV1beta1, err = systemv1beta1.NewForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + + cs.DiscoveryClient, err = discovery.NewDiscoveryClientForConfig(&configShallowCopy) + if err != nil { + return nil, err + } + return &cs, nil +} + +// NewForConfigOrDie creates a new Clientset for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *Clientset { + var cs Clientset + cs.clusterinformationV1beta1 = clusterinformationv1beta1.NewForConfigOrDie(c) + cs.controlplaneV1beta1 = controlplanev1beta1.NewForConfigOrDie(c) + cs.controlplaneV1beta2 = controlplanev1beta2.NewForConfigOrDie(c) + cs.coreV1alpha2 = corev1alpha2.NewForConfigOrDie(c) + cs.opsV1alpha1 = opsv1alpha1.NewForConfigOrDie(c) + cs.securityV1alpha1 = securityv1alpha1.NewForConfigOrDie(c) + cs.statsV1alpha1 = statsv1alpha1.NewForConfigOrDie(c) + cs.systemV1beta1 = systemv1beta1.NewForConfigOrDie(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClientForConfigOrDie(c) + return &cs +} + +// New creates a new Clientset for the given RESTClient. +func New(c rest.Interface) *Clientset { + var cs Clientset + cs.clusterinformationV1beta1 = clusterinformationv1beta1.New(c) + cs.controlplaneV1beta1 = controlplanev1beta1.New(c) + cs.controlplaneV1beta2 = controlplanev1beta2.New(c) + cs.coreV1alpha2 = corev1alpha2.New(c) + cs.opsV1alpha1 = opsv1alpha1.New(c) + cs.securityV1alpha1 = securityv1alpha1.New(c) + cs.statsV1alpha1 = statsv1alpha1.New(c) + cs.systemV1beta1 = systemv1beta1.New(c) + + cs.DiscoveryClient = discovery.NewDiscoveryClient(c) + return &cs +} diff --git a/pkg/legacyclient/clientset/versioned/doc.go b/pkg/legacyclient/clientset/versioned/doc.go new file mode 100644 index 00000000000..03053156dc6 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated clientset. +package versioned diff --git a/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go b/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go new file mode 100644 index 00000000000..26b3b8d4ea4 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/fake/clientset_generated.go @@ -0,0 +1,129 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" + fakeclusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake" + controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1" + fakecontrolplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake" + controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2" + fakecontrolplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" + fakecorev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake" + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" + fakeopsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" + fakesecurityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake" + statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1" + fakestatsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake" + systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1" + fakesystemv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/watch" + "k8s.io/client-go/discovery" + fakediscovery "k8s.io/client-go/discovery/fake" + "k8s.io/client-go/testing" +) + +// NewSimpleClientset returns a clientset that will respond with the provided objects. +// It's backed by a very simple object tracker that processes creates, updates and deletions as-is, +// without applying any validations and/or defaults. It shouldn't be considered a replacement +// for a real clientset and is mostly useful in simple unit tests. +func NewSimpleClientset(objects ...runtime.Object) *Clientset { + o := testing.NewObjectTracker(scheme, codecs.UniversalDecoder()) + for _, obj := range objects { + if err := o.Add(obj); err != nil { + panic(err) + } + } + + cs := &Clientset{tracker: o} + cs.discovery = &fakediscovery.FakeDiscovery{Fake: &cs.Fake} + cs.AddReactor("*", "*", testing.ObjectReaction(o)) + cs.AddWatchReactor("*", func(action testing.Action) (handled bool, ret watch.Interface, err error) { + gvr := action.GetResource() + ns := action.GetNamespace() + watch, err := o.Watch(gvr, ns) + if err != nil { + return false, nil, err + } + return true, watch, nil + }) + + return cs +} + +// Clientset implements clientset.Interface. Meant to be embedded into a +// struct to get a default implementation. This makes faking out just the method +// you want to test easier. +type Clientset struct { + testing.Fake + discovery *fakediscovery.FakeDiscovery + tracker testing.ObjectTracker +} + +func (c *Clientset) Discovery() discovery.DiscoveryInterface { + return c.discovery +} + +func (c *Clientset) Tracker() testing.ObjectTracker { + return c.tracker +} + +var _ clientset.Interface = &Clientset{} + +// ClusterinformationV1beta1 retrieves the ClusterinformationV1beta1Client +func (c *Clientset) ClusterinformationV1beta1() clusterinformationv1beta1.ClusterinformationV1beta1Interface { + return &fakeclusterinformationv1beta1.FakeClusterinformationV1beta1{Fake: &c.Fake} +} + +// ControlplaneV1beta1 retrieves the ControlplaneV1beta1Client +func (c *Clientset) ControlplaneV1beta1() controlplanev1beta1.ControlplaneV1beta1Interface { + return &fakecontrolplanev1beta1.FakeControlplaneV1beta1{Fake: &c.Fake} +} + +// ControlplaneV1beta2 retrieves the ControlplaneV1beta2Client +func (c *Clientset) ControlplaneV1beta2() controlplanev1beta2.ControlplaneV1beta2Interface { + return &fakecontrolplanev1beta2.FakeControlplaneV1beta2{Fake: &c.Fake} +} + +// CoreV1alpha2 retrieves the CoreV1alpha2Client +func (c *Clientset) CoreV1alpha2() corev1alpha2.CoreV1alpha2Interface { + return &fakecorev1alpha2.FakeCoreV1alpha2{Fake: &c.Fake} +} + +// OpsV1alpha1 retrieves the OpsV1alpha1Client +func (c *Clientset) OpsV1alpha1() opsv1alpha1.OpsV1alpha1Interface { + return &fakeopsv1alpha1.FakeOpsV1alpha1{Fake: &c.Fake} +} + +// SecurityV1alpha1 retrieves the SecurityV1alpha1Client +func (c *Clientset) SecurityV1alpha1() securityv1alpha1.SecurityV1alpha1Interface { + return &fakesecurityv1alpha1.FakeSecurityV1alpha1{Fake: &c.Fake} +} + +// StatsV1alpha1 retrieves the StatsV1alpha1Client +func (c *Clientset) StatsV1alpha1() statsv1alpha1.StatsV1alpha1Interface { + return &fakestatsv1alpha1.FakeStatsV1alpha1{Fake: &c.Fake} +} + +// SystemV1beta1 retrieves the SystemV1beta1Client +func (c *Clientset) SystemV1beta1() systemv1beta1.SystemV1beta1Interface { + return &fakesystemv1beta1.FakeSystemV1beta1{Fake: &c.Fake} +} diff --git a/pkg/legacyclient/clientset/versioned/fake/doc.go b/pkg/legacyclient/clientset/versioned/fake/doc.go new file mode 100644 index 00000000000..86d0cd17555 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated fake clientset. +package fake diff --git a/pkg/legacyclient/clientset/versioned/fake/register.go b/pkg/legacyclient/clientset/versioned/fake/register.go new file mode 100644 index 00000000000..9f066969a09 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/fake/register.go @@ -0,0 +1,68 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta1" + controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta2" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats/v1alpha1" + systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var scheme = runtime.NewScheme() +var codecs = serializer.NewCodecFactory(scheme) +var parameterCodec = runtime.NewParameterCodec(scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + clusterinformationv1beta1.AddToScheme, + controlplanev1beta1.AddToScheme, + controlplanev1beta2.AddToScheme, + corev1alpha2.AddToScheme, + opsv1alpha1.AddToScheme, + securityv1alpha1.AddToScheme, + statsv1alpha1.AddToScheme, + systemv1beta1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(scheme)) +} diff --git a/pkg/legacyclient/clientset/versioned/scheme/doc.go b/pkg/legacyclient/clientset/versioned/scheme/doc.go new file mode 100644 index 00000000000..766321fd9cd --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/scheme/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package contains the scheme of the automatically generated clientset. +package scheme diff --git a/pkg/legacyclient/clientset/versioned/scheme/register.go b/pkg/legacyclient/clientset/versioned/scheme/register.go new file mode 100644 index 00000000000..d157f01d9df --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/scheme/register.go @@ -0,0 +1,68 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package scheme + +import ( + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + controlplanev1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta1" + controlplanev1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta2" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + statsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats/v1alpha1" + systemv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + serializer "k8s.io/apimachinery/pkg/runtime/serializer" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" +) + +var Scheme = runtime.NewScheme() +var Codecs = serializer.NewCodecFactory(Scheme) +var ParameterCodec = runtime.NewParameterCodec(Scheme) +var localSchemeBuilder = runtime.SchemeBuilder{ + clusterinformationv1beta1.AddToScheme, + controlplanev1beta1.AddToScheme, + controlplanev1beta2.AddToScheme, + corev1alpha2.AddToScheme, + opsv1alpha1.AddToScheme, + securityv1alpha1.AddToScheme, + statsv1alpha1.AddToScheme, + systemv1beta1.AddToScheme, +} + +// AddToScheme adds all types of this clientset into the given scheme. This allows composition +// of clientsets, like in: +// +// import ( +// "k8s.io/client-go/kubernetes" +// clientsetscheme "k8s.io/client-go/kubernetes/scheme" +// aggregatorclientsetscheme "k8s.io/kube-aggregator/pkg/client/clientset_generated/clientset/scheme" +// ) +// +// kclientset, _ := kubernetes.NewForConfig(c) +// _ = aggregatorclientsetscheme.AddToScheme(clientsetscheme.Scheme) +// +// After this, RawExtensions in Kubernetes types will serialize kube-aggregator types +// correctly. +var AddToScheme = localSchemeBuilder.AddToScheme + +func init() { + v1.AddToGroupVersion(Scheme, schema.GroupVersion{Version: "v1"}) + utilruntime.Must(AddToScheme(Scheme)) +} diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go new file mode 100644 index 00000000000..f56996c6975 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreaagentinfo.go @@ -0,0 +1,166 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// AntreaAgentInfosGetter has a method to return a AntreaAgentInfoInterface. +// A group's client should implement this interface. +type AntreaAgentInfosGetter interface { + AntreaAgentInfos() AntreaAgentInfoInterface +} + +// AntreaAgentInfoInterface has methods to work with AntreaAgentInfo resources. +type AntreaAgentInfoInterface interface { + Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (*v1beta1.AntreaAgentInfo, error) + Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (*v1beta1.AntreaAgentInfo, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.AntreaAgentInfo, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.AntreaAgentInfoList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) + AntreaAgentInfoExpansion +} + +// antreaAgentInfos implements AntreaAgentInfoInterface +type antreaAgentInfos struct { + client rest.Interface +} + +// newAntreaAgentInfos returns a AntreaAgentInfos +func newAntreaAgentInfos(c *ClusterinformationV1beta1Client) *antreaAgentInfos { + return &antreaAgentInfos{ + client: c.RESTClient(), + } +} + +// Get takes name of the antreaAgentInfo, and returns the corresponding antreaAgentInfo object, and an error if there is any. +func (c *antreaAgentInfos) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.AntreaAgentInfo, err error) { + result = &v1beta1.AntreaAgentInfo{} + err = c.client.Get(). + Resource("antreaagentinfos"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of AntreaAgentInfos that match those selectors. +func (c *antreaAgentInfos) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.AntreaAgentInfoList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.AntreaAgentInfoList{} + err = c.client.Get(). + Resource("antreaagentinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested antreaAgentInfos. +func (c *antreaAgentInfos) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("antreaagentinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a antreaAgentInfo and creates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. +func (c *antreaAgentInfos) Create(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.CreateOptions) (result *v1beta1.AntreaAgentInfo, err error) { + result = &v1beta1.AntreaAgentInfo{} + err = c.client.Post(). + Resource("antreaagentinfos"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(antreaAgentInfo). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a antreaAgentInfo and updates it. Returns the server's representation of the antreaAgentInfo, and an error, if there is any. +func (c *antreaAgentInfos) Update(ctx context.Context, antreaAgentInfo *v1beta1.AntreaAgentInfo, opts v1.UpdateOptions) (result *v1beta1.AntreaAgentInfo, err error) { + result = &v1beta1.AntreaAgentInfo{} + err = c.client.Put(). + Resource("antreaagentinfos"). + Name(antreaAgentInfo.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(antreaAgentInfo). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the antreaAgentInfo and deletes it. Returns an error if one occurs. +func (c *antreaAgentInfos) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("antreaagentinfos"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *antreaAgentInfos) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("antreaagentinfos"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched antreaAgentInfo. +func (c *antreaAgentInfos) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.AntreaAgentInfo, err error) { + result = &v1beta1.AntreaAgentInfo{} + err = c.client.Patch(pt). + Resource("antreaagentinfos"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go similarity index 96% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go index 282d9aa0b1b..23fb5d50be2 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/antreacontrollerinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,8 +20,8 @@ import ( "context" "time" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" - scheme "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" types "k8s.io/apimachinery/pkg/types" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go similarity index 93% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go index 245ace2e788..beabbcc1e4a 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/clusterinformation_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package v1beta1 import ( - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" - "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go new file mode 100644 index 00000000000..c41ac51a831 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1beta1 diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go index ed1b262831b..5807b680f75 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go similarity index 97% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go index 2d8f77ba598..12c1ca97619 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreaagentinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go similarity index 97% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go index 84d133d22c1..e7d53bb26ee 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_antreacontrollerinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go similarity index 89% rename from pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go rename to pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go index c651fbae83a..27f2c0fb9b3 100644 --- a/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/fake/fake_clusterinformation_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package fake import ( - v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/clusterinformation/v1beta1" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go new file mode 100644 index 00000000000..9e4c79f4934 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/clusterinformation/v1beta1/generated_expansion.go @@ -0,0 +1,21 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +type AntreaAgentInfoExpansion interface{} + +type AntreaControllerInfoExpansion interface{} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go new file mode 100644 index 00000000000..3338118db9f --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/controlplane_client.go @@ -0,0 +1,82 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ControlplaneV1beta1Interface interface { + RESTClient() rest.Interface +} + +// ControlplaneV1beta1Client is used to interact with features provided by the controlplane.antrea.tanzu.vmware.com group. +type ControlplaneV1beta1Client struct { + restClient rest.Interface +} + +// NewForConfig creates a new ControlplaneV1beta1Client for the given config. +func NewForConfig(c *rest.Config) (*ControlplaneV1beta1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ControlplaneV1beta1Client{client}, nil +} + +// NewForConfigOrDie creates a new ControlplaneV1beta1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ControlplaneV1beta1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ControlplaneV1beta1Client for the given RESTClient. +func New(c rest.Interface) *ControlplaneV1beta1Client { + return &ControlplaneV1beta1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1beta1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ControlplaneV1beta1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/doc.go new file mode 100644 index 00000000000..c41ac51a831 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go new file mode 100644 index 00000000000..a9feaf0b0f2 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/fake/fake_controlplane_client.go @@ -0,0 +1,33 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeControlplaneV1beta1 struct { + *testing.Fake +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeControlplaneV1beta1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go new file mode 100644 index 00000000000..54dd65ae4ae --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta1/generated_expansion.go @@ -0,0 +1,17 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go new file mode 100644 index 00000000000..2a5855a5945 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/controlplane_client.go @@ -0,0 +1,82 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta2 + +import ( + v1beta2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/controlplane/v1beta2" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type ControlplaneV1beta2Interface interface { + RESTClient() rest.Interface +} + +// ControlplaneV1beta2Client is used to interact with features provided by the controlplane.antrea.tanzu.vmware.com group. +type ControlplaneV1beta2Client struct { + restClient rest.Interface +} + +// NewForConfig creates a new ControlplaneV1beta2Client for the given config. +func NewForConfig(c *rest.Config) (*ControlplaneV1beta2Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &ControlplaneV1beta2Client{client}, nil +} + +// NewForConfigOrDie creates a new ControlplaneV1beta2Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *ControlplaneV1beta2Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new ControlplaneV1beta2Client for the given RESTClient. +func New(c rest.Interface) *ControlplaneV1beta2Client { + return &ControlplaneV1beta2Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1beta2.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *ControlplaneV1beta2Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go new file mode 100644 index 00000000000..09fba3d1c4d --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1beta2 diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go new file mode 100644 index 00000000000..6731fe0c904 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/fake/fake_controlplane_client.go @@ -0,0 +1,33 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeControlplaneV1beta2 struct { + *testing.Fake +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeControlplaneV1beta2) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go new file mode 100644 index 00000000000..6291517f207 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/controlplane/v1beta2/generated_expansion.go @@ -0,0 +1,17 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta2 diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go new file mode 100644 index 00000000000..da86ef09aaf --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/clustergroup.go @@ -0,0 +1,182 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + "time" + + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterGroupsGetter has a method to return a ClusterGroupInterface. +// A group's client should implement this interface. +type ClusterGroupsGetter interface { + ClusterGroups() ClusterGroupInterface +} + +// ClusterGroupInterface has methods to work with ClusterGroup resources. +type ClusterGroupInterface interface { + Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (*v1alpha2.ClusterGroup, error) + Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) + UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (*v1alpha2.ClusterGroup, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.ClusterGroup, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ClusterGroupList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) + ClusterGroupExpansion +} + +// clusterGroups implements ClusterGroupInterface +type clusterGroups struct { + client rest.Interface +} + +// newClusterGroups returns a ClusterGroups +func newClusterGroups(c *CoreV1alpha2Client) *clusterGroups { + return &clusterGroups{ + client: c.RESTClient(), + } +} + +// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. +func (c *clusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ClusterGroup, err error) { + result = &v1alpha2.ClusterGroup{} + err = c.client.Get(). + Resource("clustergroups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. +func (c *clusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ClusterGroupList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha2.ClusterGroupList{} + err = c.client.Get(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterGroups. +func (c *clusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *clusterGroups) Create(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.CreateOptions) (result *v1alpha2.ClusterGroup, err error) { + result = &v1alpha2.ClusterGroup{} + err = c.client.Post(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *clusterGroups) Update(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { + result = &v1alpha2.ClusterGroup{} + err = c.client.Put(). + Resource("clustergroups"). + Name(clusterGroup.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *clusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1alpha2.ClusterGroup, opts v1.UpdateOptions) (result *v1alpha2.ClusterGroup, err error) { + result = &v1alpha2.ClusterGroup{} + err = c.client.Put(). + Resource("clustergroups"). + Name(clusterGroup.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. +func (c *clusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("clustergroups"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("clustergroups"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched clusterGroup. +func (c *clusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ClusterGroup, err error) { + result = &v1alpha2.ClusterGroup{} + err = c.client.Patch(pt). + Resource("clustergroups"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/core_client.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go similarity index 93% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/core_client.go rename to pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go index 3233e028d86..110ce727301 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/core_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/core_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package v1alpha2 import ( - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go new file mode 100644 index 00000000000..bf83a89a24f --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha2 diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go new file mode 100644 index 00000000000..236e0a7dff8 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/externalentity.go @@ -0,0 +1,176 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + "context" + "time" + + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ExternalEntitiesGetter has a method to return a ExternalEntityInterface. +// A group's client should implement this interface. +type ExternalEntitiesGetter interface { + ExternalEntities(namespace string) ExternalEntityInterface +} + +// ExternalEntityInterface has methods to work with ExternalEntity resources. +type ExternalEntityInterface interface { + Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (*v1alpha2.ExternalEntity, error) + Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (*v1alpha2.ExternalEntity, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha2.ExternalEntity, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha2.ExternalEntityList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) + ExternalEntityExpansion +} + +// externalEntities implements ExternalEntityInterface +type externalEntities struct { + client rest.Interface + ns string +} + +// newExternalEntities returns a ExternalEntities +func newExternalEntities(c *CoreV1alpha2Client, namespace string) *externalEntities { + return &externalEntities{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the externalEntity, and returns the corresponding externalEntity object, and an error if there is any. +func (c *externalEntities) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha2.ExternalEntity, err error) { + result = &v1alpha2.ExternalEntity{} + err = c.client.Get(). + Namespace(c.ns). + Resource("externalentities"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ExternalEntities that match those selectors. +func (c *externalEntities) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha2.ExternalEntityList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha2.ExternalEntityList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("externalentities"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested externalEntities. +func (c *externalEntities) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("externalentities"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a externalEntity and creates it. Returns the server's representation of the externalEntity, and an error, if there is any. +func (c *externalEntities) Create(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.CreateOptions) (result *v1alpha2.ExternalEntity, err error) { + result = &v1alpha2.ExternalEntity{} + err = c.client.Post(). + Namespace(c.ns). + Resource("externalentities"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(externalEntity). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a externalEntity and updates it. Returns the server's representation of the externalEntity, and an error, if there is any. +func (c *externalEntities) Update(ctx context.Context, externalEntity *v1alpha2.ExternalEntity, opts v1.UpdateOptions) (result *v1alpha2.ExternalEntity, err error) { + result = &v1alpha2.ExternalEntity{} + err = c.client.Put(). + Namespace(c.ns). + Resource("externalentities"). + Name(externalEntity.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(externalEntity). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the externalEntity and deletes it. Returns an error if one occurs. +func (c *externalEntities) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("externalentities"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *externalEntities) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("externalentities"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched externalEntity. +func (c *externalEntities) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha2.ExternalEntity, err error) { + result = &v1alpha2.ExternalEntity{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("externalentities"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go similarity index 98% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go rename to pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go index 22c6bdd8895..148ea5bc78a 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_clustergroup.go @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go similarity index 90% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go rename to pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go index 28a35236c2f..0b1d76bb1c0 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_core_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package fake import ( - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go similarity index 98% rename from pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go rename to pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go index 68ef970f537..3e29712b0bf 100644 --- a/pkg/client/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/fake/fake_externalentity.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go new file mode 100644 index 00000000000..94393e2df12 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/core/v1alpha2/generated_expansion.go @@ -0,0 +1,21 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha2 + +type ClusterGroupExpansion interface{} + +type ExternalEntityExpansion interface{} diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go similarity index 95% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/doc.go rename to pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go index 16e4506b415..a66b4592246 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/doc.go +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/doc.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go similarity index 88% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go rename to pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go index 9857599cf28..139c4e35d17 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_ops_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package fake import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/ops/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go similarity index 98% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go rename to pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go index 8203e4f400d..f34caa7f5bf 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/fake/fake_traceflow.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go similarity index 95% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go rename to pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go index 6e916f849fe..5bc3edb3082 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/client/clientset/versioned/typed/ops/v1alpha1/ops_client.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go similarity index 92% rename from pkg/client/clientset/versioned/typed/ops/v1alpha1/ops_client.go rename to pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go index 5dacd614c3c..98412a3276c 100644 --- a/pkg/client/clientset/versioned/typed/ops/v1alpha1/ops_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/ops_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" - "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) diff --git a/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go new file mode 100644 index 00000000000..a3d8b1f2a64 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/ops/v1alpha1/traceflow.go @@ -0,0 +1,182 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// TraceflowsGetter has a method to return a TraceflowInterface. +// A group's client should implement this interface. +type TraceflowsGetter interface { + Traceflows() TraceflowInterface +} + +// TraceflowInterface has methods to work with Traceflow resources. +type TraceflowInterface interface { + Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (*v1alpha1.Traceflow, error) + Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) + UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (*v1alpha1.Traceflow, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Traceflow, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.TraceflowList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) + TraceflowExpansion +} + +// traceflows implements TraceflowInterface +type traceflows struct { + client rest.Interface +} + +// newTraceflows returns a Traceflows +func newTraceflows(c *OpsV1alpha1Client) *traceflows { + return &traceflows{ + client: c.RESTClient(), + } +} + +// Get takes name of the traceflow, and returns the corresponding traceflow object, and an error if there is any. +func (c *traceflows) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Traceflow, err error) { + result = &v1alpha1.Traceflow{} + err = c.client.Get(). + Resource("traceflows"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Traceflows that match those selectors. +func (c *traceflows) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TraceflowList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.TraceflowList{} + err = c.client.Get(). + Resource("traceflows"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested traceflows. +func (c *traceflows) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("traceflows"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a traceflow and creates it. Returns the server's representation of the traceflow, and an error, if there is any. +func (c *traceflows) Create(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.CreateOptions) (result *v1alpha1.Traceflow, err error) { + result = &v1alpha1.Traceflow{} + err = c.client.Post(). + Resource("traceflows"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(traceflow). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a traceflow and updates it. Returns the server's representation of the traceflow, and an error, if there is any. +func (c *traceflows) Update(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { + result = &v1alpha1.Traceflow{} + err = c.client.Put(). + Resource("traceflows"). + Name(traceflow.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(traceflow). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *traceflows) UpdateStatus(ctx context.Context, traceflow *v1alpha1.Traceflow, opts v1.UpdateOptions) (result *v1alpha1.Traceflow, err error) { + result = &v1alpha1.Traceflow{} + err = c.client.Put(). + Resource("traceflows"). + Name(traceflow.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(traceflow). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the traceflow and deletes it. Returns an error if one occurs. +func (c *traceflows) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("traceflows"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *traceflows) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("traceflows"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched traceflow. +func (c *traceflows) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Traceflow, err error) { + result = &v1alpha1.Traceflow{} + err = c.client.Patch(pt). + Resource("traceflows"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go new file mode 100644 index 00000000000..af76f5de5cc --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/clusternetworkpolicy.go @@ -0,0 +1,182 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterNetworkPoliciesGetter has a method to return a ClusterNetworkPolicyInterface. +// A group's client should implement this interface. +type ClusterNetworkPoliciesGetter interface { + ClusterNetworkPolicies() ClusterNetworkPolicyInterface +} + +// ClusterNetworkPolicyInterface has methods to work with ClusterNetworkPolicy resources. +type ClusterNetworkPolicyInterface interface { + Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (*v1alpha1.ClusterNetworkPolicy, error) + Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) + UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.ClusterNetworkPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.ClusterNetworkPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.ClusterNetworkPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) + ClusterNetworkPolicyExpansion +} + +// clusterNetworkPolicies implements ClusterNetworkPolicyInterface +type clusterNetworkPolicies struct { + client rest.Interface +} + +// newClusterNetworkPolicies returns a ClusterNetworkPolicies +func newClusterNetworkPolicies(c *SecurityV1alpha1Client) *clusterNetworkPolicies { + return &clusterNetworkPolicies{ + client: c.RESTClient(), + } +} + +// Get takes name of the clusterNetworkPolicy, and returns the corresponding clusterNetworkPolicy object, and an error if there is any. +func (c *clusterNetworkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + result = &v1alpha1.ClusterNetworkPolicy{} + err = c.client.Get(). + Resource("clusternetworkpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterNetworkPolicies that match those selectors. +func (c *clusterNetworkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.ClusterNetworkPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.ClusterNetworkPolicyList{} + err = c.client.Get(). + Resource("clusternetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterNetworkPolicies. +func (c *clusterNetworkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("clusternetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a clusterNetworkPolicy and creates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. +func (c *clusterNetworkPolicies) Create(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + result = &v1alpha1.ClusterNetworkPolicy{} + err = c.client.Post(). + Resource("clusternetworkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterNetworkPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a clusterNetworkPolicy and updates it. Returns the server's representation of the clusterNetworkPolicy, and an error, if there is any. +func (c *clusterNetworkPolicies) Update(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + result = &v1alpha1.ClusterNetworkPolicy{} + err = c.client.Put(). + Resource("clusternetworkpolicies"). + Name(clusterNetworkPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterNetworkPolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *clusterNetworkPolicies) UpdateStatus(ctx context.Context, clusterNetworkPolicy *v1alpha1.ClusterNetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.ClusterNetworkPolicy, err error) { + result = &v1alpha1.ClusterNetworkPolicy{} + err = c.client.Put(). + Resource("clusternetworkpolicies"). + Name(clusterNetworkPolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterNetworkPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the clusterNetworkPolicy and deletes it. Returns an error if one occurs. +func (c *clusterNetworkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("clusternetworkpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterNetworkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("clusternetworkpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched clusterNetworkPolicy. +func (c *clusterNetworkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.ClusterNetworkPolicy, err error) { + result = &v1alpha1.ClusterNetworkPolicy{} + err = c.client.Patch(pt). + Resource("clusternetworkpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go new file mode 100644 index 00000000000..a66b4592246 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go similarity index 98% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go index 8f647325b12..5bf45f642d7 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_clusternetworkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go similarity index 98% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go index dd59099d6c8..24566d2fd8a 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go similarity index 90% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go index 8eeebdc121a..1a118430246 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_security_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package fake import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1" rest "k8s.io/client-go/rest" testing "k8s.io/client-go/testing" ) diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go similarity index 97% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go index dde98811c0d..80d4759d8d5 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/fake/fake_tier.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -19,7 +19,7 @@ package fake import ( "context" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" labels "k8s.io/apimachinery/pkg/labels" schema "k8s.io/apimachinery/pkg/runtime/schema" diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go similarity index 95% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/generated_expansion.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go index f40fa9dac93..e9e9e192e83 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/generated_expansion.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/generated_expansion.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go new file mode 100644 index 00000000000..639f9cc18da --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/networkpolicy.go @@ -0,0 +1,193 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// NetworkPoliciesGetter has a method to return a NetworkPolicyInterface. +// A group's client should implement this interface. +type NetworkPoliciesGetter interface { + NetworkPolicies(namespace string) NetworkPolicyInterface +} + +// NetworkPolicyInterface has methods to work with NetworkPolicy resources. +type NetworkPolicyInterface interface { + Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (*v1alpha1.NetworkPolicy, error) + Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) + UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (*v1alpha1.NetworkPolicy, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.NetworkPolicy, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.NetworkPolicyList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) + NetworkPolicyExpansion +} + +// networkPolicies implements NetworkPolicyInterface +type networkPolicies struct { + client rest.Interface + ns string +} + +// newNetworkPolicies returns a NetworkPolicies +func newNetworkPolicies(c *SecurityV1alpha1Client, namespace string) *networkPolicies { + return &networkPolicies{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the networkPolicy, and returns the corresponding networkPolicy object, and an error if there is any. +func (c *networkPolicies) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of NetworkPolicies that match those selectors. +func (c *networkPolicies) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.NetworkPolicyList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.NetworkPolicyList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested networkPolicies. +func (c *networkPolicies) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a networkPolicy and creates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *networkPolicies) Create(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.CreateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Post(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a networkPolicy and updates it. Returns the server's representation of the networkPolicy, and an error, if there is any. +func (c *networkPolicies) Update(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(networkPolicy.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *networkPolicies) UpdateStatus(ctx context.Context, networkPolicy *v1alpha1.NetworkPolicy, opts v1.UpdateOptions) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Put(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(networkPolicy.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(networkPolicy). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the networkPolicy and deletes it. Returns an error if one occurs. +func (c *networkPolicies) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *networkPolicies) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("networkpolicies"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched networkPolicy. +func (c *networkPolicies) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.NetworkPolicy, err error) { + result = &v1alpha1.NetworkPolicy{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("networkpolicies"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/security/v1alpha1/security_client.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go similarity index 93% rename from pkg/client/clientset/versioned/typed/security/v1alpha1/security_client.go rename to pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go index 37de1942784..793ece4d3bd 100644 --- a/pkg/client/clientset/versioned/typed/security/v1alpha1/security_client.go +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/security_client.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package v1alpha1 import ( - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" - "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/scheme" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" rest "k8s.io/client-go/rest" ) diff --git a/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go new file mode 100644 index 00000000000..fb70a22251b --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/security/v1alpha1/tier.go @@ -0,0 +1,166 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + "time" + + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + scheme "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// TiersGetter has a method to return a TierInterface. +// A group's client should implement this interface. +type TiersGetter interface { + Tiers() TierInterface +} + +// TierInterface has methods to work with Tier resources. +type TierInterface interface { + Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (*v1alpha1.Tier, error) + Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (*v1alpha1.Tier, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1alpha1.Tier, error) + List(ctx context.Context, opts v1.ListOptions) (*v1alpha1.TierList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) + TierExpansion +} + +// tiers implements TierInterface +type tiers struct { + client rest.Interface +} + +// newTiers returns a Tiers +func newTiers(c *SecurityV1alpha1Client) *tiers { + return &tiers{ + client: c.RESTClient(), + } +} + +// Get takes name of the tier, and returns the corresponding tier object, and an error if there is any. +func (c *tiers) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1alpha1.Tier, err error) { + result = &v1alpha1.Tier{} + err = c.client.Get(). + Resource("tiers"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Tiers that match those selectors. +func (c *tiers) List(ctx context.Context, opts v1.ListOptions) (result *v1alpha1.TierList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1alpha1.TierList{} + err = c.client.Get(). + Resource("tiers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested tiers. +func (c *tiers) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("tiers"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a tier and creates it. Returns the server's representation of the tier, and an error, if there is any. +func (c *tiers) Create(ctx context.Context, tier *v1alpha1.Tier, opts v1.CreateOptions) (result *v1alpha1.Tier, err error) { + result = &v1alpha1.Tier{} + err = c.client.Post(). + Resource("tiers"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(tier). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a tier and updates it. Returns the server's representation of the tier, and an error, if there is any. +func (c *tiers) Update(ctx context.Context, tier *v1alpha1.Tier, opts v1.UpdateOptions) (result *v1alpha1.Tier, err error) { + result = &v1alpha1.Tier{} + err = c.client.Put(). + Resource("tiers"). + Name(tier.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(tier). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the tier and deletes it. Returns an error if one occurs. +func (c *tiers) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("tiers"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *tiers) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("tiers"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched tier. +func (c *tiers) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1alpha1.Tier, err error) { + result = &v1alpha1.Tier{} + err = c.client.Patch(pt). + Resource("tiers"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go new file mode 100644 index 00000000000..a66b4592246 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go new file mode 100644 index 00000000000..7102a633802 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/fake/fake_stats_client.go @@ -0,0 +1,33 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeStatsV1alpha1 struct { + *testing.Fake +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeStatsV1alpha1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go new file mode 100644 index 00000000000..d6c5dcbda62 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/generated_expansion.go @@ -0,0 +1,17 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 diff --git a/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go new file mode 100644 index 00000000000..e268c275543 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/stats/v1alpha1/stats_client.go @@ -0,0 +1,82 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/stats/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type StatsV1alpha1Interface interface { + RESTClient() rest.Interface +} + +// StatsV1alpha1Client is used to interact with features provided by the stats.antrea.tanzu.vmware.com group. +type StatsV1alpha1Client struct { + restClient rest.Interface +} + +// NewForConfig creates a new StatsV1alpha1Client for the given config. +func NewForConfig(c *rest.Config) (*StatsV1alpha1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &StatsV1alpha1Client{client}, nil +} + +// NewForConfigOrDie creates a new StatsV1alpha1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *StatsV1alpha1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new StatsV1alpha1Client for the given RESTClient. +func New(c rest.Interface) *StatsV1alpha1Client { + return &StatsV1alpha1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1alpha1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *StatsV1alpha1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go new file mode 100644 index 00000000000..c41ac51a831 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// This package has the automatically generated typed clients. +package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go new file mode 100644 index 00000000000..5807b680f75 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/doc.go @@ -0,0 +1,18 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +// Package fake has the automatically generated clients. +package fake diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go new file mode 100644 index 00000000000..7f30f027840 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/fake/fake_system_client.go @@ -0,0 +1,33 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + rest "k8s.io/client-go/rest" + testing "k8s.io/client-go/testing" +) + +type FakeSystemV1beta1 struct { + *testing.Fake +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *FakeSystemV1beta1) RESTClient() rest.Interface { + var ret *rest.RESTClient + return ret +} diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go new file mode 100644 index 00000000000..54dd65ae4ae --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/generated_expansion.go @@ -0,0 +1,17 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 diff --git a/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go new file mode 100644 index 00000000000..50ec44abee0 --- /dev/null +++ b/pkg/legacyclient/clientset/versioned/typed/system/v1beta1/system_client.go @@ -0,0 +1,82 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/system/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned/scheme" + rest "k8s.io/client-go/rest" +) + +type SystemV1beta1Interface interface { + RESTClient() rest.Interface +} + +// SystemV1beta1Client is used to interact with features provided by the system.antrea.tanzu.vmware.com group. +type SystemV1beta1Client struct { + restClient rest.Interface +} + +// NewForConfig creates a new SystemV1beta1Client for the given config. +func NewForConfig(c *rest.Config) (*SystemV1beta1Client, error) { + config := *c + if err := setConfigDefaults(&config); err != nil { + return nil, err + } + client, err := rest.RESTClientFor(&config) + if err != nil { + return nil, err + } + return &SystemV1beta1Client{client}, nil +} + +// NewForConfigOrDie creates a new SystemV1beta1Client for the given config and +// panics if there is an error in the config. +func NewForConfigOrDie(c *rest.Config) *SystemV1beta1Client { + client, err := NewForConfig(c) + if err != nil { + panic(err) + } + return client +} + +// New creates a new SystemV1beta1Client for the given RESTClient. +func New(c rest.Interface) *SystemV1beta1Client { + return &SystemV1beta1Client{c} +} + +func setConfigDefaults(config *rest.Config) error { + gv := v1beta1.SchemeGroupVersion + config.GroupVersion = &gv + config.APIPath = "/apis" + config.NegotiatedSerializer = scheme.Codecs.WithoutConversion() + + if config.UserAgent == "" { + config.UserAgent = rest.DefaultKubernetesUserAgent() + } + + return nil +} + +// RESTClient returns a RESTClient that is used to communicate +// with API server by this client implementation. +func (c *SystemV1beta1Client) RESTClient() rest.Interface { + if c == nil { + return nil + } + return c.restClient +} diff --git a/pkg/client/informers/externalversions/clusterinformation/interface.go b/pkg/legacyclient/informers/externalversions/clusterinformation/interface.go similarity index 84% rename from pkg/client/informers/externalversions/clusterinformation/interface.go rename to pkg/legacyclient/informers/externalversions/clusterinformation/interface.go index ddc73c9ea41..ae8deaa87dd 100644 --- a/pkg/client/informers/externalversions/clusterinformation/interface.go +++ b/pkg/legacyclient/informers/externalversions/clusterinformation/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package clusterinformation import ( - v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/clusterinformation/v1beta1" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/pkg/client/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go similarity index 88% rename from pkg/client/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go rename to pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go index aa9c8c6a6ba..63ecfb755ae 100644 --- a/pkg/client/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go +++ b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreaagentinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/listers/clusterinformation/v1beta1" + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/clusterinformation/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go similarity index 89% rename from pkg/client/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go rename to pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go index 771955cee21..66bbab431f8 100644 --- a/pkg/client/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go +++ b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/antreacontrollerinfo.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1beta1 "github.com/vmware-tanzu/antrea/pkg/client/listers/clusterinformation/v1beta1" + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/clusterinformation/v1beta1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go new file mode 100644 index 00000000000..5d056cb4687 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/clusterinformation/v1beta1/interface.go @@ -0,0 +1,50 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // AntreaAgentInfos returns a AntreaAgentInfoInformer. + AntreaAgentInfos() AntreaAgentInfoInformer + // AntreaControllerInfos returns a AntreaControllerInfoInformer. + AntreaControllerInfos() AntreaControllerInfoInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// AntreaAgentInfos returns a AntreaAgentInfoInformer. +func (v *version) AntreaAgentInfos() AntreaAgentInfoInformer { + return &antreaAgentInfoInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// AntreaControllerInfos returns a AntreaControllerInfoInformer. +func (v *version) AntreaControllerInfos() AntreaControllerInfoInformer { + return &antreaControllerInfoInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/client/informers/externalversions/core/interface.go b/pkg/legacyclient/informers/externalversions/core/interface.go similarity index 85% rename from pkg/client/informers/externalversions/core/interface.go rename to pkg/legacyclient/informers/externalversions/core/interface.go index 7023885da76..0b225d8dfa8 100644 --- a/pkg/client/informers/externalversions/core/interface.go +++ b/pkg/legacyclient/informers/externalversions/core/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package core import ( - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/core/v1alpha2" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/core/v1alpha2" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" ) // Interface provides access to each of this group's versions. diff --git a/pkg/client/informers/externalversions/core/v1alpha2/clustergroup.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go similarity index 89% rename from pkg/client/informers/externalversions/core/v1alpha2/clustergroup.go rename to pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go index 9ebcbada6e2..f090bf9a549 100644 --- a/pkg/client/informers/externalversions/core/v1alpha2/clustergroup.go +++ b/pkg/legacyclient/informers/externalversions/core/v1alpha2/clustergroup.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/listers/core/v1alpha2" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/core/v1alpha2" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/informers/externalversions/core/v1alpha2/externalentity.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go similarity index 90% rename from pkg/client/informers/externalversions/core/v1alpha2/externalentity.go rename to pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go index 77180f51d59..2fa5b9bafa9 100644 --- a/pkg/client/informers/externalversions/core/v1alpha2/externalentity.go +++ b/pkg/legacyclient/informers/externalversions/core/v1alpha2/externalentity.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha2 "github.com/vmware-tanzu/antrea/pkg/client/listers/core/v1alpha2" + corev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/core/v1alpha2" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go b/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go new file mode 100644 index 00000000000..7a51cd6adf2 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/core/v1alpha2/interface.go @@ -0,0 +1,50 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" +) + +// Interface provides access to all the informers in this group version. +type Interface interface { + // ClusterGroups returns a ClusterGroupInformer. + ClusterGroups() ClusterGroupInformer + // ExternalEntities returns a ExternalEntityInformer. + ExternalEntities() ExternalEntityInformer +} + +type version struct { + factory internalinterfaces.SharedInformerFactory + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// New returns a new Interface. +func New(f internalinterfaces.SharedInformerFactory, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) Interface { + return &version{factory: f, namespace: namespace, tweakListOptions: tweakListOptions} +} + +// ClusterGroups returns a ClusterGroupInformer. +func (v *version) ClusterGroups() ClusterGroupInformer { + return &clusterGroupInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + +// ExternalEntities returns a ExternalEntityInformer. +func (v *version) ExternalEntities() ExternalEntityInformer { + return &externalEntityInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} diff --git a/pkg/legacyclient/informers/externalversions/factory.go b/pkg/legacyclient/informers/externalversions/factory.go new file mode 100644 index 00000000000..4bd07c98655 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/factory.go @@ -0,0 +1,196 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + reflect "reflect" + sync "sync" + time "time" + + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + clusterinformation "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/clusterinformation" + core "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/core" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + ops "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/ops" + security "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/security" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// SharedInformerOption defines the functional option type for SharedInformerFactory. +type SharedInformerOption func(*sharedInformerFactory) *sharedInformerFactory + +type sharedInformerFactory struct { + client versioned.Interface + namespace string + tweakListOptions internalinterfaces.TweakListOptionsFunc + lock sync.Mutex + defaultResync time.Duration + customResync map[reflect.Type]time.Duration + + informers map[reflect.Type]cache.SharedIndexInformer + // startedInformers is used for tracking which informers have been started. + // This allows Start() to be called multiple times safely. + startedInformers map[reflect.Type]bool +} + +// WithCustomResyncConfig sets a custom resync period for the specified informer types. +func WithCustomResyncConfig(resyncConfig map[v1.Object]time.Duration) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + for k, v := range resyncConfig { + factory.customResync[reflect.TypeOf(k)] = v + } + return factory + } +} + +// WithTweakListOptions sets a custom filter on all listers of the configured SharedInformerFactory. +func WithTweakListOptions(tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.tweakListOptions = tweakListOptions + return factory + } +} + +// WithNamespace limits the SharedInformerFactory to the specified namespace. +func WithNamespace(namespace string) SharedInformerOption { + return func(factory *sharedInformerFactory) *sharedInformerFactory { + factory.namespace = namespace + return factory + } +} + +// NewSharedInformerFactory constructs a new instance of sharedInformerFactory for all namespaces. +func NewSharedInformerFactory(client versioned.Interface, defaultResync time.Duration) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync) +} + +// NewFilteredSharedInformerFactory constructs a new instance of sharedInformerFactory. +// Listers obtained via this SharedInformerFactory will be subject to the same filters +// as specified here. +// Deprecated: Please use NewSharedInformerFactoryWithOptions instead +func NewFilteredSharedInformerFactory(client versioned.Interface, defaultResync time.Duration, namespace string, tweakListOptions internalinterfaces.TweakListOptionsFunc) SharedInformerFactory { + return NewSharedInformerFactoryWithOptions(client, defaultResync, WithNamespace(namespace), WithTweakListOptions(tweakListOptions)) +} + +// NewSharedInformerFactoryWithOptions constructs a new instance of a SharedInformerFactory with additional options. +func NewSharedInformerFactoryWithOptions(client versioned.Interface, defaultResync time.Duration, options ...SharedInformerOption) SharedInformerFactory { + factory := &sharedInformerFactory{ + client: client, + namespace: v1.NamespaceAll, + defaultResync: defaultResync, + informers: make(map[reflect.Type]cache.SharedIndexInformer), + startedInformers: make(map[reflect.Type]bool), + customResync: make(map[reflect.Type]time.Duration), + } + + // Apply all options + for _, opt := range options { + factory = opt(factory) + } + + return factory +} + +// Start initializes all requested informers. +func (f *sharedInformerFactory) Start(stopCh <-chan struct{}) { + f.lock.Lock() + defer f.lock.Unlock() + + for informerType, informer := range f.informers { + if !f.startedInformers[informerType] { + go informer.Run(stopCh) + f.startedInformers[informerType] = true + } + } +} + +// WaitForCacheSync waits for all started informers' cache were synced. +func (f *sharedInformerFactory) WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool { + informers := func() map[reflect.Type]cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informers := map[reflect.Type]cache.SharedIndexInformer{} + for informerType, informer := range f.informers { + if f.startedInformers[informerType] { + informers[informerType] = informer + } + } + return informers + }() + + res := map[reflect.Type]bool{} + for informType, informer := range informers { + res[informType] = cache.WaitForCacheSync(stopCh, informer.HasSynced) + } + return res +} + +// InternalInformerFor returns the SharedIndexInformer for obj using an internal +// client. +func (f *sharedInformerFactory) InformerFor(obj runtime.Object, newFunc internalinterfaces.NewInformerFunc) cache.SharedIndexInformer { + f.lock.Lock() + defer f.lock.Unlock() + + informerType := reflect.TypeOf(obj) + informer, exists := f.informers[informerType] + if exists { + return informer + } + + resyncPeriod, exists := f.customResync[informerType] + if !exists { + resyncPeriod = f.defaultResync + } + + informer = newFunc(f.client, resyncPeriod) + f.informers[informerType] = informer + + return informer +} + +// SharedInformerFactory provides shared informers for resources in all known +// API group versions. +type SharedInformerFactory interface { + internalinterfaces.SharedInformerFactory + ForResource(resource schema.GroupVersionResource) (GenericInformer, error) + WaitForCacheSync(stopCh <-chan struct{}) map[reflect.Type]bool + + Clusterinformation() clusterinformation.Interface + Core() core.Interface + Ops() ops.Interface + Security() security.Interface +} + +func (f *sharedInformerFactory) Clusterinformation() clusterinformation.Interface { + return clusterinformation.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Core() core.Interface { + return core.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Ops() ops.Interface { + return ops.New(f, f.namespace, f.tweakListOptions) +} + +func (f *sharedInformerFactory) Security() security.Interface { + return security.New(f, f.namespace, f.tweakListOptions) +} diff --git a/pkg/legacyclient/informers/externalversions/generic.go b/pkg/legacyclient/informers/externalversions/generic.go new file mode 100644 index 00000000000..8b709692ab9 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/generic.go @@ -0,0 +1,83 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package externalversions + +import ( + "fmt" + + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + schema "k8s.io/apimachinery/pkg/runtime/schema" + cache "k8s.io/client-go/tools/cache" +) + +// GenericInformer is type of SharedIndexInformer which will locate and delegate to other +// sharedInformers based on type +type GenericInformer interface { + Informer() cache.SharedIndexInformer + Lister() cache.GenericLister +} + +type genericInformer struct { + informer cache.SharedIndexInformer + resource schema.GroupResource +} + +// Informer returns the SharedIndexInformer. +func (f *genericInformer) Informer() cache.SharedIndexInformer { + return f.informer +} + +// Lister returns the GenericLister. +func (f *genericInformer) Lister() cache.GenericLister { + return cache.NewGenericLister(f.Informer().GetIndexer(), f.resource) +} + +// ForResource gives generic access to a shared informer of the matching type +// TODO extend this to unknown resources with a client pool +func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource) (GenericInformer, error) { + switch resource { + // Group=clusterinformation.antrea.tanzu.vmware.com, Version=v1beta1 + case v1beta1.SchemeGroupVersion.WithResource("antreaagentinfos"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaAgentInfos().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("antreacontrollerinfos"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Clusterinformation().V1beta1().AntreaControllerInfos().Informer()}, nil + + // Group=core.antrea.tanzu.vmware.com, Version=v1alpha2 + case v1alpha2.SchemeGroupVersion.WithResource("clustergroups"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ClusterGroups().Informer()}, nil + case v1alpha2.SchemeGroupVersion.WithResource("externalentities"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Core().V1alpha2().ExternalEntities().Informer()}, nil + + // Group=ops.antrea.tanzu.vmware.com, Version=v1alpha1 + case v1alpha1.SchemeGroupVersion.WithResource("traceflows"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Ops().V1alpha1().Traceflows().Informer()}, nil + + // Group=security.antrea.tanzu.vmware.com, Version=v1alpha1 + case securityv1alpha1.SchemeGroupVersion.WithResource("clusternetworkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().ClusterNetworkPolicies().Informer()}, nil + case securityv1alpha1.SchemeGroupVersion.WithResource("networkpolicies"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().NetworkPolicies().Informer()}, nil + case securityv1alpha1.SchemeGroupVersion.WithResource("tiers"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Security().V1alpha1().Tiers().Informer()}, nil + + } + + return nil, fmt.Errorf("no informer found for %v", resource) +} diff --git a/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go b/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go new file mode 100644 index 00000000000..e6026c237a5 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/internalinterfaces/factory_interfaces.go @@ -0,0 +1,38 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package internalinterfaces + +import ( + time "time" + + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + cache "k8s.io/client-go/tools/cache" +) + +// NewInformerFunc takes versioned.Interface and time.Duration to return a SharedIndexInformer. +type NewInformerFunc func(versioned.Interface, time.Duration) cache.SharedIndexInformer + +// SharedInformerFactory a small interface to allow for adding an informer without an import cycle +type SharedInformerFactory interface { + Start(stopCh <-chan struct{}) + InformerFor(obj runtime.Object, newFunc NewInformerFunc) cache.SharedIndexInformer +} + +// TweakListOptionsFunc is a function that transforms a v1.ListOptions. +type TweakListOptionsFunc func(*v1.ListOptions) diff --git a/pkg/client/informers/externalversions/ops/interface.go b/pkg/legacyclient/informers/externalversions/ops/interface.go similarity index 85% rename from pkg/client/informers/externalversions/ops/interface.go rename to pkg/legacyclient/informers/externalversions/ops/interface.go index e05eae26874..f9db5de9db1 100644 --- a/pkg/client/informers/externalversions/ops/interface.go +++ b/pkg/legacyclient/informers/externalversions/ops/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package ops import ( - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/ops/v1alpha1" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/ops/v1alpha1" ) // Interface provides access to each of this group's versions. diff --git a/pkg/client/informers/externalversions/ops/v1alpha1/interface.go b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go similarity index 90% rename from pkg/client/informers/externalversions/ops/v1alpha1/interface.go rename to pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go index d76b8e31bea..0e5c4d5621b 100644 --- a/pkg/client/informers/externalversions/ops/v1alpha1/interface.go +++ b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go new file mode 100644 index 00000000000..4e5716dc204 --- /dev/null +++ b/pkg/legacyclient/informers/externalversions/ops/v1alpha1/traceflow.go @@ -0,0 +1,87 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + "context" + time "time" + + opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/ops/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// TraceflowInformer provides access to a shared informer and lister for +// Traceflows. +type TraceflowInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1alpha1.TraceflowLister +} + +type traceflowInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewTraceflowInformer constructs a new informer for Traceflow type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewTraceflowInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredTraceflowInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredTraceflowInformer constructs a new informer for Traceflow type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredTraceflowInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OpsV1alpha1().Traceflows().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.OpsV1alpha1().Traceflows().Watch(context.TODO(), options) + }, + }, + &opsv1alpha1.Traceflow{}, + resyncPeriod, + indexers, + ) +} + +func (f *traceflowInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredTraceflowInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *traceflowInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&opsv1alpha1.Traceflow{}, f.defaultInformer) +} + +func (f *traceflowInformer) Lister() v1alpha1.TraceflowLister { + return v1alpha1.NewTraceflowLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/security/interface.go b/pkg/legacyclient/informers/externalversions/security/interface.go similarity index 84% rename from pkg/client/informers/externalversions/security/interface.go rename to pkg/legacyclient/informers/externalversions/security/interface.go index cd967e582fe..5e175b32bce 100644 --- a/pkg/client/informers/externalversions/security/interface.go +++ b/pkg/legacyclient/informers/externalversions/security/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,8 +17,8 @@ package security import ( - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/security/v1alpha1" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/security/v1alpha1" ) // Interface provides access to each of this group's versions. diff --git a/pkg/client/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go similarity index 89% rename from pkg/client/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go rename to pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go index 40ea0bcc0b9..56a8c7461e3 100644 --- a/pkg/client/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go +++ b/pkg/legacyclient/informers/externalversions/security/v1alpha1/clusternetworkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/security/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/informers/externalversions/security/v1alpha1/interface.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go similarity index 93% rename from pkg/client/informers/externalversions/security/v1alpha1/interface.go rename to pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go index e8a33b90e95..a0bdf1b9336 100644 --- a/pkg/client/informers/externalversions/security/v1alpha1/interface.go +++ b/pkg/legacyclient/informers/externalversions/security/v1alpha1/interface.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,7 +17,7 @@ package v1alpha1 import ( - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" ) // Interface provides access to all the informers in this group version. diff --git a/pkg/client/informers/externalversions/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go similarity index 89% rename from pkg/client/informers/externalversions/security/v1alpha1/networkpolicy.go rename to pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go index 96c367a3f95..c65805a8460 100644 --- a/pkg/client/informers/externalversions/security/v1alpha1/networkpolicy.go +++ b/pkg/legacyclient/informers/externalversions/security/v1alpha1/networkpolicy.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/security/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/client/informers/externalversions/security/v1alpha1/tier.go b/pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go similarity index 88% rename from pkg/client/informers/externalversions/security/v1alpha1/tier.go rename to pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go index 392cf5346fd..5216bb8bba1 100644 --- a/pkg/client/informers/externalversions/security/v1alpha1/tier.go +++ b/pkg/legacyclient/informers/externalversions/security/v1alpha1/tier.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -20,10 +20,10 @@ import ( "context" time "time" - securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" - versioned "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - internalinterfaces "github.com/vmware-tanzu/antrea/pkg/client/informers/externalversions/internalinterfaces" - v1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/listers/security/v1alpha1" + securityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + versioned "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" + internalinterfaces "github.com/vmware-tanzu/antrea/pkg/legacyclient/informers/externalversions/internalinterfaces" + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyclient/listers/security/v1alpha1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" watch "k8s.io/apimachinery/pkg/watch" diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go new file mode 100644 index 00000000000..118d128ee8e --- /dev/null +++ b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreaagentinfo.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// AntreaAgentInfoLister helps list AntreaAgentInfos. +type AntreaAgentInfoLister interface { + // List lists all AntreaAgentInfos in the indexer. + List(selector labels.Selector) (ret []*v1beta1.AntreaAgentInfo, err error) + // Get retrieves the AntreaAgentInfo from the index for a given name. + Get(name string) (*v1beta1.AntreaAgentInfo, error) + AntreaAgentInfoListerExpansion +} + +// antreaAgentInfoLister implements the AntreaAgentInfoLister interface. +type antreaAgentInfoLister struct { + indexer cache.Indexer +} + +// NewAntreaAgentInfoLister returns a new AntreaAgentInfoLister. +func NewAntreaAgentInfoLister(indexer cache.Indexer) AntreaAgentInfoLister { + return &antreaAgentInfoLister{indexer: indexer} +} + +// List lists all AntreaAgentInfos in the indexer. +func (s *antreaAgentInfoLister) List(selector labels.Selector) (ret []*v1beta1.AntreaAgentInfo, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.AntreaAgentInfo)) + }) + return ret, err +} + +// Get retrieves the AntreaAgentInfo from the index for a given name. +func (s *antreaAgentInfoLister) Get(name string) (*v1beta1.AntreaAgentInfo, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("antreaagentinfo"), name) + } + return obj.(*v1beta1.AntreaAgentInfo), nil +} diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go new file mode 100644 index 00000000000..b2e4491c21b --- /dev/null +++ b/pkg/legacyclient/listers/clusterinformation/v1beta1/antreacontrollerinfo.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/clusterinformation/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// AntreaControllerInfoLister helps list AntreaControllerInfos. +type AntreaControllerInfoLister interface { + // List lists all AntreaControllerInfos in the indexer. + List(selector labels.Selector) (ret []*v1beta1.AntreaControllerInfo, err error) + // Get retrieves the AntreaControllerInfo from the index for a given name. + Get(name string) (*v1beta1.AntreaControllerInfo, error) + AntreaControllerInfoListerExpansion +} + +// antreaControllerInfoLister implements the AntreaControllerInfoLister interface. +type antreaControllerInfoLister struct { + indexer cache.Indexer +} + +// NewAntreaControllerInfoLister returns a new AntreaControllerInfoLister. +func NewAntreaControllerInfoLister(indexer cache.Indexer) AntreaControllerInfoLister { + return &antreaControllerInfoLister{indexer: indexer} +} + +// List lists all AntreaControllerInfos in the indexer. +func (s *antreaControllerInfoLister) List(selector labels.Selector) (ret []*v1beta1.AntreaControllerInfo, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.AntreaControllerInfo)) + }) + return ret, err +} + +// Get retrieves the AntreaControllerInfo from the index for a given name. +func (s *antreaControllerInfoLister) Get(name string) (*v1beta1.AntreaControllerInfo, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("antreacontrollerinfo"), name) + } + return obj.(*v1beta1.AntreaControllerInfo), nil +} diff --git a/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go b/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go new file mode 100644 index 00000000000..2181551a0c7 --- /dev/null +++ b/pkg/legacyclient/listers/clusterinformation/v1beta1/expansion_generated.go @@ -0,0 +1,25 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +// AntreaAgentInfoListerExpansion allows custom methods to be added to +// AntreaAgentInfoLister. +type AntreaAgentInfoListerExpansion interface{} + +// AntreaControllerInfoListerExpansion allows custom methods to be added to +// AntreaControllerInfoLister. +type AntreaControllerInfoListerExpansion interface{} diff --git a/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go b/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go new file mode 100644 index 00000000000..95bb8712316 --- /dev/null +++ b/pkg/legacyclient/listers/core/v1alpha2/clustergroup.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ClusterGroupLister helps list ClusterGroups. +type ClusterGroupLister interface { + // List lists all ClusterGroups in the indexer. + List(selector labels.Selector) (ret []*v1alpha2.ClusterGroup, err error) + // Get retrieves the ClusterGroup from the index for a given name. + Get(name string) (*v1alpha2.ClusterGroup, error) + ClusterGroupListerExpansion +} + +// clusterGroupLister implements the ClusterGroupLister interface. +type clusterGroupLister struct { + indexer cache.Indexer +} + +// NewClusterGroupLister returns a new ClusterGroupLister. +func NewClusterGroupLister(indexer cache.Indexer) ClusterGroupLister { + return &clusterGroupLister{indexer: indexer} +} + +// List lists all ClusterGroups in the indexer. +func (s *clusterGroupLister) List(selector labels.Selector) (ret []*v1alpha2.ClusterGroup, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha2.ClusterGroup)) + }) + return ret, err +} + +// Get retrieves the ClusterGroup from the index for a given name. +func (s *clusterGroupLister) Get(name string) (*v1alpha2.ClusterGroup, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha2.Resource("clustergroup"), name) + } + return obj.(*v1alpha2.ClusterGroup), nil +} diff --git a/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go b/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go new file mode 100644 index 00000000000..3b0a15efa32 --- /dev/null +++ b/pkg/legacyclient/listers/core/v1alpha2/expansion_generated.go @@ -0,0 +1,29 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha2 + +// ClusterGroupListerExpansion allows custom methods to be added to +// ClusterGroupLister. +type ClusterGroupListerExpansion interface{} + +// ExternalEntityListerExpansion allows custom methods to be added to +// ExternalEntityLister. +type ExternalEntityListerExpansion interface{} + +// ExternalEntityNamespaceListerExpansion allows custom methods to be added to +// ExternalEntityNamespaceLister. +type ExternalEntityNamespaceListerExpansion interface{} diff --git a/pkg/legacyclient/listers/core/v1alpha2/externalentity.go b/pkg/legacyclient/listers/core/v1alpha2/externalentity.go new file mode 100644 index 00000000000..edd0af7cc87 --- /dev/null +++ b/pkg/legacyclient/listers/core/v1alpha2/externalentity.go @@ -0,0 +1,92 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha2 + +import ( + v1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ExternalEntityLister helps list ExternalEntities. +type ExternalEntityLister interface { + // List lists all ExternalEntities in the indexer. + List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) + // ExternalEntities returns an object that can list and get ExternalEntities. + ExternalEntities(namespace string) ExternalEntityNamespaceLister + ExternalEntityListerExpansion +} + +// externalEntityLister implements the ExternalEntityLister interface. +type externalEntityLister struct { + indexer cache.Indexer +} + +// NewExternalEntityLister returns a new ExternalEntityLister. +func NewExternalEntityLister(indexer cache.Indexer) ExternalEntityLister { + return &externalEntityLister{indexer: indexer} +} + +// List lists all ExternalEntities in the indexer. +func (s *externalEntityLister) List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha2.ExternalEntity)) + }) + return ret, err +} + +// ExternalEntities returns an object that can list and get ExternalEntities. +func (s *externalEntityLister) ExternalEntities(namespace string) ExternalEntityNamespaceLister { + return externalEntityNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// ExternalEntityNamespaceLister helps list and get ExternalEntities. +type ExternalEntityNamespaceLister interface { + // List lists all ExternalEntities in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) + // Get retrieves the ExternalEntity from the indexer for a given namespace and name. + Get(name string) (*v1alpha2.ExternalEntity, error) + ExternalEntityNamespaceListerExpansion +} + +// externalEntityNamespaceLister implements the ExternalEntityNamespaceLister +// interface. +type externalEntityNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all ExternalEntities in the indexer for a given namespace. +func (s externalEntityNamespaceLister) List(selector labels.Selector) (ret []*v1alpha2.ExternalEntity, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha2.ExternalEntity)) + }) + return ret, err +} + +// Get retrieves the ExternalEntity from the indexer for a given namespace and name. +func (s externalEntityNamespaceLister) Get(name string) (*v1alpha2.ExternalEntity, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha2.Resource("externalentity"), name) + } + return obj.(*v1alpha2.ExternalEntity), nil +} diff --git a/pkg/client/listers/ops/v1alpha1/expansion_generated.go b/pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go similarity index 95% rename from pkg/client/listers/ops/v1alpha1/expansion_generated.go rename to pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go index f074390da14..c36688103bc 100644 --- a/pkg/client/listers/ops/v1alpha1/expansion_generated.go +++ b/pkg/legacyclient/listers/ops/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go b/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go new file mode 100644 index 00000000000..658010727be --- /dev/null +++ b/pkg/legacyclient/listers/ops/v1alpha1/traceflow.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/ops/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// TraceflowLister helps list Traceflows. +type TraceflowLister interface { + // List lists all Traceflows in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.Traceflow, err error) + // Get retrieves the Traceflow from the index for a given name. + Get(name string) (*v1alpha1.Traceflow, error) + TraceflowListerExpansion +} + +// traceflowLister implements the TraceflowLister interface. +type traceflowLister struct { + indexer cache.Indexer +} + +// NewTraceflowLister returns a new TraceflowLister. +func NewTraceflowLister(indexer cache.Indexer) TraceflowLister { + return &traceflowLister{indexer: indexer} +} + +// List lists all Traceflows in the indexer. +func (s *traceflowLister) List(selector labels.Selector) (ret []*v1alpha1.Traceflow, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Traceflow)) + }) + return ret, err +} + +// Get retrieves the Traceflow from the index for a given name. +func (s *traceflowLister) Get(name string) (*v1alpha1.Traceflow, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("traceflow"), name) + } + return obj.(*v1alpha1.Traceflow), nil +} diff --git a/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go b/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go new file mode 100644 index 00000000000..881ab32e251 --- /dev/null +++ b/pkg/legacyclient/listers/security/v1alpha1/clusternetworkpolicy.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ClusterNetworkPolicyLister helps list ClusterNetworkPolicies. +type ClusterNetworkPolicyLister interface { + // List lists all ClusterNetworkPolicies in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.ClusterNetworkPolicy, err error) + // Get retrieves the ClusterNetworkPolicy from the index for a given name. + Get(name string) (*v1alpha1.ClusterNetworkPolicy, error) + ClusterNetworkPolicyListerExpansion +} + +// clusterNetworkPolicyLister implements the ClusterNetworkPolicyLister interface. +type clusterNetworkPolicyLister struct { + indexer cache.Indexer +} + +// NewClusterNetworkPolicyLister returns a new ClusterNetworkPolicyLister. +func NewClusterNetworkPolicyLister(indexer cache.Indexer) ClusterNetworkPolicyLister { + return &clusterNetworkPolicyLister{indexer: indexer} +} + +// List lists all ClusterNetworkPolicies in the indexer. +func (s *clusterNetworkPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.ClusterNetworkPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.ClusterNetworkPolicy)) + }) + return ret, err +} + +// Get retrieves the ClusterNetworkPolicy from the index for a given name. +func (s *clusterNetworkPolicyLister) Get(name string) (*v1alpha1.ClusterNetworkPolicy, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("clusternetworkpolicy"), name) + } + return obj.(*v1alpha1.ClusterNetworkPolicy), nil +} diff --git a/pkg/client/listers/security/v1alpha1/expansion_generated.go b/pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go similarity index 97% rename from pkg/client/listers/security/v1alpha1/expansion_generated.go rename to pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go index a12a5658fe7..cb76de60c46 100644 --- a/pkg/client/listers/security/v1alpha1/expansion_generated.go +++ b/pkg/legacyclient/listers/security/v1alpha1/expansion_generated.go @@ -1,4 +1,4 @@ -// Copyright 2020 Antrea Authors +// Copyright 2021 Antrea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. diff --git a/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go b/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go new file mode 100644 index 00000000000..7b764760d96 --- /dev/null +++ b/pkg/legacyclient/listers/security/v1alpha1/networkpolicy.go @@ -0,0 +1,92 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// NetworkPolicyLister helps list NetworkPolicies. +type NetworkPolicyLister interface { + // List lists all NetworkPolicies in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) + // NetworkPolicies returns an object that can list and get NetworkPolicies. + NetworkPolicies(namespace string) NetworkPolicyNamespaceLister + NetworkPolicyListerExpansion +} + +// networkPolicyLister implements the NetworkPolicyLister interface. +type networkPolicyLister struct { + indexer cache.Indexer +} + +// NewNetworkPolicyLister returns a new NetworkPolicyLister. +func NewNetworkPolicyLister(indexer cache.Indexer) NetworkPolicyLister { + return &networkPolicyLister{indexer: indexer} +} + +// List lists all NetworkPolicies in the indexer. +func (s *networkPolicyLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.NetworkPolicy)) + }) + return ret, err +} + +// NetworkPolicies returns an object that can list and get NetworkPolicies. +func (s *networkPolicyLister) NetworkPolicies(namespace string) NetworkPolicyNamespaceLister { + return networkPolicyNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// NetworkPolicyNamespaceLister helps list and get NetworkPolicies. +type NetworkPolicyNamespaceLister interface { + // List lists all NetworkPolicies in the indexer for a given namespace. + List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) + // Get retrieves the NetworkPolicy from the indexer for a given namespace and name. + Get(name string) (*v1alpha1.NetworkPolicy, error) + NetworkPolicyNamespaceListerExpansion +} + +// networkPolicyNamespaceLister implements the NetworkPolicyNamespaceLister +// interface. +type networkPolicyNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all NetworkPolicies in the indexer for a given namespace. +func (s networkPolicyNamespaceLister) List(selector labels.Selector) (ret []*v1alpha1.NetworkPolicy, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.NetworkPolicy)) + }) + return ret, err +} + +// Get retrieves the NetworkPolicy from the indexer for a given namespace and name. +func (s networkPolicyNamespaceLister) Get(name string) (*v1alpha1.NetworkPolicy, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("networkpolicy"), name) + } + return obj.(*v1alpha1.NetworkPolicy), nil +} diff --git a/pkg/legacyclient/listers/security/v1alpha1/tier.go b/pkg/legacyclient/listers/security/v1alpha1/tier.go new file mode 100644 index 00000000000..c2c3dcb43dd --- /dev/null +++ b/pkg/legacyclient/listers/security/v1alpha1/tier.go @@ -0,0 +1,63 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1alpha1 + +import ( + v1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// TierLister helps list Tiers. +type TierLister interface { + // List lists all Tiers in the indexer. + List(selector labels.Selector) (ret []*v1alpha1.Tier, err error) + // Get retrieves the Tier from the index for a given name. + Get(name string) (*v1alpha1.Tier, error) + TierListerExpansion +} + +// tierLister implements the TierLister interface. +type tierLister struct { + indexer cache.Indexer +} + +// NewTierLister returns a new TierLister. +func NewTierLister(indexer cache.Indexer) TierLister { + return &tierLister{indexer: indexer} +} + +// List lists all Tiers in the indexer. +func (s *tierLister) List(selector labels.Selector) (ret []*v1alpha1.Tier, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1alpha1.Tier)) + }) + return ret, err +} + +// Get retrieves the Tier from the index for a given name. +func (s *tierLister) Get(name string) (*v1alpha1.Tier, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1alpha1.Resource("tier"), name) + } + return obj.(*v1alpha1.Tier), nil +} diff --git a/pkg/monitor/agent.go b/pkg/monitor/agent.go index 58ba5f26e62..5a905924e62 100644 --- a/pkg/monitor/agent.go +++ b/pkg/monitor/agent.go @@ -24,7 +24,7 @@ import ( "k8s.io/klog" agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" ) @@ -88,7 +88,7 @@ func (monitor *agentMonitor) syncAgentCRD() { func (monitor *agentMonitor) getAgentCRD() (*v1beta1.AntreaAgentInfo, error) { crdName := monitor.querier.GetNodeConfig().Name klog.V(2).Infof("Getting agent monitoring CRD %+v", crdName) - return monitor.client.ClusterinformationV1beta1().AntreaAgentInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) + return monitor.client.CrdV1beta1().AntreaAgentInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) } // createAgentCRD creates a new agent CRD. @@ -96,12 +96,12 @@ func (monitor *agentMonitor) createAgentCRD() (*v1beta1.AntreaAgentInfo, error) agentCRD := new(v1beta1.AntreaAgentInfo) monitor.querier.GetAgentInfo(agentCRD, false) klog.V(2).Infof("Creating agent monitoring CRD %+v", agentCRD) - return monitor.client.ClusterinformationV1beta1().AntreaAgentInfos().Create(context.TODO(), agentCRD, metav1.CreateOptions{}) + return monitor.client.CrdV1beta1().AntreaAgentInfos().Create(context.TODO(), agentCRD, metav1.CreateOptions{}) } // updateAgentCRD updates the monitoring CRD. func (monitor *agentMonitor) updateAgentCRD(partial bool) (*v1beta1.AntreaAgentInfo, error) { monitor.querier.GetAgentInfo(monitor.agentCRD, partial) klog.V(2).Infof("Updating agent monitoring CRD %+v, partial: %t", monitor.agentCRD, partial) - return monitor.client.ClusterinformationV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.agentCRD, metav1.UpdateOptions{}) + return monitor.client.CrdV1beta1().AntreaAgentInfos().Update(context.TODO(), monitor.agentCRD, metav1.UpdateOptions{}) } diff --git a/pkg/monitor/controller.go b/pkg/monitor/controller.go index ce3f511cd96..63ef0bf3e83 100644 --- a/pkg/monitor/controller.go +++ b/pkg/monitor/controller.go @@ -26,7 +26,7 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/klog" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" controllerquerier "github.com/vmware-tanzu/antrea/pkg/controller/querier" ) @@ -110,7 +110,7 @@ func (monitor *controllerMonitor) syncControllerCRD() { // getControllerCRD is used to check the existence of controller monitoring CRD. // So when the Pod restarts, it will update this monitoring CRD instead of creating a new one. func (monitor *controllerMonitor) getControllerCRD(crdName string) (*v1beta1.AntreaControllerInfo, error) { - return monitor.client.ClusterinformationV1beta1().AntreaControllerInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) + return monitor.client.CrdV1beta1().AntreaControllerInfos().Get(context.TODO(), crdName, metav1.GetOptions{}) } func (monitor *controllerMonitor) createControllerCRD(crdName string) (*v1beta1.AntreaControllerInfo, error) { @@ -118,18 +118,18 @@ func (monitor *controllerMonitor) createControllerCRD(crdName string) (*v1beta1. controllerCRD.Name = crdName monitor.querier.GetControllerInfo(controllerCRD, false) klog.V(2).Infof("Creating controller monitoring CRD %+v", controllerCRD) - return monitor.client.ClusterinformationV1beta1().AntreaControllerInfos().Create(context.TODO(), controllerCRD, metav1.CreateOptions{}) + return monitor.client.CrdV1beta1().AntreaControllerInfos().Create(context.TODO(), controllerCRD, metav1.CreateOptions{}) } // updateControllerCRD updates the monitoring CRD. func (monitor *controllerMonitor) updateControllerCRD(partial bool) (*v1beta1.AntreaControllerInfo, error) { monitor.querier.GetControllerInfo(monitor.controllerCRD, partial) klog.V(2).Infof("Updating controller monitoring CRD %+v, partial: %t", monitor.controllerCRD, partial) - return monitor.client.ClusterinformationV1beta1().AntreaControllerInfos().Update(context.TODO(), monitor.controllerCRD, metav1.UpdateOptions{}) + return monitor.client.CrdV1beta1().AntreaControllerInfos().Update(context.TODO(), monitor.controllerCRD, metav1.UpdateOptions{}) } func (monitor *controllerMonitor) deleteStaleAgentCRDs() { - crds, err := monitor.client.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ + crds, err := monitor.client.CrdV1beta1().AntreaAgentInfos().List(context.TODO(), metav1.ListOptions{ ResourceVersion: "0", }) if err != nil { @@ -165,7 +165,7 @@ func (monitor *controllerMonitor) deleteStaleAgentCRD(old interface{}) { func (monitor *controllerMonitor) deleteAgentCRD(name string) { klog.Infof("Deleting agent monitoring CRD %s", name) - err := monitor.client.ClusterinformationV1beta1().AntreaAgentInfos().Delete(context.TODO(), name, metav1.DeleteOptions{}) + err := monitor.client.CrdV1beta1().AntreaAgentInfos().Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { klog.Errorf("Failed to delete agent monitoring CRD %s: %v", name, err) } diff --git a/pkg/support/dump.go b/pkg/support/dump.go index c3b49c23c60..e648d2aec2b 100644 --- a/pkg/support/dump.go +++ b/pkg/support/dump.go @@ -15,7 +15,7 @@ import ( "k8s.io/utils/exec" agentquerier "github.com/vmware-tanzu/antrea/pkg/agent/querier" - clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + clusterinformationv1beta1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" controllerquerier "github.com/vmware-tanzu/antrea/pkg/controller/querier" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl" "github.com/vmware-tanzu/antrea/pkg/querier" diff --git a/plugins/octant/cmd/antrea-octant-plugin/antrea_info.go b/plugins/octant/cmd/antrea-octant-plugin/antrea_info.go index 4229efcd179..cd1c94fa5f4 100644 --- a/plugins/octant/cmd/antrea-octant-plugin/antrea_info.go +++ b/plugins/octant/cmd/antrea-octant-plugin/antrea_info.go @@ -60,7 +60,7 @@ func (p *antreaOctantPlugin) agentHandler(request service.Request) (component.Co // getControllerTable gets the table for displaying Controller information func (p *antreaOctantPlugin) getControllerTable(request service.Request) *component.Table { - controllers, err := p.client.ClusterinformationV1beta1().AntreaControllerInfos().List(context.TODO(), v1.ListOptions{ + controllers, err := p.client.CrdV1beta1().AntreaControllerInfos().List(context.TODO(), v1.ListOptions{ ResourceVersion: "0", }) if err != nil { @@ -77,7 +77,7 @@ func (p *antreaOctantPlugin) getControllerTable(request service.Request) *compon serviceCol: component.NewLink(controller.ServiceRef.Name, controller.ServiceRef.Name, "/overview/namespace/"+controller.PodRef.Namespace+"/discovery-and-load-balancing/services/"+controller.ServiceRef.Name), clusterInfoCrdCol: component.NewLink(controller.Name, controller.Name, - "/cluster-overview/custom-resources/antreacontrollerinfos.clusterinformation.antrea.tanzu.vmware.com/v1beta1/"+controller.Name), + "/cluster-overview/custom-resources/antreacontrollerinfos.crd.antrea.io/v1beta1/"+controller.Name), heartbeatCol: component.NewText(controller.ControllerConditions[0].LastHeartbeatTime.String()), }) } @@ -87,7 +87,7 @@ func (p *antreaOctantPlugin) getControllerTable(request service.Request) *compon // getAgentTable gets the table for displaying Agent information. func (p *antreaOctantPlugin) getAgentTable(request service.Request) *component.Table { - agents, err := p.client.ClusterinformationV1beta1().AntreaAgentInfos().List(context.TODO(), v1.ListOptions{ + agents, err := p.client.CrdV1beta1().AntreaAgentInfos().List(context.TODO(), v1.ListOptions{ ResourceVersion: "0", }) if err != nil { @@ -105,7 +105,7 @@ func (p *antreaOctantPlugin) getAgentTable(request service.Request) *component.T bridgeCol: component.NewText(agent.OVSInfo.BridgeName), podNumCol: component.NewText(strconv.Itoa(int(agent.LocalPodNum))), clusterInfoCrdCol: component.NewLink(agent.Name, agent.Name, - "/cluster-overview/custom-resources/antreaagentinfos.clusterinformation.antrea.tanzu.vmware.com/v1beta1/"+agent.Name), + "/cluster-overview/custom-resources/antreaagentinfos.crd.antrea.io/v1beta1/"+agent.Name), heartbeatCol: component.NewText(agent.AgentConditions[0].LastHeartbeatTime.String()), }) } diff --git a/plugins/octant/cmd/antrea-octant-plugin/main.go b/plugins/octant/cmd/antrea-octant-plugin/main.go index 3c64975c1bf..885a4026d9d 100644 --- a/plugins/octant/cmd/antrea-octant-plugin/main.go +++ b/plugins/octant/cmd/antrea-octant-plugin/main.go @@ -25,7 +25,7 @@ import ( "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/tools/clientcmd" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" clientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" ) @@ -40,7 +40,7 @@ const ( type antreaOctantPlugin struct { client *clientset.Clientset graph string - lastTf *opsv1alpha1.Traceflow + lastTf *crdv1alpha1.Traceflow } func newAntreaOctantPlugin() *antreaOctantPlugin { @@ -61,7 +61,7 @@ func newAntreaOctantPlugin() *antreaOctantPlugin { return &antreaOctantPlugin{ client: client, graph: "", - lastTf: &opsv1alpha1.Traceflow{ + lastTf: &crdv1alpha1.Traceflow{ ObjectMeta: v1.ObjectMeta{Name: ""}, }, } diff --git a/plugins/octant/cmd/antrea-octant-plugin/traceflow.go b/plugins/octant/cmd/antrea-octant-plugin/traceflow.go index f0af1bcc019..08068c5288f 100644 --- a/plugins/octant/cmd/antrea-octant-plugin/traceflow.go +++ b/plugins/octant/cmd/antrea-octant-plugin/traceflow.go @@ -30,7 +30,7 @@ import ( "k8s.io/apimachinery/pkg/api/validation" "k8s.io/apimachinery/pkg/apis/meta/v1" - opsv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/graphviz" ) @@ -42,7 +42,7 @@ var ( const ( traceflowTitle = "Traceflow Info" antreaTraceflowTitle = "Antrea Traceflow" - octantTraceflowCRDPath = "/cluster-overview/custom-resources/traceflows.ops.antrea.tanzu.vmware.com/v1alpha1/" + octantTraceflowCRDPath = "/cluster-overview/custom-resources/traceflows.crd.antrea.io/v1alpha1/" tfNameCol = "Trace" srcNamespaceCol = "Source Namespace" @@ -61,7 +61,7 @@ const ( ) // getDstName gets the name of destination for specific traceflow. -func getDstName(tf *opsv1alpha1.Traceflow) string { +func getDstName(tf *crdv1alpha1.Traceflow) string { if len(tf.Spec.Destination.Pod) > 0 { return tf.Spec.Destination.Pod } @@ -75,15 +75,15 @@ func getDstName(tf *opsv1alpha1.Traceflow) string { } // getDstType gets the type of destination for specific traceflow. -func getDstType(tf *opsv1alpha1.Traceflow) string { +func getDstType(tf *crdv1alpha1.Traceflow) string { if len(tf.Spec.Destination.Pod) > 0 { - return opsv1alpha1.DstTypePod + return crdv1alpha1.DstTypePod } if len(tf.Spec.Destination.Service) > 0 { - return opsv1alpha1.DstTypeService + return crdv1alpha1.DstTypeService } if len(tf.Spec.Destination.IP) > 0 { - return opsv1alpha1.DstTypeIPv4 + return crdv1alpha1.DstTypeIPv4 } return "" } @@ -162,9 +162,9 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error request.DashboardClient.SendAlert(request.Context(), request.ClientID, alert) return nil } - var destination opsv1alpha1.Destination + var destination crdv1alpha1.Destination switch dstType[0] { - case opsv1alpha1.DstTypePod: + case crdv1alpha1.DstTypePod: if errs := validation.NameIsDNSSubdomain(dst, false); len(errs) != 0 { log.Printf("Invalid user input, CRD creation or Traceflow request may fail: "+ "failed to validate destination pod string %s, errs: %#v", dst, errs) @@ -181,11 +181,11 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error request.DashboardClient.SendAlert(request.Context(), request.ClientID, alert) return nil } - destination = opsv1alpha1.Destination{ + destination = crdv1alpha1.Destination{ Namespace: dstNamespace, Pod: dst, } - case opsv1alpha1.DstTypeIPv4: + case crdv1alpha1.DstTypeIPv4: s := net.ParseIP(dst) if s == nil { log.Printf("Invalid user input, CRD creation or Traceflow request may fail: "+ @@ -203,10 +203,10 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error request.DashboardClient.SendAlert(request.Context(), request.ClientID, alert) return nil } - destination = opsv1alpha1.Destination{ + destination = crdv1alpha1.Destination{ IP: dst, } - case opsv1alpha1.DstTypeService: + case crdv1alpha1.DstTypeService: if errs := validation.ValidateNamespaceName(dstNamespace, false); len(errs) != 0 { log.Printf("Invalid user input, CRD creation or Traceflow request may fail: "+ "failed to validate destination namespace string %s, errs: %#v", dstNamespace, errs) @@ -223,7 +223,7 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error request.DashboardClient.SendAlert(request.Context(), request.ClientID, alert) return nil } - destination = opsv1alpha1.Destination{ + destination = crdv1alpha1.Destination{ Namespace: dstNamespace, Service: dst, } @@ -254,7 +254,7 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error // If it is, then the user creates more than one traceflows in one second, which is not allowed. tfName := srcPod + "-" + dst + "-" + time.Now().Format(TIME_FORMAT_YYYYMMDD_HHMMSS) ctx := context.Background() - tfOld, _ := p.client.OpsV1alpha1().Traceflows().Get(ctx, tfName, v1.GetOptions{}) + tfOld, _ := p.client.CrdV1alpha1().Traceflows().Get(ctx, tfName, v1.GetOptions{}) if tfOld.Name == tfName { log.Printf("Invalid user input, CRD creation or Traceflow request may fail: "+ "duplicate traceflow \"%s\": same source pod and destination pod in less than one second: %+v. ", tfName, tfOld) @@ -264,28 +264,28 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error return nil } - tf := &opsv1alpha1.Traceflow{ + tf := &crdv1alpha1.Traceflow{ ObjectMeta: v1.ObjectMeta{ Name: tfName, }, - Spec: opsv1alpha1.TraceflowSpec{ - Source: opsv1alpha1.Source{ + Spec: crdv1alpha1.TraceflowSpec{ + Source: crdv1alpha1.Source{ Namespace: srcNamespace, Pod: srcPod, }, Destination: destination, - Packet: opsv1alpha1.Packet{ - IPHeader: opsv1alpha1.IPHeader{ - Protocol: opsv1alpha1.SupportedProtocols[protocol[0]], + Packet: crdv1alpha1.Packet{ + IPHeader: crdv1alpha1.IPHeader{ + Protocol: crdv1alpha1.SupportedProtocols[protocol[0]], }, }, }, } switch tf.Spec.Packet.IPHeader.Protocol { - case opsv1alpha1.TCPProtocol: + case crdv1alpha1.TCPProtocol: { - tf.Spec.Packet.TransportHeader.TCP = &opsv1alpha1.TCPHeader{ + tf.Spec.Packet.TransportHeader.TCP = &crdv1alpha1.TCPHeader{ Flags: 2, } if hasSrcPort { @@ -295,9 +295,9 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error tf.Spec.Packet.TransportHeader.TCP.DstPort = int32(dstPort) } } - case opsv1alpha1.UDPProtocol: + case crdv1alpha1.UDPProtocol: { - tf.Spec.Packet.TransportHeader.UDP = &opsv1alpha1.UDPHeader{} + tf.Spec.Packet.TransportHeader.UDP = &crdv1alpha1.UDPHeader{} if hasSrcPort { tf.Spec.Packet.TransportHeader.UDP.SrcPort = int32(srcPort) } @@ -305,16 +305,16 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error tf.Spec.Packet.TransportHeader.UDP.DstPort = int32(dstPort) } } - case opsv1alpha1.ICMPProtocol: + case crdv1alpha1.ICMPProtocol: { - tf.Spec.Packet.TransportHeader.ICMP = &opsv1alpha1.ICMPEchoRequestHeader{ + tf.Spec.Packet.TransportHeader.ICMP = &crdv1alpha1.ICMPEchoRequestHeader{ ID: 0, Sequence: 0, } } } log.Printf("Get user input successfully, traceflow: %+v", tf) - tf, err = p.client.OpsV1alpha1().Traceflows().Create(ctx, tf, v1.CreateOptions{}) + tf, err = p.client.CrdV1alpha1().Traceflows().Create(ctx, tf, v1.CreateOptions{}) if err != nil { log.Printf("Failed to create traceflow CRD \"%s\", err: %s", tfName, err) alert := action.CreateAlert(action.AlertTypeError, fmt.Sprintf("Failed to create traceflow CRD, "+ @@ -330,7 +330,7 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error go func(tfName string) { age := time.Second * 300 time.Sleep(age) - err := p.client.OpsV1alpha1().Traceflows().Delete(context.Background(), tfName, v1.DeleteOptions{}) + err := p.client.CrdV1alpha1().Traceflows().Delete(context.Background(), tfName, v1.DeleteOptions{}) if err != nil { log.Printf("Failed to delete traceflow CRD \"%s\", err: %s", tfName, err) return @@ -358,7 +358,7 @@ func (p *antreaOctantPlugin) actionHandler(request *service.ActionRequest) error } // Invoke GenGraph to show ctx := context.Background() - tf, err := p.client.OpsV1alpha1().Traceflows().Get(ctx, name, v1.GetOptions{}) + tf, err := p.client.CrdV1alpha1().Traceflows().Get(ctx, name, v1.GetOptions{}) if err != nil { log.Printf("Failed to get traceflow CRD \"%s\", err: %s ", name, err) alert := action.CreateAlert(action.AlertTypeError, fmt.Sprintf("Failed to get traceflow CRD, "+ @@ -389,23 +389,23 @@ func (p *antreaOctantPlugin) traceflowHandler(request service.Request) (componen card := component.NewCard(component.TitleFromString(antreaTraceflowTitle)) // Construct the available values of destination types. - dstTypeSelect := make([]component.InputChoice, len(opsv1alpha1.SupportedDestinationTypes)) - for i, t := range opsv1alpha1.SupportedDestinationTypes { + dstTypeSelect := make([]component.InputChoice, len(crdv1alpha1.SupportedDestinationTypes)) + for i, t := range crdv1alpha1.SupportedDestinationTypes { dstTypeSelect[i] = component.InputChoice{ Label: t, Value: t, Checked: false, } // Set the default destination type. - if t == opsv1alpha1.DstTypePod { + if t == crdv1alpha1.DstTypePod { dstTypeSelect[i].Checked = true } } // Construct the available values of protocols. - protocolSelect := make([]component.InputChoice, len(opsv1alpha1.SupportedProtocols)) + protocolSelect := make([]component.InputChoice, len(crdv1alpha1.SupportedProtocols)) i := 0 - for p := range opsv1alpha1.SupportedProtocols { + for p := range crdv1alpha1.SupportedProtocols { protocolSelect[i] = component.InputChoice{ Label: p, Value: p, @@ -452,7 +452,7 @@ func (p *antreaOctantPlugin) traceflowHandler(request service.Request) (componen // Invoke GenGraph to show log.Printf("Generating content from CRD...") ctx := context.Background() - tf, err := p.client.OpsV1alpha1().Traceflows().Get(ctx, p.lastTf.Name, v1.GetOptions{}) + tf, err := p.client.CrdV1alpha1().Traceflows().Get(ctx, p.lastTf.Name, v1.GetOptions{}) if err != nil { log.Printf("Failed to get latest CRD, using traceflow results cache, last traceflow name: %s, err: %s", p.lastTf.Name, err) p.graph, err = graphviz.GenGraph(p.lastTf) @@ -508,7 +508,7 @@ func (p *antreaOctantPlugin) traceflowHandler(request service.Request) (componen // getTfTable gets the table for displaying Traceflow information func (p *antreaOctantPlugin) getTfTable(request service.Request) *component.Table { ctx := context.Background() - tfs, err := p.client.OpsV1alpha1().Traceflows().List(ctx, v1.ListOptions{ResourceVersion: "0"}) + tfs, err := p.client.CrdV1alpha1().Traceflows().List(ctx, v1.ListOptions{ResourceVersion: "0"}) if err != nil { log.Fatalf("Failed to get Traceflows %v", err) return nil @@ -525,7 +525,7 @@ func (p *antreaOctantPlugin) getTfTable(request service.Request) *component.Tabl dstNamespaceCol: component.NewText(tf.Spec.Destination.Namespace), dstTypeCol: component.NewText(getDstType(&tf)), dstCol: component.NewText(getDstName(&tf)), - protocolCol: component.NewText(opsv1alpha1.ProtocolsToString[tf.Spec.Packet.IPHeader.Protocol]), + protocolCol: component.NewText(crdv1alpha1.ProtocolsToString[tf.Spec.Packet.IPHeader.Protocol]), phaseCol: component.NewText(string(tf.Status.Phase)), ageCol: component.NewTimestamp(tf.CreationTimestamp.Time), }) diff --git a/test/e2e/antreapolicy_test.go b/test/e2e/antreapolicy_test.go index 4f72f80b02b..461a1466467 100644 --- a/test/e2e/antreapolicy_test.go +++ b/test/e2e/antreapolicy_test.go @@ -26,14 +26,17 @@ import ( "github.com/stretchr/testify/assert" v1 "k8s.io/api/core/v1" v1net "k8s.io/api/networking/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" "k8s.io/apimachinery/pkg/util/sets" "k8s.io/apimachinery/pkg/util/wait" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" "github.com/vmware-tanzu/antrea/pkg/features" + legacycorev1a2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacysecv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" . "github.com/vmware-tanzu/antrea/test/e2e/utils" ) @@ -48,14 +51,23 @@ var ( ) const ( - // provide enough time for policies to be enforced & deleted by the CNI plugin. - networkPolicyDelay = 2 * time.Second + // Provide enough time for policies to be enforced & deleted by the CNI plugin. + networkPolicyDelay = 1500 * time.Millisecond // provide enough time for groups to have members computed. groupDelay = time.Second + // Verification of deleting/creating resources timed out. + timeout = 10 * time.Second // audit log directory on Antrea Agent logDir = "/var/log/antrea/networkpolicy/" logfileName = "np.log" defaultTierName = "application" + + resourceACNP = "acnp" + resourceANP = "anp" + resourceNetworkPolicy = "networkPolicy" + resourceCG = "clusterGroup" + resourceSVC = "service" + resourceTier = "tier" ) func failOnError(err error, t *testing.T) { @@ -66,6 +78,13 @@ func failOnError(err error, t *testing.T) { } } +func warningOnTimeoutError(err error, t *testing.T) { + if err != nil { + log.Warningf("Timeout for getting expected status and the tests may get unexpted results.") + t.Fatalf("test warned: %v", err) + } +} + // TestCase is a collection of TestSteps to be tested against. type TestCase struct { Name string @@ -107,6 +126,10 @@ func initialize(t *testing.T, data *TestData) { p8085 = 8085 pods = []string{"a", "b", "c"} namespaces = []string{"x", "y", "z"} + // This function "initialize" will be used more than once, and variable "allPods" is global. + // It should be empty every time when "initialize" is performed, otherwise there will be expected + // results. + allPods = []Pod{} for _, podName := range pods { for _, ns := range namespaces { @@ -210,7 +233,7 @@ func testMutateACNPNoRuleName(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). SetPriority(10.0). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) acnp, err := k8sUtils.CreateOrUpdateACNP(acnp) @@ -235,7 +258,7 @@ func testMutateANPNoRuleName(t *testing.T) { SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). SetPriority(10.0). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "") anp := builder.Get() log.Debugf("creating ANP %v", anp.Name) anp, err := k8sUtils.CreateOrUpdateANP(anp) @@ -272,9 +295,9 @@ func testInvalidACNPRuleNameNotUnique(t *testing.T) { builder = builder.SetName("acnp-rule-name-not-unique"). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "not-unique"). + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "not-unique"). AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "not-unique") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "not-unique") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -304,7 +327,7 @@ func testInvalidACNPPortRangePortUnset(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "acnp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) @@ -321,7 +344,7 @@ func testInvalidACNPPortRangeEndPortSmall(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "acnp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) @@ -341,7 +364,7 @@ func testInvalidACNPSpecAppliedToRuleAppliedToSet(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ACNPAppliedToSpec{ruleAppTo}, secv1alpha1.RuleActionAllow, "", "") + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -359,9 +382,9 @@ func testInvalidACNPAppliedToNotSetInAllRules(t *testing.T) { builder = builder.SetName("acnp-appto-not-set-in-all-rules"). SetPriority(1.0) builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ACNPAppliedToSpec{ruleAppTo}, secv1alpha1.RuleActionAllow, "", ""). + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", ""). AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -377,7 +400,7 @@ func testInvalidACNPAppliedToCGDoesNotExist(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{Group: "cgA"}}). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -393,7 +416,7 @@ func testInvalidACNPCGDoesNotExist(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, - nil, nil, nil, secv1alpha1.RuleActionAllow, "cgA", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "cgA", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -414,7 +437,7 @@ func testInvalidACNPIngressPeerCGSetWithPodSelector(t *testing.T) { builder = builder.SetName("acnp-ingress-group-podselector-set"). SetPriority(1.0) builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, - nil, nil, []ACNPAppliedToSpec{ruleAppTo}, secv1alpha1.RuleActionAllow, "cgA", "") + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "cgA", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -434,7 +457,7 @@ func testInvalidACNPIngressPeerCGSetWithNSSelector(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "cgA", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "cgA", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -455,7 +478,7 @@ func testInvalidACNPIngressPeerCGSetWithIPBlock(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{Group: "cgA"}}) builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ACNPAppliedToSpec{{Group: "cgB"}}, secv1alpha1.RuleActionAllow, "", "") + nil, nil, []ACNPAppliedToSpec{{Group: "cgB"}}, crdv1alpha1.RuleActionAllow, "", "") acnp := builder.Get() log.Debugf("creating ACNP %v", acnp.Name) if _, err := k8sUtils.CreateOrUpdateACNP(acnp); err == nil { @@ -483,9 +506,9 @@ func testInvalidANPRuleNameNotUnique(t *testing.T) { builder = builder.SetName("x", "anp-rule-name-not-unique"). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "not-unique"). + nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique"). AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "not-unique") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique") anp := builder.Get() log.Debugf("creating ANP %v", anp.Name) if _, err := k8sUtils.CreateOrUpdateANP(anp); err == nil { @@ -515,7 +538,7 @@ func testInvalidANPPortRangePortUnset(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "anp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") anp := builder.Get() log.Debugf("creating ANP %v", anp.Name) @@ -532,7 +555,7 @@ func testInvalidANPPortRangeEndPortSmall(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "anp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") anp := builder.Get() log.Debugf("creating ANP %v", anp.Name) @@ -557,7 +580,7 @@ func testInvalidTierPriorityUpdate(t *testing.T) { failOnError(fmt.Errorf("create Tier failed for tier prio-updated-tier: %v", err), t) } // Update this tier with new priority - newTier := secv1alpha1.Tier{ + newTier := crdv1alpha1.Tier{ ObjectMeta: oldTier.ObjectMeta, Spec: oldTier.Spec, } @@ -648,7 +671,7 @@ func testACNPAllowXBtoA(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") reachability := NewReachability(allPods, Dropped) reachability.Expect(Pod("x/b"), Pod("x/a"), Connected) @@ -683,7 +706,7 @@ func testACNPAllowXBtoYA(t *testing.T) { SetPriority(2.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") reachability := NewReachability(allPods, Dropped) reachability.Expect(Pod("x/b"), Pod("y/a"), Connected) @@ -716,14 +739,14 @@ func testACNPPriorityOverrideDefaultDeny(t *testing.T) { SetPriority(2). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} builder2 = builder2.SetName("acnp-priority1"). SetPriority(1). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") // Ingress from ns:z to x/a will be dropped since acnp-priority1 has higher precedence. reachabilityBothACNP := NewReachability(allPods, Dropped) @@ -763,9 +786,9 @@ func testACNPAllowNoDefaultIsolation(t *testing.T, protocol v1.Protocol) { SetPriority(1.1). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder.AddIngress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") builder.AddEgress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") reachability := NewReachability(allPods, Connected) testStep := []*TestStep{ @@ -796,7 +819,7 @@ func testACNPDropEgress(t *testing.T, protocol v1.Protocol) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddEgress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -833,7 +856,7 @@ func testACNPNoEffectOnOtherProtocols(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachability1 := NewReachability(allPods, Connected) reachability1.Expect(Pod("z/a"), Pod("x/a"), Dropped) @@ -888,7 +911,7 @@ func testACNPAppliedToDenyXBtoCGWithYA(t *testing.T) { SetPriority(2.0). SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) @@ -925,7 +948,7 @@ func testACNPIngressRuleDenyCGWithXBtoYA(t *testing.T) { SetPriority(2.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, cgName, "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) @@ -959,7 +982,7 @@ func testACNPAppliedToRuleCGWithPodsAToNsZ(t *testing.T) { builder = builder.SetName("acnp-deny-cg-with-a-to-z"). SetPriority(1.0) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, []ACNPAppliedToSpec{{Group: cgName}}, secv1alpha1.RuleActionDrop, "", "") + nil, nil, []ACNPAppliedToSpec{{Group: cgName}}, crdv1alpha1.RuleActionDrop, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -1000,7 +1023,7 @@ func testACNPEgressRulePodsAToCGWithNsZ(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, cgName, "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -1044,7 +1067,7 @@ func testACNPClusterGroupUpdateAppliedTo(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -1107,7 +1130,7 @@ func testACNPClusterGroupUpdate(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, cgName, "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -1167,7 +1190,7 @@ func testACNPClusterGroupAppliedToPodAdd(t *testing.T, data *TestData) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "j"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") cp := []*CustomProbe{ { SourcePod: CustomPod{ @@ -1212,7 +1235,7 @@ func testACNPClusterGroupRefRulePodAdd(t *testing.T, data *TestData) { SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "k"}, NSSelector: map[string]string{"ns": "x"}}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, cgName, "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") cp := []*CustomProbe{ { SourcePod: CustomPod{ @@ -1260,7 +1283,7 @@ func testBaselineNamespaceIsolation(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, &[]metav1.LabelSelectorRequirement{nsExpOtherThanX}, - nil, secv1alpha1.RuleActionDrop, "", "") + nil, crdv1alpha1.RuleActionDrop, "", "") // create a K8s NetworkPolicy for Pods in namespace x to allow ingress traffic from Pods in the same namespace, // as well as from the y/a Pod. It should open up ingress from y/a since it's evaluated before the baseline tier. @@ -1321,7 +1344,7 @@ func testACNPPriorityOverride(t *testing.T) { cidr := podZBIP + "/32" // Highest priority. Drops traffic from z/b to x/a. builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} builder2 = builder2.SetName("acnp-priority2"). @@ -1329,7 +1352,7 @@ func testACNPPriorityOverride(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) // Medium priority. Allows traffic from z to x/a. builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") builder3 := &ClusterNetworkPolicySpecBuilder{} builder3 = builder3.SetName("acnp-priority3"). @@ -1337,7 +1360,7 @@ func testACNPPriorityOverride(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) // Lowest priority. Drops traffic from z to x. builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachabilityTwoACNPs := NewReachability(allPods, Connected) reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) @@ -1400,7 +1423,7 @@ func testACNPTierOverride(t *testing.T) { cidr := podZBIP + "/32" // Highest priority tier. Drops traffic from z/b to x/a. builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, nil, nil, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} builder2 = builder2.SetName("acnp-tier-securityops"). @@ -1409,7 +1432,7 @@ func testACNPTierOverride(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) // Medium priority tier. Allows traffic from z to x/a. builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") builder3 := &ClusterNetworkPolicySpecBuilder{} builder3 = builder3.SetName("acnp-tier-application"). @@ -1418,7 +1441,7 @@ func testACNPTierOverride(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) // Lowest priority tier. Drops traffic from z to x. builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachabilityTwoACNPs := NewReachability(allPods, Connected) reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) @@ -1471,6 +1494,8 @@ func testACNPTierOverride(t *testing.T) { // testACNPTierOverride tests tier priority overriding in three Policies with custom created tiers. // Each ACNP controls a smaller set of traffic patterns as tier priority increases. func testACNPCustomTiers(t *testing.T) { + k8sUtils.DeleteTier("high-priority") + k8sUtils.DeleteTier("low-priority") // Create two custom tiers with tier priority immediately next to each other. _, err := k8sUtils.CreateNewTier("high-priority", 245) failOnError(err, t) @@ -1484,7 +1509,7 @@ func testACNPCustomTiers(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) // Medium priority tier. Allows traffic from z to x/a. builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} builder2 = builder2.SetName("acnp-tier-low"). @@ -1493,7 +1518,7 @@ func testACNPCustomTiers(t *testing.T) { SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) // Lowest priority tier. Drops traffic from z to x. builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") reachabilityTwoACNPs := NewReachability(allPods, Connected) reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) @@ -1520,9 +1545,9 @@ func testACNPCustomTiers(t *testing.T) { executeTests(t, testCase) // Cleanup customed tiers. ACNPs created in those tiers need to be deleted first. failOnError(k8sUtils.CleanACNPs(), t) - time.Sleep(networkPolicyDelay) failOnError(k8sUtils.DeleteTier("high-priority"), t) failOnError(k8sUtils.DeleteTier("low-priority"), t) + time.Sleep(networkPolicyDelay) } // testACNPPriorityConflictingRule tests that if there are two Policies in the cluster with rules that conflicts with @@ -1533,7 +1558,7 @@ func testACNPPriorityConflictingRule(t *testing.T) { SetPriority(1). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} builder2 = builder2.SetName("acnp-allow"). @@ -1542,7 +1567,7 @@ func testACNPPriorityConflictingRule(t *testing.T) { // The following ingress rule will take no effect as it is exactly the same as ingress rule of cnp-drop, // but cnp-allow has lower priority. builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") reachabilityBothACNP := NewReachability(allPods, Connected) reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/a"), Dropped) @@ -1582,10 +1607,10 @@ func testACNPRulePrioirty(t *testing.T) { SetPriority(5). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") // This rule should take no effect as it will be overridden by the first rule of cnp-allow builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") builder2 := &ClusterNetworkPolicySpecBuilder{} // acnp-allow will also apply to all pods in namespace x @@ -1593,10 +1618,10 @@ func testACNPRulePrioirty(t *testing.T) { SetPriority(5). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") // This rule should take no effect as it will be overridden by the first rule of cnp-drop builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") // Only egress from pods in namespace x to namespace y should be denied reachabilityBothACNP := NewReachability(allPods, Connected) @@ -1635,7 +1660,7 @@ func testACNPPortRange(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "acnp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) @@ -1672,7 +1697,7 @@ func testACNPRejectEgress(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionReject, "", "") + nil, nil, nil, crdv1alpha1.RuleActionReject, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/a"), Pod("z/a"), Rejected) @@ -1709,7 +1734,7 @@ func testACNPRejectIngress(t *testing.T, protocol v1.Protocol) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddIngress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionReject, "", "") + nil, nil, nil, crdv1alpha1.RuleActionReject, "", "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("z/a"), Pod("x/a"), Rejected) @@ -1746,7 +1771,7 @@ func testANPPortRange(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "anp-port-range") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("y/b"), Pod("x/c"), Dropped) @@ -1777,7 +1802,7 @@ func testANPBasic(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) @@ -1825,7 +1850,7 @@ func testAuditLoggingBasic(t *testing.T, data *TestData) { SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") builder.AddEgressLogging() _, err := k8sUtils.CreateOrUpdateACNP(builder.Get()) @@ -1869,9 +1894,9 @@ func testAppliedToPerRule(t *testing.T) { anpATGrp1 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "a"}, PodSelectorMatchExp: nil} anpATGrp2 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "b"}, PodSelectorMatchExp: nil} builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ANPAppliedToSpec{anpATGrp1}, secv1alpha1.RuleActionDrop, "") + nil, nil, []ANPAppliedToSpec{anpATGrp1}, crdv1alpha1.RuleActionDrop, "") builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, []ANPAppliedToSpec{anpATGrp2}, secv1alpha1.RuleActionDrop, "") + nil, nil, []ANPAppliedToSpec{anpATGrp2}, crdv1alpha1.RuleActionDrop, "") reachability := NewReachability(allPods, Connected) reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) @@ -1896,9 +1921,9 @@ func testAppliedToPerRule(t *testing.T) { PodSelector: map[string]string{"pod": "b"}, NSSelector: map[string]string{"ns": "y"}, PodSelectorMatchExp: nil, NSSelectorMatchExp: nil} builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, []ACNPAppliedToSpec{cnpATGrp1}, secv1alpha1.RuleActionDrop, "", "") + nil, nil, []ACNPAppliedToSpec{cnpATGrp1}, crdv1alpha1.RuleActionDrop, "", "") builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, - nil, nil, []ACNPAppliedToSpec{cnpATGrp2}, secv1alpha1.RuleActionDrop, "", "") + nil, nil, []ACNPAppliedToSpec{cnpATGrp2}, crdv1alpha1.RuleActionDrop, "", "") reachability2 := NewReachability(allPods, Connected) reachability2.Expect(Pod("x/b"), Pod("x/a"), Dropped) @@ -1938,7 +1963,7 @@ func testACNPClusterGroupServiceRefCreateAndUpdate(t *testing.T, data *TestData) builder := &ClusterNetworkPolicySpecBuilder{} builder = builder.SetName("cnp-cg-svc-ref").SetPriority(1.0).SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cg1Name}}) builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, - nil, secv1alpha1.RuleActionDrop, cg2Name, "") + nil, crdv1alpha1.RuleActionDrop, cg2Name, "") // Pods backing svc1 (label pod=a) in Namespace x should not allow ingress from Pods backing svc2 (label pod=b) in Namespace y. reachability := NewReachability(allPods, Connected) @@ -1991,7 +2016,7 @@ func testACNPClusterGroupServiceRefCreateAndUpdate(t *testing.T, data *TestData) builderUpdated = builderUpdated.SetName("cnp-cg-svc-ref").SetPriority(1.0) builderUpdated.SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) builderUpdated.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "y"}, - nil, nil, nil, secv1alpha1.RuleActionDrop, "", "") + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") // Pod x/a should not allow ingress from y/b per the updated ACNP spec. testStep3 := &TestStep{ @@ -2029,7 +2054,7 @@ func testACNPNestedClusterGroupCreateAndUpdate(t *testing.T, data *TestData) { builder = builder.SetName("cnp-nested-cg").SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "z"}}}). AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, - nil, secv1alpha1.RuleActionDrop, cgNestedName, "") + nil, crdv1alpha1.RuleActionDrop, cgNestedName, "") // Pods in Namespace z should not allow ingress from Pods backing svc1 (label pod=a) in Namespace x. reachability := NewReachability(allPods, Connected) @@ -2103,6 +2128,8 @@ func executeTestsWithData(t *testing.T, testList []*TestCase, data *TestData) { log.Infof("running step %s of test case %s", step.Name, testCase.Name) applyTestStepServicesAndGroups(t, step) applyTestStepPolicies(t, step) + time.Sleep(networkPolicyDelay) + reachability := step.Reachability if reachability != nil { start := time.Now() @@ -2128,6 +2155,7 @@ func executeTestsWithData(t *testing.T, testList []*TestCase, data *TestData) { log.Debugf("Cleaning-up all policies and groups created by this Testcase and sleeping for %v", networkPolicyDelay) cleanupTestCasePolicies(t, testCase) cleanupTestCaseServicesAndGroups(t, testCase) + time.Sleep(networkPolicyDelay) } allTestList = append(allTestList, testList...) } @@ -2151,16 +2179,17 @@ func doProbe(t *testing.T, data *TestData, p *CustomProbe, protocol v1.Protocol) func applyTestStepPolicies(t *testing.T, step *TestStep) { for _, policy := range step.Policies { switch p := policy.(type) { - case *secv1alpha1.ClusterNetworkPolicy: + case *crdv1alpha1.ClusterNetworkPolicy: _, err := k8sUtils.CreateOrUpdateACNP(p) failOnError(err, t) - case *secv1alpha1.NetworkPolicy: + case *crdv1alpha1.NetworkPolicy: _, err := k8sUtils.CreateOrUpdateANP(p) failOnError(err, t) case *v1net.NetworkPolicy: _, err := k8sUtils.CreateOrUpdateNetworkPolicy(p) failOnError(err, t) } + failOnError(waitForResourceReady(policy, timeout), t) } if len(step.Policies) > 0 { log.Debugf("Sleeping for %v for all policies to take effect", networkPolicyDelay) @@ -2175,9 +2204,9 @@ func cleanupTestCasePolicies(t *testing.T, c *TestCase) { for _, step := range c.Steps { for _, policy := range step.Policies { switch p := policy.(type) { - case *secv1alpha1.ClusterNetworkPolicy: + case *crdv1alpha1.ClusterNetworkPolicy: acnpsToDelete.Insert(p.Name) - case *secv1alpha1.NetworkPolicy: + case *crdv1alpha1.NetworkPolicy: anpsToDelete.Insert(p.Namespace + "/" + p.Name) case *v1net.NetworkPolicy: npsToDelete.Insert(p.Namespace + "/" + p.Name) @@ -2186,12 +2215,19 @@ func cleanupTestCasePolicies(t *testing.T, c *TestCase) { } for _, acnp := range acnpsToDelete.List() { failOnError(k8sUtils.DeleteACNP(acnp), t) + failOnError(waitForResourceDelete("", acnp, resourceACNP, timeout), t) } for _, anp := range anpsToDelete.List() { - failOnError(k8sUtils.DeleteANP(strings.Split(anp, "/")[0], strings.Split(anp, "/")[1]), t) + namespace := strings.Split(anp, "/")[0] + name := strings.Split(anp, "/")[1] + failOnError(k8sUtils.DeleteANP(namespace, name), t) + failOnError(waitForResourceDelete(namespace, name, resourceANP, timeout), t) } for _, np := range npsToDelete.List() { - failOnError(k8sUtils.DeleteNetworkPolicy(strings.Split(np, "/")[0], strings.Split(np, "/")[1]), t) + namespace := strings.Split(np, "/")[0] + name := strings.Split(np, "/")[1] + failOnError(k8sUtils.DeleteNetworkPolicy(namespace, name), t) + failOnError(waitForResourceDelete(namespace, name, resourceNetworkPolicy, timeout), t) } if acnpsToDelete.Len()+anpsToDelete.Len()+npsToDelete.Len() > 0 { log.Debugf("Sleeping for %v for all policy deletions to take effect", networkPolicyDelay) @@ -2202,13 +2238,14 @@ func cleanupTestCasePolicies(t *testing.T, c *TestCase) { func applyTestStepServicesAndGroups(t *testing.T, step *TestStep) { for _, obj := range step.ServicesAndGroups { switch o := obj.(type) { - case *corev1a2.ClusterGroup: + case *crdv1alpha2.ClusterGroup: _, err := k8sUtils.CreateOrUpdateCG(o) failOnError(err, t) case *v1.Service: _, err := k8sUtils.CreateOrUpdateService(o) failOnError(err, t) } + failOnError(waitForResourceReady(obj, timeout), t) } if len(step.ServicesAndGroups) > 0 { log.Debugf("Sleeping for %v for all groups to have members computed", groupDelay) @@ -2227,7 +2264,7 @@ func cleanupTestCaseServicesAndGroups(t *testing.T, c *TestCase) { for _, step := range c.Steps { for _, obj := range step.ServicesAndGroups { switch o := obj.(type) { - case *corev1a2.ClusterGroup: + case *crdv1alpha2.ClusterGroup: groupsToDelete.Insert(o.Name) orderedGroups = append(orderedGroups, o.Name) case *v1.Service: @@ -2239,11 +2276,15 @@ func cleanupTestCaseServicesAndGroups(t *testing.T, c *TestCase) { cg := orderedGroups[i] if groupsToDelete.Has(cg) { failOnError(k8sUtils.DeleteCG(cg), t) + failOnError(waitForResourceDelete("", cg, resourceCG, timeout), t) groupsToDelete.Delete(cg) } } for _, svc := range svcsToDelete.List() { - failOnError(k8sUtils.DeleteService(strings.Split(svc, "/")[0], strings.Split(svc, "/")[1]), t) + namespace := strings.Split(svc, "/")[0] + name := strings.Split(svc, "/")[1] + failOnError(k8sUtils.DeleteService(namespace, name), t) + failOnError(waitForResourceDelete(namespace, name, resourceSVC, timeout), t) } } @@ -2279,6 +2320,70 @@ func printResults() { fmt.Printf("\n\n") } +func waitForResourceReady(obj metav1.Object, timeout time.Duration) error { + var err error + defer timeCost()("ready") + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + switch p := obj.(type) { + case *legacysecv1alpha1.ClusterNetworkPolicy: + _, err = k8sUtils.GetACNP(p.Name) + case *legacysecv1alpha1.NetworkPolicy: + _, err = k8sUtils.GetANP(p.Namespace, p.Name) + case *legacysecv1alpha1.Tier: + _, err = k8sUtils.GetTier(p.Name) + case *legacycorev1a2.ClusterGroup: + _, err = k8sUtils.GetCG(p.Name) + case *crdv1alpha1.ClusterNetworkPolicy: + _, err = k8sUtils.GetACNP(p.Name) + case *crdv1alpha1.NetworkPolicy: + _, err = k8sUtils.GetANP(p.Namespace, p.Name) + case *crdv1alpha1.Tier: + _, err = k8sUtils.GetTier(p.Name) + case *crdv1alpha2.ClusterGroup: + _, err = k8sUtils.GetCG(p.Name) + case *v1net.NetworkPolicy: + _, err = k8sUtils.GetNetworkPolicy(p.Namespace, p.Name) + case *v1.Service: + _, err = k8sUtils.GetService(p.Namespace, p.Name) + } + if err != nil { + return false, nil + } + return true, nil + }); err != nil { + return err + } + return nil +} + +func waitForResourceDelete(namespace, name string, resource string, timeout time.Duration) error { + var err error + defer timeCost()("deleted") + if err = wait.Poll(100*time.Millisecond, timeout, func() (bool, error) { + switch resource { + case resourceACNP: + _, err = k8sUtils.GetACNP(name) + case resourceANP: + _, err = k8sUtils.GetANP(namespace, name) + case resourceTier: + _, err = k8sUtils.GetTier(name) + case resourceCG: + _, err = k8sUtils.GetCG(name) + case resourceNetworkPolicy: + _, err = k8sUtils.GetNetworkPolicy(namespace, name) + case resourceSVC: + _, err = k8sUtils.GetService(namespace, name) + } + if err != nil && apierrors.IsNotFound(err) { + return true, nil + } + return false, nil + }); err != nil { + return err + } + return nil +} + func TestAntreaPolicy(t *testing.T) { data, err := setupTest(t) if err != nil { @@ -2392,33 +2497,33 @@ func TestAntreaPolicyStatus(t *testing.T) { SetPriority(1.0). SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) anpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "") anp := anpBuilder.Get() log.Debugf("creating ANP %v", anp.Name) - _, err = data.securityClient.NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) + _, err = data.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) assert.NoError(t, err) - defer data.securityClient.NetworkPolicies(anp.Namespace).Delete(context.TODO(), anp.Name, metav1.DeleteOptions{}) + defer data.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Delete(context.TODO(), anp.Name, metav1.DeleteOptions{}) acnpBuilder := &ClusterNetworkPolicySpecBuilder{} acnpBuilder = acnpBuilder.SetName("acnp-applied-to-two-nodes"). SetPriority(1.0). SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) acnpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, - nil, nil, nil, secv1alpha1.RuleActionAllow, "", "") + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") acnp := acnpBuilder.Get() log.Debugf("creating ACNP %v", acnp.Name) - _, err = data.securityClient.ClusterNetworkPolicies().Create(context.TODO(), acnp, metav1.CreateOptions{}) + _, err = data.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), acnp, metav1.CreateOptions{}) assert.NoError(t, err) - defer data.securityClient.ClusterNetworkPolicies().Delete(context.TODO(), acnp.Name, metav1.DeleteOptions{}) + defer data.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), acnp.Name, metav1.DeleteOptions{}) - expectedStatus := secv1alpha1.NetworkPolicyStatus{ - Phase: secv1alpha1.NetworkPolicyRealized, + expectedStatus := crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, ObservedGeneration: 1, CurrentNodesRealized: 2, DesiredNodesRealized: 2, } err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { - anp, err := data.securityClient.NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) + anp, err := data.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) if err != nil { return false, err } @@ -2426,7 +2531,7 @@ func TestAntreaPolicyStatus(t *testing.T) { }) assert.NoError(t, err, "Antrea NetworkPolicy failed to reach expected status") err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { - anp, err := data.securityClient.ClusterNetworkPolicies().Get(context.TODO(), acnp.Name, metav1.GetOptions{}) + anp, err := data.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), acnp.Name, metav1.GetOptions{}) if err != nil { return false, err } @@ -2465,8 +2570,8 @@ func TestANPNetworkPolicyStatsWithDropAction(t *testing.T) { p10 := float64(10) intstr80 := intstr.FromInt(80) intstr443 := intstr.FromInt(443) - dropAction := secv1alpha1.RuleActionDrop - allowAction := secv1alpha1.RuleActionAllow + dropAction := crdv1alpha1.RuleActionDrop + allowAction := crdv1alpha1.RuleActionAllow selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} protocol := v1.ProtocolUDP @@ -2482,22 +2587,22 @@ func TestANPNetworkPolicyStatsWithDropAction(t *testing.T) { cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) } - var anp = &secv1alpha1.NetworkPolicy{ + var anp = &crdv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "np1", Labels: map[string]string{"antrea-e2e": "np1"}}, - Spec: secv1alpha1.NetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorC}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr80, Protocol: &protocol, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -2505,13 +2610,13 @@ func TestANPNetworkPolicyStatsWithDropAction(t *testing.T) { Action: &dropAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr443, Protocol: &protocol, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -2519,7 +2624,7 @@ func TestANPNetworkPolicyStatsWithDropAction(t *testing.T) { Action: &allowAction, }, }, - Egress: []secv1alpha1.Rule{}, + Egress: []crdv1alpha1.Rule{}, }, } @@ -2615,8 +2720,8 @@ func TestAntreaClusterNetworkPolicyStats(t *testing.T) { p10 := float64(10) intstr800 := intstr.FromInt(800) intstr4430 := intstr.FromInt(4430) - dropAction := secv1alpha1.RuleActionDrop - allowAction := secv1alpha1.RuleActionAllow + dropAction := crdv1alpha1.RuleActionDrop + allowAction := crdv1alpha1.RuleActionAllow selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} protocol := v1.ProtocolUDP @@ -2632,22 +2737,22 @@ func TestAntreaClusterNetworkPolicyStats(t *testing.T) { cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) } - var acnp = &secv1alpha1.ClusterNetworkPolicy{ + var acnp = &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "cnp1", Labels: map[string]string{"antrea-e2e": "cnp1"}}, - Spec: secv1alpha1.ClusterNetworkPolicySpec{ - AppliedTo: []secv1alpha1.NetworkPolicyPeer{ + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ {PodSelector: &selectorC}, }, Priority: p10, - Ingress: []secv1alpha1.Rule{ + Ingress: []crdv1alpha1.Rule{ { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr800, Protocol: &protocol, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -2655,13 +2760,13 @@ func TestAntreaClusterNetworkPolicyStats(t *testing.T) { Action: &allowAction, }, { - Ports: []secv1alpha1.NetworkPolicyPort{ + Ports: []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr4430, Protocol: &protocol, }, }, - From: []secv1alpha1.NetworkPolicyPeer{ + From: []crdv1alpha1.NetworkPolicyPeer{ { PodSelector: &selectorB, }, @@ -2669,7 +2774,7 @@ func TestAntreaClusterNetworkPolicyStats(t *testing.T) { Action: &dropAction, }, }, - Egress: []secv1alpha1.Rule{}, + Egress: []crdv1alpha1.Rule{}, }, } diff --git a/test/e2e/clustergroup_test.go b/test/e2e/clustergroup_test.go index a2dd3aca0a9..f4c34b81e9e 100644 --- a/test/e2e/clustergroup_test.go +++ b/test/e2e/clustergroup_test.go @@ -20,8 +20,8 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - corev1a1 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" ) func testInvalidCGIPBlockWithPodSelector(t *testing.T) { @@ -29,12 +29,12 @@ func testInvalidCGIPBlockWithPodSelector(t *testing.T) { cgName := "ipb-pod" pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} cidr := "10.0.0.10/32" - ipb := &secv1alpha1.IPBlock{CIDR: cidr} - cg := &corev1a1.ClusterGroup{ + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: pSel, IPBlock: ipb, }, @@ -50,12 +50,12 @@ func testInvalidCGIPBlockWithNSSelector(t *testing.T) { cgName := "ipb-ns" nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} cidr := "10.0.0.10/32" - ipb := &secv1alpha1.IPBlock{CIDR: cidr} - cg := &corev1a1.ClusterGroup{ + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: nSel, IPBlock: ipb, }, @@ -70,15 +70,15 @@ func testInvalidCGServiceRefWithPodSelector(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with serviceReference and podSelector") cgName := "svcref-pod-selector" pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - svcRef := &corev1a1.ServiceReference{ + svcRef := &crdv1alpha2.ServiceReference{ Namespace: "y", Name: "test-svc", } - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: pSel, ServiceReference: svcRef, }, @@ -93,15 +93,15 @@ func testInvalidCGServiceRefWithNSSelector(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with serviceReference and namespaceSelector") cgName := "svcref-ns-selector" nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} - svcRef := &corev1a1.ServiceReference{ + svcRef := &crdv1alpha2.ServiceReference{ Namespace: "y", Name: "test-svc", } - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ NamespaceSelector: nSel, ServiceReference: svcRef, }, @@ -116,16 +116,16 @@ func testInvalidCGServiceRefWithIPBlock(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with ipblock and namespaceSelector") cgName := "ipb-svcref" cidr := "10.0.0.10/32" - ipb := &secv1alpha1.IPBlock{CIDR: cidr} - svcRef := &corev1a1.ServiceReference{ + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + svcRef := &crdv1alpha2.ServiceReference{ Namespace: "y", Name: "test-svc", } - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ ServiceReference: svcRef, IPBlock: ipb, }, @@ -139,12 +139,12 @@ func testInvalidCGServiceRefWithIPBlock(t *testing.T) { func testInvalidCGChildGroupDoesNotExist(t *testing.T) { invalidErr := fmt.Errorf("clustergroup childGroup does not exist") cgName := "child-group-not-exist" - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ - ChildGroups: []corev1a1.ClusterGroupReference{corev1a1.ClusterGroupReference("some-non-existing-cg")}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference("some-non-existing-cg")}, }, } if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { @@ -156,11 +156,11 @@ func testInvalidCGChildGroupDoesNotExist(t *testing.T) { var testChildCGName = "test-child-cg" func createChildCGForTest(t *testing.T) { - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: testChildCGName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: &metav1.LabelSelector{}, }, } @@ -179,13 +179,13 @@ func testInvalidCGChildGroupWithPodSelector(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with childGroups and podSelector") cgName := "child-group-pod-selector" pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ PodSelector: pSel, - ChildGroups: []corev1a1.ClusterGroupReference{corev1a1.ClusterGroupReference(testChildCGName)}, + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, }, } if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { @@ -197,17 +197,17 @@ func testInvalidCGChildGroupWithPodSelector(t *testing.T) { func testInvalidCGChildGroupWithServiceReference(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with childGroups and ServiceReference") cgName := "child-group-svcref" - svcRef := &corev1a1.ServiceReference{ + svcRef := &crdv1alpha2.ServiceReference{ Namespace: "y", Name: "test-svc", } - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: corev1a1.GroupSpec{ + Spec: crdv1alpha2.GroupSpec{ ServiceReference: svcRef, - ChildGroups: []corev1a1.ClusterGroupReference{corev1a1.ClusterGroupReference(testChildCGName)}, + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, }, } if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { @@ -219,20 +219,20 @@ func testInvalidCGChildGroupWithServiceReference(t *testing.T) { func testInvalidCGMaxNestedLevel(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with childGroup which has childGroups itself") cgName1, cgName2 := "cg-nested-1", "cg-nested-2" - cg1 := &corev1a1.ClusterGroup{ + cg1 := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: cgName1}, - Spec: corev1a1.GroupSpec{ - ChildGroups: []corev1a1.ClusterGroupReference{corev1a1.ClusterGroupReference(testChildCGName)}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, }, } if _, err := k8sUtils.CreateOrUpdateCG(cg1); err != nil { // Above creation of CG must succeed as it is a valid spec. failOnError(err, t) } - cg2 := &corev1a1.ClusterGroup{ + cg2 := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: cgName2}, - Spec: corev1a1.GroupSpec{ - ChildGroups: []corev1a1.ClusterGroupReference{corev1a1.ClusterGroupReference(cgName1)}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(cgName1)}, }, } if _, err := k8sUtils.CreateOrUpdateCG(cg2); err == nil { diff --git a/test/e2e/framework.go b/test/e2e/framework.go index 0a43be3f8dd..7c712c3c9b0 100644 --- a/test/e2e/framework.go +++ b/test/e2e/framework.go @@ -49,8 +49,8 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/config" crdclientset "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/client/clientset/versioned/typed/security/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/features" + legacycrdclientset "github.com/vmware-tanzu/antrea/pkg/legacyclient/clientset/versioned" "github.com/vmware-tanzu/antrea/test/e2e/providers" ) @@ -147,8 +147,8 @@ type TestData struct { kubeConfig *restclient.Config clientset kubernetes.Interface aggregatorClient aggregatorclientset.Interface - securityClient secv1alpha1.SecurityV1alpha1Interface crdClient crdclientset.Interface + legacyCrdClient legacycrdclientset.Interface logsDirForTestCase string } @@ -764,19 +764,19 @@ func (data *TestData) createClient() error { if err != nil { return fmt.Errorf("error when creating kubernetes aggregatorClient: %v", err) } - securityClient, err := secv1alpha1.NewForConfig(kubeConfig) - if err != nil { - return fmt.Errorf("error when creating Antrea securityClient: %v", err) - } crdClient, err := crdclientset.NewForConfig(kubeConfig) if err != nil { return fmt.Errorf("error when creating CRD client: %v", err) } + legacyCrdClient, err := legacycrdclientset.NewForConfig(kubeConfig) + if err != nil { + return fmt.Errorf("error when creating legacy CRD client: %v", err) + } data.kubeConfig = kubeConfig data.clientset = clientset data.aggregatorClient = aggregatorClient - data.securityClient = securityClient data.crdClient = crdClient + data.legacyCrdClient = legacyCrdClient return nil } diff --git a/test/e2e/k8s_util.go b/test/e2e/k8s_util.go index d2058f270c7..33d63df0097 100644 --- a/test/e2e/k8s_util.go +++ b/test/e2e/k8s_util.go @@ -28,8 +28,10 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" - corev1a1 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + legacycorev1a2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacysecv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" ) type KubernetesUtils struct { @@ -260,7 +262,7 @@ func (k *KubernetesUtils) BuildService(svcName, svcNS string, port, targetPort i // CreateOrUpdateService is a convenience function for updating/creating Services. func (k *KubernetesUtils) CreateOrUpdateService(svc *v1.Service) (*v1.Service, error) { - log.Infof("creating/updating Service %s in ns %s", svc.Name, svc.Namespace) + log.Infof("Creating/updating Service %s in ns %s", svc.Name, svc.Namespace) svcReturned, err := k.clientset.CoreV1().Services(svc.Namespace).Get(context.TODO(), svc.Name, metav1.GetOptions{}) if err != nil { @@ -281,9 +283,18 @@ func (k *KubernetesUtils) CreateOrUpdateService(svc *v1.Service) (*v1.Service, e return nil, fmt.Errorf("error occurred in creating/updating Service %s", svc.Name) } +// GetService is a convenience function for getting Service +func (k *KubernetesUtils) GetService(namespace, name string) (*v1.Service, error) { + res, err := k.clientset.CoreV1().Services(namespace).Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + return res, nil +} + // DeleteService is a convenience function for deleting a Service by Namespace and name. func (k *KubernetesUtils) DeleteService(ns, name string) error { - log.Infof("deleting Service %s in ns %s", name, ns) + log.Infof("Deleting Service %s in ns %s", name, ns) err := k.clientset.CoreV1().Services(ns).Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete Service %s", name) @@ -324,6 +335,15 @@ func (k *KubernetesUtils) CreateOrUpdateNetworkPolicy(netpol *v1net.NetworkPolic return np, err } +// GetNetworkPolicy is a convenience function for getting k8s NetworkPolicies. +func (k *KubernetesUtils) GetNetworkPolicy(namespace, name string) (*v1net.NetworkPolicy, error) { + res, err := k.clientset.NetworkingV1().NetworkPolicies(namespace).Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + return res, nil +} + // DeleteNetworkPolicy is a convenience function for deleting NetworkPolicy by name and Namespace. func (k *KubernetesUtils) DeleteNetworkPolicy(ns, name string) error { log.Infof("Deleting NetworkPolicy '%s/%s'", ns, name) @@ -350,29 +370,16 @@ func (k *KubernetesUtils) CleanNetworkPolicies(namespaces []string) error { return nil } -// DeleteTier is a convenience function for deleting an Antrea Policy Tier with specific name. -func (k *KubernetesUtils) DeleteTier(name string) error { - _, err := k.securityClient.Tiers().Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - return errors.Wrapf(err, "unable to get tier %s", name) - } - log.Infof("Deleting tier %s", name) - if err = k.securityClient.Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}); err != nil { - return errors.Wrapf(err, "unable to delete tier %s", name) - } - return nil -} - // CreateTier is a convenience function for creating an Antrea Policy Tier by name and priority. -func (k *KubernetesUtils) CreateNewTier(name string, tierPriority int32) (*secv1alpha1.Tier, error) { +func (k *KubernetesUtils) CreateNewTier(name string, tierPriority int32) (*crdv1alpha1.Tier, error) { log.Infof("Creating tier %s", name) - _, err := k.securityClient.Tiers().Get(context.TODO(), name, metav1.GetOptions{}) + _, err := k.crdClient.CrdV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil { - tr := &secv1alpha1.Tier{ + tr := &crdv1alpha1.Tier{ ObjectMeta: metav1.ObjectMeta{Name: name}, - Spec: secv1alpha1.TierSpec{Priority: tierPriority}, + Spec: crdv1alpha1.TierSpec{Priority: tierPriority}, } - tr, err = k.securityClient.Tiers().Create(context.TODO(), tr, metav1.CreateOptions{}) + tr, err = k.crdClient.CrdV1alpha1().Tiers().Create(context.TODO(), tr, metav1.CreateOptions{}) if err != nil { log.Debugf("Unable to create tier %s: %s", name, err) } @@ -381,19 +388,41 @@ func (k *KubernetesUtils) CreateNewTier(name string, tierPriority int32) (*secv1 return nil, fmt.Errorf("tier with name %s already exists", name) } +// GetTier is a convenience function for getting Tier. +func (k *KubernetesUtils) GetTier(name string) (*crdv1alpha1.Tier, error) { + res, err := k.crdClient.CrdV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + return res, nil +} + // UpdateTier is a convenience function for updating an Antrea Policy Tier. -func (k *KubernetesUtils) UpdateTier(tier *secv1alpha1.Tier) (*secv1alpha1.Tier, error) { +func (k *KubernetesUtils) UpdateTier(tier *crdv1alpha1.Tier) (*crdv1alpha1.Tier, error) { log.Infof("Updating tier %s", tier.Name) - updatedTier, err := k.securityClient.Tiers().Update(context.TODO(), tier, metav1.UpdateOptions{}) + updatedTier, err := k.crdClient.CrdV1alpha1().Tiers().Update(context.TODO(), tier, metav1.UpdateOptions{}) return updatedTier, err } +// DeleteTier is a convenience function for deleting an Antrea Policy Tier with specific name. +func (k *KubernetesUtils) DeleteTier(name string) error { + _, err := k.crdClient.CrdV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to get tier %s", name) + } + log.Infof("Deleting tier %s", name) + if err = k.crdClient.CrdV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}); err != nil { + return errors.Wrapf(err, "unable to delete tier %s", name) + } + return nil +} + // CreateOrUpdateCG is a convenience function for idempotent setup of ClusterGroups -func (k *KubernetesUtils) CreateOrUpdateCG(cg *corev1a1.ClusterGroup) (*corev1a1.ClusterGroup, error) { +func (k *KubernetesUtils) CreateOrUpdateCG(cg *crdv1alpha2.ClusterGroup) (*crdv1alpha2.ClusterGroup, error) { log.Infof("Creating/updating ClusterGroup %s", cg.Name) - cgReturned, err := k.crdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) + cgReturned, err := k.crdClient.CrdV1alpha2().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) if err != nil { - cgr, err := k.crdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) + cgr, err := k.crdClient.CrdV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) if err != nil { log.Infof("Unable to create cluster group %s: %v", cg.Name, err) return nil, err @@ -402,18 +431,18 @@ func (k *KubernetesUtils) CreateOrUpdateCG(cg *corev1a1.ClusterGroup) (*corev1a1 } else if cgReturned.Name != "" { log.Debugf("ClusterGroup with name %s already exists, updating", cg.Name) cgReturned.Spec = cg.Spec - cgr, err := k.crdClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) + cgr, err := k.crdClient.CrdV1alpha2().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) return cgr, err } return nil, fmt.Errorf("error occurred in creating/updating ClusterGroup %s", cg.Name) } // CreateCG is a convenience function for creating an Antrea ClusterGroup by name and selector. -func (k *KubernetesUtils) CreateCG(name string, pSelector, nSelector *metav1.LabelSelector, ipBlock *secv1alpha1.IPBlock) (*corev1a1.ClusterGroup, error) { +func (k *KubernetesUtils) CreateCG(name string, pSelector, nSelector *metav1.LabelSelector, ipBlock *crdv1alpha1.IPBlock) (*crdv1alpha2.ClusterGroup, error) { log.Infof("Creating clustergroup %s", name) - _, err := k.crdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) + _, err := k.crdClient.CrdV1alpha2().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil { - cg := &corev1a1.ClusterGroup{ + cg := &crdv1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: name, }, @@ -427,7 +456,7 @@ func (k *KubernetesUtils) CreateCG(name string, pSelector, nSelector *metav1.Lab if ipBlock != nil { cg.Spec.IPBlock = ipBlock } - cg, err = k.crdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) + cg, err = k.crdClient.CrdV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) if err != nil { log.Debugf("Unable to create clustergroup %s: %s", name, err) } @@ -436,10 +465,19 @@ func (k *KubernetesUtils) CreateCG(name string, pSelector, nSelector *metav1.Lab return nil, fmt.Errorf("clustergroup with name %s already exists", name) } +// GetCG is a convenience function for getting ClusterGroups +func (k *KubernetesUtils) GetCG(name string) (*crdv1alpha2.ClusterGroup, error) { + res, err := k.crdClient.CrdV1alpha2().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + return res, nil +} + // DeleteCG is a convenience function for deleting ClusterGroup by name. func (k *KubernetesUtils) DeleteCG(name string) error { - log.Infof("deleting ClusterGroup %s", name) - err := k.crdClient.CoreV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) + log.Infof("Deleting ClusterGroup %s", name) + err := k.crdClient.CrdV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete ClusterGroup %s", name) } @@ -448,7 +486,7 @@ func (k *KubernetesUtils) DeleteCG(name string) error { // CleanCGs is a convenience function for deleting all ClusterGroups in the cluster. func (k *KubernetesUtils) CleanCGs() error { - l, err := k.crdClient.CoreV1alpha2().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) + l, err := k.crdClient.CrdV1alpha2().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) if err != nil { return errors.Wrapf(err, "unable to list ClusterGroups") } @@ -461,12 +499,12 @@ func (k *KubernetesUtils) CleanCGs() error { } // CreateOrUpdateACNP is a convenience function for updating/creating AntreaClusterNetworkPolicies. -func (k *KubernetesUtils) CreateOrUpdateACNP(cnp *secv1alpha1.ClusterNetworkPolicy) (*secv1alpha1.ClusterNetworkPolicy, error) { +func (k *KubernetesUtils) CreateOrUpdateACNP(cnp *crdv1alpha1.ClusterNetworkPolicy) (*crdv1alpha1.ClusterNetworkPolicy, error) { log.Infof("Creating/updating ClusterNetworkPolicy %s", cnp.Name) - cnpReturned, err := k.securityClient.ClusterNetworkPolicies().Get(context.TODO(), cnp.Name, metav1.GetOptions{}) + cnpReturned, err := k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), cnp.Name, metav1.GetOptions{}) if err != nil { log.Debugf("Creating ClusterNetworkPolicy %s", cnp.Name) - cnp, err = k.securityClient.ClusterNetworkPolicies().Create(context.TODO(), cnp, metav1.CreateOptions{}) + cnp, err = k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), cnp, metav1.CreateOptions{}) if err != nil { log.Debugf("Unable to create ClusterNetworkPolicy: %s", err) } @@ -474,59 +512,77 @@ func (k *KubernetesUtils) CreateOrUpdateACNP(cnp *secv1alpha1.ClusterNetworkPoli } else if cnpReturned.Name != "" { log.Debugf("ClusterNetworkPolicy with name %s already exists, updating", cnp.Name) cnpReturned.Spec = cnp.Spec - cnp, err = k.securityClient.ClusterNetworkPolicies().Update(context.TODO(), cnpReturned, metav1.UpdateOptions{}) + cnp, err = k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), cnpReturned, metav1.UpdateOptions{}) return cnp, err } return nil, fmt.Errorf("error occurred in creating/updating ClusterNetworkPolicy %s", cnp.Name) } -// CleanACNPs is a convenience function for deleting all Antrea ClusterNetworkPolicies in the cluster. -func (k *KubernetesUtils) CleanACNPs() error { - l, err := k.securityClient.ClusterNetworkPolicies().List(context.TODO(), metav1.ListOptions{}) +// GetACNP is a convenience function for getting AntreaClusterNetworkPolicies. +func (k *KubernetesUtils) GetACNP(name string) (*crdv1alpha1.ClusterNetworkPolicy, error) { + res, err := k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil { - return errors.Wrapf(err, "unable to list AntreaClusterNetworkPolicies") - } - for _, cnp := range l.Items { - if err = k.DeleteACNP(cnp.Name); err != nil { - return err - } + return nil, err } - return nil + return res, nil } // DeleteACNP is a convenience function for deleting ACNP by name. func (k *KubernetesUtils) DeleteACNP(name string) error { log.Infof("Deleting AntreaClusterNetworkPolicies %s", name) - err := k.securityClient.ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) + err := k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete ClusterNetworkPolicy %s", name) } return nil } +// CleanACNPs is a convenience function for deleting all Antrea ClusterNetworkPolicies in the cluster. +func (k *KubernetesUtils) CleanACNPs() error { + l, err := k.crdClient.CrdV1alpha1().ClusterNetworkPolicies().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to list AntreaClusterNetworkPolicies") + } + for _, cnp := range l.Items { + if err = k.DeleteACNP(cnp.Name); err != nil { + return err + } + } + return nil +} + // CreateOrUpdateANP is a convenience function for updating/creating Antrea NetworkPolicies. -func (k *KubernetesUtils) CreateOrUpdateANP(anp *secv1alpha1.NetworkPolicy) (*secv1alpha1.NetworkPolicy, error) { +func (k *KubernetesUtils) CreateOrUpdateANP(anp *crdv1alpha1.NetworkPolicy) (*crdv1alpha1.NetworkPolicy, error) { log.Infof("Creating/updating Antrea NetworkPolicy %s/%s", anp.Namespace, anp.Name) - cnpReturned, err := k.securityClient.NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) + cnpReturned, err := k.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) if err != nil { log.Debugf("Creating Antrea NetworkPolicy %s", anp.Name) - anp, err = k.securityClient.NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) + anp, err = k.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) if err != nil { log.Debugf("Unable to create Antrea NetworkPolicy: %s", err) } return anp, err } else if cnpReturned.Name != "" { log.Debugf("Antrea NetworkPolicy with name %s already exists, updating", anp.Name) - anp, err = k.securityClient.NetworkPolicies(anp.Namespace).Update(context.TODO(), anp, metav1.UpdateOptions{}) + anp, err = k.crdClient.CrdV1alpha1().NetworkPolicies(anp.Namespace).Update(context.TODO(), anp, metav1.UpdateOptions{}) return anp, err } return nil, fmt.Errorf("error occurred in creating/updating Antrea NetworkPolicy %s", anp.Name) } +// GetANP is a convenience function for getting AntreaNetworkPolicies. +func (k *KubernetesUtils) GetANP(namespace, name string) (*crdv1alpha1.NetworkPolicy, error) { + res, err := k.crdClient.CrdV1alpha1().NetworkPolicies(namespace).Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return nil, err + } + return res, nil +} + // DeleteANP is a convenience function for deleting ANP by name and Namespace. func (k *KubernetesUtils) DeleteANP(ns, name string) error { - log.Infof("deleting Antrea NetworkPolicy '%s/%s'", ns, name) - err := k.securityClient.NetworkPolicies(ns).Delete(context.TODO(), name, metav1.DeleteOptions{}) + log.Infof("Deleting Antrea NetworkPolicy '%s/%s'", ns, name) + err := k.crdClient.CrdV1alpha1().NetworkPolicies(ns).Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete Antrea NetworkPolicy %s", name) } @@ -536,7 +592,7 @@ func (k *KubernetesUtils) DeleteANP(ns, name string) error { // CleanANPs is a convenience function for deleting all Antrea NetworkPolicies in provided namespaces. func (k *KubernetesUtils) CleanANPs(namespaces []string) error { for _, ns := range namespaces { - l, err := k.securityClient.NetworkPolicies(ns).List(context.TODO(), metav1.ListOptions{}) + l, err := k.crdClient.CrdV1alpha1().NetworkPolicies(ns).List(context.TODO(), metav1.ListOptions{}) if err != nil { return errors.Wrapf(err, "unable to list Antrea NetworkPolicies in ns %s", ns) } @@ -576,6 +632,7 @@ func (k *KubernetesUtils) waitForPodInNamespace(ns string, pod string) (*string, func (k *KubernetesUtils) waitForHTTPServers(allPods []Pod) error { const maxTries = 10 log.Infof("waiting for HTTP servers (ports 80, 81 and 8080:8085) to become ready") + log.Infof("Waiting for HTTP servers (ports 80, 81, 5000 and 8080:8085) to become ready") var wrong int for i := 0; i < maxTries; i++ { reachability := NewReachability(allPods, Connected) @@ -590,7 +647,7 @@ func (k *KubernetesUtils) waitForHTTPServers(allPods []Pod) error { } _, wrong, _ = reachability.Summary() if wrong == 0 { - log.Infof("all HTTP servers are ready") + log.Infof("All HTTP servers are ready") return nil } log.Debugf("%d HTTP servers not ready", wrong) @@ -678,6 +735,223 @@ func (k *KubernetesUtils) Cleanup(namespaces []string) error { if err := k.CleanCGs(); err != nil { return err } + + for _, ns := range namespaces { + log.Infof("Deleting test Namespace %s", ns) + if err := k.clientset.CoreV1().Namespaces().Delete(context.TODO(), ns, metav1.DeleteOptions{}); err != nil { + return err + } + } + return nil +} + +// CreateOrUpdateANP is a convenience function for updating/creating Antrea NetworkPolicies. +func (k *KubernetesUtils) CreateOrUpdateLegacyANP(anp *legacysecv1alpha1.NetworkPolicy) (*legacysecv1alpha1.NetworkPolicy, error) { + log.Infof("Creating/updating legacy Antrea NetworkPolicy %s/%s", anp.Namespace, anp.Name) + cnpReturned, err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) + if err != nil { + log.Debugf("Creating legacy Antrea NetworkPolicy %s", anp.Name) + anp, err = k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) + if err != nil { + log.Debugf("Unable to create legacy Antrea NetworkPolicy: %s", err) + } + return anp, err + } else if cnpReturned.Name != "" { + log.Debugf("Legacy Antrea NetworkPolicy with name %s already exists, updating", anp.Name) + anp, err = k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Update(context.TODO(), anp, metav1.UpdateOptions{}) + return anp, err + } + return nil, fmt.Errorf("error occurred in creating/updating legacy Antrea NetworkPolicy %s", anp.Name) +} + +// DeleteLegacyANP is a convenience function for deleting ANP by name and Namespace. +func (k *KubernetesUtils) DeleteLegacyANP(ns, name string) error { + log.Infof("Deleting legacy Antrea NetworkPolicy '%s/%s'", ns, name) + err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(ns).Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to delete legacy Antrea NetworkPolicy %s", name) + } + return nil +} + +// CleanLegacyANPs is a convenience function for deleting all Antrea NetworkPolicies in provided namespaces. +func (k *KubernetesUtils) CleanLegacyANPs(namespaces []string) error { + for _, ns := range namespaces { + l, err := k.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(ns).List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to list legacy Antrea NetworkPolicies in ns %s", ns) + } + for _, anp := range l.Items { + if err = k.DeleteLegacyANP(anp.Namespace, anp.Name); err != nil { + return err + } + } + } + return nil +} + +// CreateLegacyTier is a convenience function for creating a legacy Antrea Policy Tier by name and priority. +func (k *KubernetesUtils) CreateNewLegacyTier(name string, tierPriority int32) (*legacysecv1alpha1.Tier, error) { + log.Infof("Creating legacy tier %s", name) + _, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + tr := &legacysecv1alpha1.Tier{ + ObjectMeta: metav1.ObjectMeta{Name: name}, + Spec: crdv1alpha1.TierSpec{Priority: tierPriority}, + } + tr, err = k.legacyCrdClient.SecurityV1alpha1().Tiers().Create(context.TODO(), tr, metav1.CreateOptions{}) + if err != nil { + log.Debugf("Unable to create legacy tier %s: %s", name, err) + } + return tr, err + } + return nil, fmt.Errorf("legacy tier with name %s already exists", name) +} + +// UpdateLegacyTier is a convenience function for updating a legacy Antrea Policy Tier. +func (k *KubernetesUtils) UpdateLegacyTier(tier *legacysecv1alpha1.Tier) (*legacysecv1alpha1.Tier, error) { + log.Infof("Updating legacy tier %s", tier.Name) + updatedTier, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Update(context.TODO(), tier, metav1.UpdateOptions{}) + return updatedTier, err +} + +// DeleteLegacyTier is a convenience function for deleting a legacy Antrea Policy Tier with specific name. +func (k *KubernetesUtils) DeleteLegacyTier(name string) error { + _, err := k.legacyCrdClient.SecurityV1alpha1().Tiers().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to get legacy tier %s", name) + } + log.Infof("Deleting legacy tier %s", name) + if err = k.legacyCrdClient.SecurityV1alpha1().Tiers().Delete(context.TODO(), name, metav1.DeleteOptions{}); err != nil { + return errors.Wrapf(err, "unable to delete legacy tier %s", name) + } + return nil +} + +// CreateLegacyCG is a convenience function for creating a legacy Antrea ClusterGroup by name and selector. +func (k *KubernetesUtils) CreateLegacyCG(name string, pSelector, nSelector *metav1.LabelSelector, ipBlock *crdv1alpha1.IPBlock) (*legacycorev1a2.ClusterGroup, error) { + log.Infof("Creating legacy clustergroup %s", name) + _, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) + if err != nil { + cg := &legacycorev1a2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: name, + }, + } + if pSelector != nil { + cg.Spec.PodSelector = pSelector + } + if nSelector != nil { + cg.Spec.NamespaceSelector = nSelector + } + if ipBlock != nil { + cg.Spec.IPBlock = ipBlock + } + cg, err = k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) + if err != nil { + log.Debugf("Unable to create legacy ClusterGroup %s: %s", name, err) + } + return cg, err + } + return nil, fmt.Errorf("legacy ClusterGroup with name %s already exists", name) +} + +// CreateOrUpdateLegacyCG is a convenience function for idempotent setup of legacy ClusterGroups +func (k *KubernetesUtils) CreateOrUpdateLegacyCG(cg *legacycorev1a2.ClusterGroup) (*legacycorev1a2.ClusterGroup, error) { + log.Infof("Creating/updating legacy ClusterGroup %s", cg.Name) + cgReturned, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) + if err != nil { + cgr, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) + if err != nil { + log.Infof("Unable to create legacy ClusterGroup %s: %v", cg.Name, err) + return nil, err + } + return cgr, nil + } else if cgReturned.Name != "" { + log.Debugf("Legacy ClusterGroup with name %s already exists, updating", cg.Name) + cgReturned.Spec = cg.Spec + cgr, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) + return cgr, err + } + return nil, fmt.Errorf("error occurred in creating/updating legacy ClusterGroup %s", cg.Name) +} + +// DeleteLegacyCG is a convenience function for deleting legacy ClusterGroup by name. +func (k *KubernetesUtils) DeleteLegacyCG(name string) error { + log.Infof("Deleting ClusterGroup %s", name) + err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to delete legacy ClusterGroup %s", name) + } + return nil +} + +// CleanCGs is a convenience function for deleting all ClusterGroups in the cluster. +func (k *KubernetesUtils) CleanLegacyCGs() error { + l, err := k.legacyCrdClient.CoreV1alpha2().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to list legacy ClusterGroups") + } + for _, cg := range l.Items { + if err := k.DeleteLegacyCG(cg.Name); err != nil { + return err + } + } + return nil +} + +// CreateOrUpdateLegacyACNP is a convenience function for updating/creating AntreaClusterNetworkPolicies. +func (k *KubernetesUtils) CreateOrUpdateLegacyACNP(cnp *legacysecv1alpha1.ClusterNetworkPolicy) (*legacysecv1alpha1.ClusterNetworkPolicy, error) { + log.Infof("Creating/updating legacy ClusterNetworkPolicy %s", cnp.Name) + cnpReturned, err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), cnp.Name, metav1.GetOptions{}) + if err != nil { + log.Debugf("Creating legacy ClusterNetworkPolicy %s", cnp.Name) + cnp, err = k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), cnp, metav1.CreateOptions{}) + if err != nil { + log.Debugf("Unable to create legacy ClusterNetworkPolicy: %s", err) + } + return cnp, err + } else if cnpReturned.Name != "" { + log.Debugf("Legacy ClusterNetworkPolicy with name %s already exists, updating", cnp.Name) + cnpReturned.Spec = cnp.Spec + cnp, err = k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Update(context.TODO(), cnpReturned, metav1.UpdateOptions{}) + return cnp, err + } + return nil, fmt.Errorf("error occurred in creating/updating legacy ClusterNetworkPolicy %s", cnp.Name) +} + +// DeleteLegacyACNP is a convenience function for deleting ACNP by name. +func (k *KubernetesUtils) DeleteLegacyACNP(name string) error { + log.Infof("Deleting AntreaClusterNetworkPolicies %s", name) + err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), name, metav1.DeleteOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to delete legacy ClusterNetworkPolicy %s", name) + } + return nil +} + +// CleanLegacyACNPs is a convenience function for deleting all Antrea ClusterNetworkPolicies in the cluster. +func (k *KubernetesUtils) CleanLegacyACNPs() error { + l, err := k.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().List(context.TODO(), metav1.ListOptions{}) + if err != nil { + return errors.Wrapf(err, "unable to list legacy AntreaClusterNetworkPolicies") + } + for _, cnp := range l.Items { + if err = k.DeleteLegacyACNP(cnp.Name); err != nil { + return err + } + } + return nil +} + +func (k *KubernetesUtils) LegacyCleanup(namespaces []string) error { + // Cleanup any cluster-scoped resources. + if err := k.CleanLegacyACNPs(); err != nil { + return err + } + if err := k.CleanLegacyCGs(); err != nil { + return err + } for _, ns := range namespaces { log.Infof("Deleting test Namespace %s", ns) if err := k.clientset.CoreV1().Namespaces().Delete(context.TODO(), ns, metav1.DeleteOptions{}); err != nil { diff --git a/test/e2e/legacyantreapolicy_test.go b/test/e2e/legacyantreapolicy_test.go new file mode 100644 index 00000000000..31800380917 --- /dev/null +++ b/test/e2e/legacyantreapolicy_test.go @@ -0,0 +1,2581 @@ +// Copyright 2020 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package e2e + +import ( + "context" + "fmt" + "strings" + "sync" + "testing" + "time" + + log "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" + v1 "k8s.io/api/core/v1" + v1net "k8s.io/api/networking/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/intstr" + "k8s.io/apimachinery/pkg/util/sets" + "k8s.io/apimachinery/pkg/util/wait" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + legacycorev1a2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" + legacysecurityv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + legacysecv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" + . "github.com/vmware-tanzu/antrea/test/e2e/utils" +) + +const ( + mockWait = 900 * time.Millisecond +) + +func testLegacyMutateACNPNoTier(t *testing.T) { + invalidNpErr := fmt.Errorf("ACNP tier not mutated to default tier") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-no-tier"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetPriority(10.0) + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + acnp, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp) + if err != nil { + failOnError(fmt.Errorf("ACNP create failed %v", err), t) + } + if acnp.Spec.Tier != defaultTierName { + failOnError(invalidNpErr, t) + } + failOnError(k8sUtils.CleanLegacyACNPs(), t) +} + +func testLegacyMutateANPNoTier(t *testing.T) { + invalidNpErr := fmt.Errorf("ANP tier not mutated to default tier") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-no-tier"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetPriority(10.0) + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + anp, err := k8sUtils.CreateOrUpdateLegacyANP(anp) + if err != nil { + failOnError(fmt.Errorf("ANP create failed %v", err), t) + } + if anp.Spec.Tier != defaultTierName { + failOnError(invalidNpErr, t) + } + failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) +} + +func testLegacyMutateACNPNoRuleName(t *testing.T) { + mutateErr := fmt.Errorf("ACNP Rule name not mutated automatically") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-no-rule-name"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetPriority(10.0). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + acnp, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp) + if err != nil { + failOnError(fmt.Errorf("ACNP create failed %v", err), t) + } + ir := acnp.Spec.Ingress + if len(ir) != 1 { + failOnError(fmt.Errorf("unexpected number of rules present in ACNP: %d rules present instead of 1", len(ir)), t) + } + // Here we created a single rule + if ir[0].Name == "" { + failOnError(mutateErr, t) + } + failOnError(k8sUtils.CleanLegacyACNPs(), t) +} + +func testLegacyMutateANPNoRuleName(t *testing.T) { + mutateErr := fmt.Errorf("ANP Rule name not mutated automatically") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-no-rule-name"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetPriority(10.0). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "") + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + anp, err := k8sUtils.CreateOrUpdateLegacyANP(anp) + if err != nil { + failOnError(fmt.Errorf("ANP create failed %v", err), t) + } + ir := anp.Spec.Ingress + if len(ir) != 1 { + failOnError(fmt.Errorf("unexpected number of rules present in ANP: %d rules present instead of 1", len(ir)), t) + } + // Here we created a single rule + if ir[0].Name == "" { + failOnError(mutateErr, t) + } + failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) +} + +func testLegacyInvalidACNPNoPriority(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without a priority accepted") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-no-priority"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPRuleNameNotUnique(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without unique rule names accepted") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-rule-name-not-unique"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "not-unique"). + AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "not-unique") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPTierDoesNotExist(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy without existing Tier accepted") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-tier-not-exist"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetTier("i-dont-exist") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPPortRangePortUnset(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy egress rule with endPort but no port accepted") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-egress-port-range-port-unset"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") + + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPPortRangeEndPortSmall(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy egress rule with endPort smaller than port accepted") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-egress-port-range-endport-small"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") + + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPSpecAppliedToRuleAppliedToSet(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with spec appliedTo and rules appliedTo set") + ruleAppTo := ACNPAppliedToSpec{ + PodSelector: map[string]string{"pod": "b"}, + } + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-spec-appto-and-rules-appto"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPAppliedToNotSetInAllRules(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with appliedTo not set in all rules") + ruleAppTo := ACNPAppliedToSpec{ + PodSelector: map[string]string{"pod": "b"}, + } + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-appto-not-set-in-all-rules"). + SetPriority(1.0) + builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "", ""). + AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPAppliedToCGDoesNotExist(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy AppliedTo with non-existent clustergroup") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-appliedto-group-not-exist"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{Group: "cgA"}}). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPCGDoesNotExist(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy rules with non-existent clustergroup") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-ingress-group-not-exist"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "cgA", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidACNPIngressPeerCGSetWithPodSelector(t *testing.T) { + cgA := "cgA" + selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} + ruleAppTo := ACNPAppliedToSpec{ + PodSelector: map[string]string{"pod": "b"}, + } + k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and podSelector in NetworkPolicyPeer set") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-ingress-group-podselector-set"). + SetPriority(1.0) + builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, nil, + nil, nil, []ACNPAppliedToSpec{ruleAppTo}, crdv1alpha1.RuleActionAllow, "cgA", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } + failOnError(k8sUtils.CleanCGs(), t) +} + +func testLegacyInvalidACNPIngressPeerCGSetWithNSSelector(t *testing.T) { + cgA := "cgA" + selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} + k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and namespaceSelector in NetworkPolicyPeer set") + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-ingress-group-nsselector-set"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "cgA", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } + failOnError(k8sUtils.CleanCGs(), t) +} + +func testLegacyInvalidACNPIngressPeerCGSetWithIPBlock(t *testing.T) { + cgA := "cgA" + selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} + k8sUtils.CreateLegacyCG(cgA, &selectorA, nil, nil) + invalidNpErr := fmt.Errorf("invalid Antrea ClusterNetworkPolicy with group and ipBlock in NetworkPolicyPeer set") + cidr := "10.0.0.10/32" + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-ingress-group-ipblock-set"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{Group: "cgA"}}) + builder = builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, []ACNPAppliedToSpec{{Group: "cgB"}}, crdv1alpha1.RuleActionAllow, "", "") + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyACNP(acnp); err == nil { + // Above creation of ACNP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidANPNoPriority(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without a priority accepted") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-no-priority"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { + // Above creation of ANP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidANPRuleNameNotUnique(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without unique rule names accepted") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-rule-name-not-unique"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique"). + AddIngress(v1.ProtocolTCP, &p81, nil, nil, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "not-unique") + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { + // Above creation of ANP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidANPTierDoesNotExist(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy without existing Tier accepted") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-tier-not-exist"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetTier("i-dont-exist") + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { + // Above creation of ANP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidANPPortRangePortUnset(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy egress rule with endPort but no port accepted") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("y", "anp-egress-port-range-port-unset"). + SetPriority(1.0). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder.AddEgress(v1.ProtocolTCP, nil, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") + + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { + // Above creation of ANP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidANPPortRangeEndPortSmall(t *testing.T) { + invalidNpErr := fmt.Errorf("invalid Antrea NetworkPolicy egress rule with endPort smaller than port accepted") + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("y", "anp-egress-port-range-endport-small"). + SetPriority(1.0). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder.AddEgress(v1.ProtocolTCP, &p8082, nil, &p8081, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") + + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err := k8sUtils.CreateOrUpdateLegacyANP(anp); err == nil { + // Above creation of ANP must fail as it is an invalid spec. + failOnError(invalidNpErr, t) + } +} + +func testLegacyInvalidTierReservedDelete(t *testing.T) { + invalidErr := fmt.Errorf("reserved Tier deleted") + if err := k8sUtils.DeleteLegacyTier("emergency"); err == nil { + // Above deletion of reserved Tier must fail. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidTierPriorityUpdate(t *testing.T) { + invalidErr := fmt.Errorf("tier priority updated") + oldTier, err := k8sUtils.CreateNewLegacyTier("prio-updated-tier", 21) + if err != nil { + failOnError(fmt.Errorf("create Tier failed for tier prio-updated-tier: %v", err), t) + } + // Update this tier with new priority + newTier := legacysecurityv1alpha1.Tier{ + ObjectMeta: oldTier.ObjectMeta, + Spec: oldTier.Spec, + } + // Attempt to update Tier's priority + newTier.Spec.Priority = 31 + // Above update of Tier must fail as it is an invalid case. + if _, err = k8sUtils.UpdateLegacyTier(&newTier); err == nil { + failOnError(invalidErr, t) + } + failOnError(k8sUtils.DeleteLegacyTier(oldTier.Name), t) +} + +func testLegacyInvalidTierPriorityOverlap(t *testing.T) { + invalidErr := fmt.Errorf("tiers created with overlapping priorities") + tr, err := k8sUtils.CreateNewLegacyTier("tier-prio-20", 20) + if err != nil { + failOnError(fmt.Errorf("create Tier failed for tier tier-prio-20: %v", err), t) + } + time.Sleep(mockWait) + // Attempt to create Tier with same priority. + if _, err = k8sUtils.CreateNewLegacyTier("another-tier-prio-20", 20); err == nil { + // Above creation of Tier must fail as it is an invalid spec. + failOnError(invalidErr, t) + } + failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) +} + +func testLegacyInvalidTierReservedPriority(t *testing.T) { + invalidErr := fmt.Errorf("tier created with reserved priority") + if _, err := k8sUtils.CreateNewLegacyTier("tier-reserved-prio", 251); err == nil { + // Above creation of Tier must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidTierACNPRefDelete(t *testing.T) { + invalidErr := fmt.Errorf("tier deleted with referenced ACNPs") + tr, err := k8sUtils.CreateNewLegacyTier("tier-acnp", 10) + if err != nil { + failOnError(fmt.Errorf("create Tier failed for tier tier-acnp: %v", err), t) + } + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-for-tier"). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetTier("tier-acnp"). + SetPriority(13.0) + acnp := builder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + if _, err = k8sUtils.CreateOrUpdateLegacyACNP(acnp); err != nil { + failOnError(fmt.Errorf("create ACNP failed for ACNP %s: %v", acnp.Name, err), t) + } + // Deleting this Tier must fail as it has referenced ACNP + if err = k8sUtils.DeleteLegacyTier(tr.Name); err == nil { + failOnError(invalidErr, t) + } + failOnError(k8sUtils.CleanLegacyACNPs(), t) + failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) +} + +func testLegacyInvalidTierANPRefDelete(t *testing.T) { + invalidErr := fmt.Errorf("tier deleted with referenced ANPs") + tr, err := k8sUtils.CreateNewLegacyTier("tier-anp", 10) + if err != nil { + failOnError(fmt.Errorf("create Tier failed for tier tier-anp: %v", err), t) + } + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("x", "anp-for-tier"). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}). + SetTier("tier-anp"). + SetPriority(13.0) + anp := builder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + if _, err = k8sUtils.CreateOrUpdateLegacyANP(anp); err != nil { + failOnError(fmt.Errorf("create ANP failed for ANP %s: %v", anp.Name, err), t) + } + // Deleting this Tier must fail as it has referenced ANP + if err = k8sUtils.DeleteLegacyTier(tr.Name); err == nil { + failOnError(invalidErr, t) + } + failOnError(k8sUtils.CleanLegacyANPs([]string{anp.Namespace}), t) + failOnError(k8sUtils.DeleteLegacyTier(tr.Name), t) +} + +// testACNPAllowXBtoA tests traffic from X/B to pods with label A, after applying the default deny +// k8s NetworkPolicies in all namespaces and ACNP to allow X/B to A. +func testLegacyACNPAllowXBtoA(t *testing.T) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-allow-xb-to-a"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + reachability := NewReachability(allPods, Dropped) + reachability.Expect(Pod("x/b"), Pod("x/a"), Connected) + reachability.Expect(Pod("x/b"), Pod("y/a"), Connected) + reachability.Expect(Pod("x/b"), Pod("z/a"), Connected) + reachability.ExpectSelf(allPods, Connected) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Allow X/B to A", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPAllowXBtoYA tests traffic from X/B to Y/A on named port 81, after applying the default deny +// k8s NetworkPolicies in all namespaces and ACNP to allow X/B to Y/A. +func testLegacyACNPAllowXBtoYA(t *testing.T) { + port81Name := "serve-81" + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-allow-xb-to-ya"). + SetPriority(2.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) + builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + reachability := NewReachability(allPods, Dropped) + reachability.Expect(Pod("x/b"), Pod("y/a"), Connected) + reachability.ExpectSelf(allPods, Connected) + + testStep := []*TestStep{ + { + "NamedPort 81", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{81}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Allow X/B to Y/A", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPPriorityOverrideDefaultDeny tests priority override in ACNP. It applies a higher priority ACNP to drop +// traffic from namespace Z to X/A, and in the meantime applies a lower priority ACNP to allow traffic from Z to X. +// It is tested with default deny k8s NetworkPolicies in all namespaces. +func testLegacyACNPPriorityOverrideDefaultDeny(t *testing.T) { + builder1 := &ClusterNetworkPolicySpecBuilder{} + builder1 = builder1.SetName("acnp-priority2"). + SetPriority(2). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("acnp-priority1"). + SetPriority(1). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + // Ingress from ns:z to x/a will be dropped since acnp-priority1 has higher precedence. + reachabilityBothACNP := NewReachability(allPods, Dropped) + reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/b"), Connected) + reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/c"), Connected) + reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/b"), Connected) + reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/c"), Connected) + reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/b"), Connected) + reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/c"), Connected) + reachabilityBothACNP.ExpectSelf(allPods, Connected) + + testStep := []*TestStep{ + { + "Both ACNP", + reachabilityBothACNP, + []metav1.Object{builder1.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP PriorityOverride Default Deny", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testLegacyACNPAllowNoDefaultIsolation tests that no default isolation rules are created for Policies. +func testLegacyACNPAllowNoDefaultIsolation(t *testing.T, protocol v1.Protocol) { + if protocol == v1.ProtocolSCTP { + skipIfProviderIs(t, "kind", "OVS userspace conntrack does not have the SCTP support for now.") + } + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-allow-x-ingress-y-egress-z"). + SetPriority(1.1). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder.AddIngress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "y"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + builder.AddEgress(protocol, &p81, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + reachability := NewReachability(allPods, Connected) + testStep := []*TestStep{ + { + "Port 81", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{81}, + protocol, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Allow No Default Isolation", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testLegacyACNPDropEgress tests that a ACNP is able to drop egress traffic from pods labelled A to namespace Z. +func testLegacyACNPDropEgress(t *testing.T, protocol v1.Protocol) { + if protocol == v1.ProtocolSCTP { + skipIfProviderIs(t, "kind", "OVS userspace conntrack does not have the SCTP support for now.") + } + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-a-to-z-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddEgress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + protocol, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From All Pod:a to NS:z", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testLegacyACNPNoEffectOnOtherProtocols tests that a ACNP which drops TCP traffic won't affect other protocols (e.g. UDP). +func testLegacyACNPNoEffectOnOtherProtocols(t *testing.T) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-a-to-z-ingress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachability1 := NewReachability(allPods, Connected) + reachability1.Expect(Pod("z/a"), Pod("x/a"), Dropped) + reachability1.Expect(Pod("z/b"), Pod("x/a"), Dropped) + reachability1.Expect(Pod("z/c"), Pod("x/a"), Dropped) + reachability1.Expect(Pod("z/a"), Pod("y/a"), Dropped) + reachability1.Expect(Pod("z/b"), Pod("y/a"), Dropped) + reachability1.Expect(Pod("z/c"), Pod("y/a"), Dropped) + reachability1.Expect(Pod("z/b"), Pod("z/a"), Dropped) + reachability1.Expect(Pod("z/c"), Pod("z/a"), Dropped) + + reachability2 := NewReachability(allPods, Connected) + + testStep := []*TestStep{ + { + "Port 80", + reachability1, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + { + "Port 80", + reachability2, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolUDP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Ingress From All Pod:a to NS:z TCP Not UDP", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPAppliedToDenyXBtoCGWithYA tests traffic from X/B to ClusterGroup Y/A on named port 81 is dropped. +func testLegacyACNPAppliedToDenyXBtoCGWithYA(t *testing.T) { + cgName := "cg-pods-ya" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "y"}, nil) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) + port81Name := "serve-81" + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-cg-with-ya-from-xb"). + SetPriority(2.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) + builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) + reachability.ExpectSelf(allPods, Connected) + + testStep := []*TestStep{ + { + "NamedPort 81", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{81}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Deny ClusterGroup Y/A from X/B", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPIngressRuleDenyCGWithXBtoYA tests traffic from ClusterGroup with X/B to Y/A on named port 81 is dropped. +func testLegacyACNPIngressRuleDenyCGWithXBtoYA(t *testing.T) { + cgName := "cg-pods-xb" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "x"}, nil) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "b"}, nil) + port81Name := "serve-81" + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-cg-with-xb-to-ya"). + SetPriority(2.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "y"}}}) + builder.AddIngress(v1.ProtocolTCP, nil, &port81Name, nil, nil, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) + reachability.ExpectSelf(allPods, Connected) + + testStep := []*TestStep{ + { + "NamedPort 81", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{81}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Deny ClusterGroup X/B to Y/A", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPAppliedToRuleCGWithPodsAToNsZ tests that a ACNP is able to drop egress traffic from CG with pods labelled A namespace Z. +func testLegacyACNPAppliedToRuleCGWithPodsAToNsZ(t *testing.T) { + cgName := "cg-pods-a" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-cg-with-a-to-z"). + SetPriority(1.0) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, []ACNPAppliedToSpec{{Group: cgName}}, crdv1alpha1.RuleActionDrop, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From ClusterGroup with All Pod:a to NS:z", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPEgressRulePodsAToCGWithNsZ tests that a ACNP is able to drop egress traffic from pods labelled A to a CG with namespace Z. +func testLegacyACNPEgressRulePodsAToCGWithNsZ(t *testing.T) { + cgName := "cg-ns-z" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From All Pod:a to ClusterGroup with NS:z", testStep}, + } + executeLegacyTests(t, testCase) +} + +func testLegacyACNPClusterGroupUpdateAppliedTo(t *testing.T) { + cgName := "cg-pods-a-then-c" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "a"}, nil) + // Update CG Pod selector to group Pods C + updatedCgBuilder := &ClusterGroupSpecBuilder{} + updatedCgBuilder = updatedCgBuilder.SetName(cgName) + updatedCgBuilder = updatedCgBuilder.SetPodSelector(map[string]string{"pod": "c"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-cg-with-a-to-z-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + updatedReachability := NewReachability(allPods, Connected) + updatedReachability.Expect(Pod("x/c"), Pod("z/a"), Dropped) + updatedReachability.Expect(Pod("x/c"), Pod("z/b"), Dropped) + updatedReachability.Expect(Pod("x/c"), Pod("z/c"), Dropped) + updatedReachability.Expect(Pod("y/c"), Pod("z/a"), Dropped) + updatedReachability.Expect(Pod("y/c"), Pod("z/b"), Dropped) + updatedReachability.Expect(Pod("y/c"), Pod("z/c"), Dropped) + updatedReachability.Expect(Pod("z/c"), Pod("z/a"), Dropped) + updatedReachability.Expect(Pod("z/c"), Pod("z/b"), Dropped) + testStep := []*TestStep{ + { + "CG Pods A", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + { + "CG Pods C - update", + updatedReachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{updatedCgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From CG Pod:a to NS:z updated to ClusterGroup with Pod:c", testStep}, + } + executeLegacyTests(t, testCase) +} + +func testLegacyACNPClusterGroupUpdate(t *testing.T) { + cgName := "cg-ns-z-then-y" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) + // Update CG NS selector to group Pods from Namespace Y + updatedCgBuilder := &ClusterGroupSpecBuilder{} + updatedCgBuilder = updatedCgBuilder.SetName(cgName) + updatedCgBuilder = updatedCgBuilder.SetNamespaceSelector(map[string]string{"ns": "y"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + updatedReachability := NewReachability(allPods, Connected) + updatedReachability.Expect(Pod("x/a"), Pod("y/a"), Dropped) + updatedReachability.Expect(Pod("x/a"), Pod("y/b"), Dropped) + updatedReachability.Expect(Pod("x/a"), Pod("y/c"), Dropped) + updatedReachability.Expect(Pod("y/a"), Pod("y/b"), Dropped) + updatedReachability.Expect(Pod("y/a"), Pod("y/c"), Dropped) + updatedReachability.Expect(Pod("z/a"), Pod("y/a"), Dropped) + updatedReachability.Expect(Pod("z/a"), Pod("y/b"), Dropped) + updatedReachability.Expect(Pod("z/a"), Pod("y/c"), Dropped) + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + { + "Port 80 - update", + updatedReachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{updatedCgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From All Pod:a to ClusterGroup with NS:z updated to ClusterGroup with NS:y", testStep}, + } + executeLegacyTests(t, testCase) +} + +func testLegacyACNPClusterGroupAppliedToPodAdd(t *testing.T, data *TestData) { + cgName := "cg-pod-custom-pod-zj" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "j"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-cg-with-zj-to-xj-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cgName}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "j"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + cp := []*CustomProbe{ + { + SourcePod: CustomPod{ + Pod: NewPod("z", "j"), + Labels: map[string]string{"pod": "j"}, + }, + DestPod: CustomPod{ + Pod: NewPod("x", "j"), + Labels: map[string]string{"pod": "j"}, + }, + ExpectConnectivity: Dropped, + Port: p80, + }, + } + testStep := []*TestStep{ + { + "Port 80", + nil, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + cp, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From ClusterGroup with Pod: z/j to Pod: x/j for Pod ADD events", testStep}, + } + executeLegacyTestsWithData(t, testCase, data) +} + +func testLegacyACNPClusterGroupRefRulePodAdd(t *testing.T, data *TestData) { + cgName := "cg-pod-custom-pod-zk" + cgBuilder := &ClusterGroupSpecBuilder{} + cgBuilder = cgBuilder.SetName(cgName) + cgBuilder = cgBuilder.SetNamespaceSelector(map[string]string{"ns": "z"}, nil) + cgBuilder = cgBuilder.SetPodSelector(map[string]string{"pod": "k"}, nil) + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-xk-to-cg-with-zk-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "k"}, + NSSelector: map[string]string{"ns": "x"}}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, cgName, "") + cp := []*CustomProbe{ + { + SourcePod: CustomPod{ + Pod: NewPod("x", "k"), + Labels: map[string]string{"pod": "k"}, + }, + DestPod: CustomPod{ + Pod: NewPod("z", "k"), + Labels: map[string]string{"pod": "k"}, + }, + ExpectConnectivity: Dropped, + Port: p80, + }, + } + testStep := []*TestStep{ + { + "Port 80", + nil, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{cgBuilder.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + cp, + }, + } + testCase := []*TestCase{ + {"ACNP Drop Egress From Pod: x/k to ClusterGroup with Pod: z/k for Pod ADD event", testStep}, + } + executeLegacyTestsWithData(t, testCase, data) +} + +// testBaselineNamespaceIsolation tests that a ACNP in the baseline Tier is able to enforce default namespace isolation, +// which can be later overridden by developer K8s NetworkPolicies. +func testLegacyBaselineNamespaceIsolation(t *testing.T) { + builder := &ClusterNetworkPolicySpecBuilder{} + nsExpOtherThanX := metav1.LabelSelectorRequirement{ + Key: "ns", + Operator: metav1.LabelSelectorOpNotIn, + Values: []string{"x"}, + } + builder = builder.SetName("acnp-baseline-isolate-ns-x"). + SetTier("baseline"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, + nil, &[]metav1.LabelSelectorRequirement{nsExpOtherThanX}, + nil, crdv1alpha1.RuleActionDrop, "", "") + + // create a K8s NetworkPolicy for Pods in namespace x to allow ingress traffic from Pods in the same namespace, + // as well as from the y/a Pod. It should open up ingress from y/a since it's evaluated before the baseline tier. + k8sNPBuilder := &NetworkPolicySpecBuilder{} + k8sNPBuilder = k8sNPBuilder.SetName("x", "allow-ns-x-and-y-a"). + SetTypeIngress(). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, + nil, map[string]string{"ns": "x"}, nil, nil). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, + map[string]string{"pod": "a"}, map[string]string{"ns": "y"}, nil, nil) + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("y/b"), Pod("x/a"), Dropped) + reachability.Expect(Pod("y/c"), Pod("x/a"), Dropped) + reachability.Expect(Pod("z/a"), Pod("x/a"), Dropped) + reachability.Expect(Pod("z/b"), Pod("x/a"), Dropped) + reachability.Expect(Pod("z/c"), Pod("x/a"), Dropped) + reachability.Expect(Pod("y/b"), Pod("x/b"), Dropped) + reachability.Expect(Pod("y/c"), Pod("x/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachability.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachability.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachability.Expect(Pod("y/b"), Pod("x/c"), Dropped) + reachability.Expect(Pod("y/c"), Pod("x/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachability.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachability.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy(), k8sNPBuilder.Get()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP baseline tier namespace isolation", testStep}, + } + executeLegacyTests(t, testCase) + // Cleanup the K8s NetworkPolicy created for this test. + failOnError(k8sUtils.CleanNetworkPolicies([]string{"x"}), t) + time.Sleep(networkPolicyDelay) +} + +// testACNPPriorityOverride tests priority overriding in three Policies. Those three Policies are applied in a specific order to +// test priority reassignment, and each controls a smaller set of traffic patterns as priority increases. +func testLegacyACNPPriorityOverride(t *testing.T) { + builder1 := &ClusterNetworkPolicySpecBuilder{} + builder1 = builder1.SetName("acnp-priority1"). + SetPriority(1.001). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + podZBIP, _ := podIPs["z/b"] + cidr := podZBIP + "/32" + // Highest priority. Drops traffic from z/b to x/a. + builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("acnp-priority2"). + SetPriority(1.002). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + // Medium priority. Allows traffic from z to x/a. + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + builder3 := &ClusterNetworkPolicySpecBuilder{} + builder3 = builder3.SetName("acnp-priority3"). + SetPriority(1.003). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + // Lowest priority. Drops traffic from z to x. + builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachabilityTwoACNPs := NewReachability(allPods, Connected) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + reachabilityAllACNPs := NewReachability(allPods, Connected) + reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/a"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + testStepTwoACNP := []*TestStep{ + { + "Two Policies with different priorities", + reachabilityTwoACNPs, + []metav1.Object{builder3.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + // Create the Policies in specific order to make sure that priority re-assignments work as expected. + testStepAll := []*TestStep{ + { + "All three Policies", + reachabilityAllACNPs, + []metav1.Object{builder3.GetLegacy(), builder1.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP PriorityOverride Intermediate", testStepTwoACNP}, + {"ACNP PriorityOverride All", testStepAll}, + } + executeLegacyTests(t, testCase) +} + +// testACNPTierOverride tests tier priority overriding in three Policies. +// Each ACNP controls a smaller set of traffic patterns as tier priority increases. +func testLegacyACNPTierOverride(t *testing.T) { + builder1 := &ClusterNetworkPolicySpecBuilder{} + builder1 = builder1.SetName("acnp-tier-emergency"). + SetTier("emergency"). + SetPriority(100). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + podZBIP, _ := podIPs["z/b"] + cidr := podZBIP + "/32" + // Highest priority tier. Drops traffic from z/b to x/a. + builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, &cidr, nil, nil, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("acnp-tier-securityops"). + SetTier("securityops"). + SetPriority(10). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + // Medium priority tier. Allows traffic from z to x/a. + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + builder3 := &ClusterNetworkPolicySpecBuilder{} + builder3 = builder3.SetName("acnp-tier-application"). + SetTier("application"). + SetPriority(1). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + // Lowest priority tier. Drops traffic from z to x. + builder3.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachabilityTwoACNPs := NewReachability(allPods, Connected) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + reachabilityAllACNPs := NewReachability(allPods, Connected) + reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/a"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityAllACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + testStepTwoACNP := []*TestStep{ + { + "Two Policies in different tiers", + reachabilityTwoACNPs, + []metav1.Object{builder3.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testStepAll := []*TestStep{ + { + "All three Policies in different tiers", + reachabilityAllACNPs, + []metav1.Object{builder3.GetLegacy(), builder1.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP TierOverride Intermediate", testStepTwoACNP}, + {"ACNP TierOverride All", testStepAll}, + } + executeLegacyTests(t, testCase) +} + +// testACNPTierOverride tests tier priority overriding in three Policies with custom created tiers. +// Each ACNP controls a smaller set of traffic patterns as tier priority increases. +func testLegacyACNPCustomTiers(t *testing.T) { + k8sUtils.DeleteLegacyTier("high-priority") + k8sUtils.DeleteLegacyTier("low-priority") + // Create two custom tiers with tier priority immediately next to each other. + _, err := k8sUtils.CreateNewLegacyTier("high-priority", 245) + failOnError(err, t) + _, err = k8sUtils.CreateNewLegacyTier("low-priority", 246) + failOnError(err, t) + + builder1 := &ClusterNetworkPolicySpecBuilder{} + builder1 = builder1.SetName("acnp-tier-high"). + SetTier("high-priority"). + SetPriority(100). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + // Medium priority tier. Allows traffic from z to x/a. + builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + time.Sleep(mockWait) + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("acnp-tier-low"). + SetTier("low-priority"). + SetPriority(1). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + // Lowest priority tier. Drops traffic from z to x. + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + reachabilityTwoACNPs := NewReachability(allPods, Connected) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityTwoACNPs.Expect(Pod("z/c"), Pod("x/c"), Dropped) + testStepTwoACNP := []*TestStep{ + { + "Two Policies in different tiers", + reachabilityTwoACNPs, + []metav1.Object{builder2.GetLegacy(), builder1.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Custom Tier priority", testStepTwoACNP}, + } + executeLegacyTests(t, testCase) + // Cleanup customed tiers. ACNPs created in those tiers need to be deleted first. + failOnError(k8sUtils.CleanLegacyACNPs(), t) + failOnError(k8sUtils.DeleteLegacyTier("high-priority"), t) + failOnError(k8sUtils.DeleteLegacyTier("low-priority"), t) +} + +// testACNPPriorityConflictingRule tests that if there are two Policies in the cluster with rules that conflicts with +// each other, the ACNP with higher priority will prevail. +func testLegacyACNPPriorityConflictingRule(t *testing.T) { + builder1 := &ClusterNetworkPolicySpecBuilder{} + builder1 = builder1.SetName("acnp-drop"). + SetPriority(1). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder1.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("acnp-allow"). + SetPriority(2). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + // The following ingress rule will take no effect as it is exactly the same as ingress rule of cnp-drop, + // but cnp-allow has lower priority. + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + reachabilityBothACNP := NewReachability(allPods, Connected) + reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/a"), Dropped) + reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/b"), Dropped) + reachabilityBothACNP.Expect(Pod("z/a"), Pod("x/c"), Dropped) + reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/a"), Dropped) + reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/b"), Dropped) + reachabilityBothACNP.Expect(Pod("z/b"), Pod("x/c"), Dropped) + reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/a"), Dropped) + reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/b"), Dropped) + reachabilityBothACNP.Expect(Pod("z/c"), Pod("x/c"), Dropped) + + testStep := []*TestStep{ + { + "Both ACNP", + reachabilityBothACNP, + []metav1.Object{builder1.GetLegacy(), builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Priority Conflicting Rule", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPPriorityConflictingRule tests that if there are two rules in the cluster that conflicts with +// each other, the rule with higher precedence will prevail. +func testLegacyACNPRulePrioirty(t *testing.T) { + builder1 := &ClusterNetworkPolicySpecBuilder{} + // acnp-deny will apply to all pods in namespace x + builder1 = builder1.SetName("acnp-deny"). + SetPriority(5). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + // This rule should take no effect as it will be overridden by the first rule of cnp-allow + builder1.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + builder2 := &ClusterNetworkPolicySpecBuilder{} + // acnp-allow will also apply to all pods in namespace x + builder2 = builder2.SetName("acnp-allow"). + SetPriority(5). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "x"}}}) + builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + // This rule should take no effect as it will be overridden by the first rule of cnp-drop + builder2.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "y"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + + // Only egress from pods in namespace x to namespace y should be denied + reachabilityBothACNP := NewReachability(allPods, Connected) + reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/a"), Dropped) + reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/a"), Dropped) + reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/a"), Dropped) + reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/b"), Dropped) + reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/b"), Dropped) + reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/b"), Dropped) + reachabilityBothACNP.Expect(Pod("x/a"), Pod("y/c"), Dropped) + reachabilityBothACNP.Expect(Pod("x/b"), Pod("y/c"), Dropped) + reachabilityBothACNP.Expect(Pod("x/c"), Pod("y/c"), Dropped) + + testStep := []*TestStep{ + { + "Both ACNP", + reachabilityBothACNP, + []metav1.Object{builder2.GetLegacy(), builder1.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Rule Priority", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testACNPPortRange tests the port range in a ACNP can work. +func testLegacyACNPPortRange(t *testing.T) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-deny-a-to-z-egress-port-range"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "acnp-port-range") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("y/a"), Pod("z/c"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("z/a"), Pod("z/c"), Dropped) + + var testSteps []*TestStep + testSteps = append(testSteps, &TestStep{ + fmt.Sprintf("ACNP Drop Port 8080:8085"), + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{8080, 8081, 8082, 8083, 8084, 8085}, + v1.ProtocolTCP, + 0, + nil, + }) + + testCase := []*TestCase{ + {"ACNP Drop Egress From All Pod:a to NS:z with a portRange", testSteps}, + } + executeLegacyTests(t, testCase) +} + +// testACNPRejectEgress tests that a ACNP is able to reject egress traffic from pods labelled A to namespace Z. +func testLegacyACNPRejectEgress(t *testing.T) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-reject-a-to-z-egress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionReject, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Rejected) + reachability.Expect(Pod("x/a"), Pod("z/b"), Rejected) + reachability.Expect(Pod("x/a"), Pod("z/c"), Rejected) + reachability.Expect(Pod("y/a"), Pod("z/a"), Rejected) + reachability.Expect(Pod("y/a"), Pod("z/b"), Rejected) + reachability.Expect(Pod("y/a"), Pod("z/c"), Rejected) + reachability.Expect(Pod("z/a"), Pod("z/b"), Rejected) + reachability.Expect(Pod("z/a"), Pod("z/c"), Rejected) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Reject egress From All Pod:a to NS:z", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testLegacyACNPRejectIngress tests that a ACNP is able to reject egress traffic from pods labelled A to namespace Z. +func testLegacyACNPRejectIngress(t *testing.T, protocol v1.Protocol) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("acnp-reject-a-from-z-ingress"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddIngress(protocol, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionReject, "", "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("z/a"), Pod("x/a"), Rejected) + reachability.Expect(Pod("z/b"), Pod("x/a"), Rejected) + reachability.Expect(Pod("z/c"), Pod("x/a"), Rejected) + reachability.Expect(Pod("z/a"), Pod("y/a"), Rejected) + reachability.Expect(Pod("z/b"), Pod("y/a"), Rejected) + reachability.Expect(Pod("z/c"), Pod("y/a"), Rejected) + reachability.Expect(Pod("z/b"), Pod("z/a"), Rejected) + reachability.Expect(Pod("z/c"), Pod("z/a"), Rejected) + + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + protocol, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ACNP Reject ingress from NS:z to All Pod:a", testStep}, + } + executeLegacyTests(t, testCase) +} + +// testANPPortRange tests the port range in a ANP can work. +func testLegacyANPPortRange(t *testing.T) { + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("y", "anp-deny-yb-to-xc-egress-port-range"). + SetPriority(1.0). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "b"}}}) + builder.AddEgress(v1.ProtocolTCP, &p8080, nil, &p8085, nil, map[string]string{"pod": "c"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "anp-port-range") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("y/b"), Pod("x/c"), Dropped) + + var testSteps []*TestStep + testSteps = append(testSteps, &TestStep{ + fmt.Sprintf("ANP Drop Port 8080:8085"), + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{8080, 8081, 8082, 8083, 8084, 8085}, + v1.ProtocolTCP, + 0, + nil, + }) + + testCase := []*TestCase{ + {"ANP Drop Egress y/b to x/c with a portRange", testSteps}, + } + executeLegacyTests(t, testCase) +} + +// testANPBasic tests traffic from X/B to Y/A on port 80 will be dropped, after applying Antrea NetworkPolicy +// that specifies that. Also it tests that a K8s NetworkPolicy with same appliedTo will not affect its behavior. +func testLegacyANPBasic(t *testing.T) { + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("y", "np-same-name"). + SetPriority(1.0). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}}}) + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + // build a K8s NetworkPolicy that has the same appliedTo but allows all traffic. + k8sNPBuilder := &NetworkPolicySpecBuilder{} + k8sNPBuilder = k8sNPBuilder.SetName("y", "np-same-name"). + SetPodSelector(map[string]string{"pod": "a"}) + k8sNPBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, + nil, nil, nil, nil) + testStep2 := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy(), k8sNPBuilder.Get()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + testCase := []*TestCase{ + {"ANP Drop X/B to Y/A", testStep}, + {"With K8s NetworkPolicy of the same name", testStep2}, + } + executeLegacyTests(t, testCase) +} + +// testAuditLoggingBasic tests that a audit log is generated when egress drop applied +func testLegacyAuditLoggingBasic(t *testing.T, data *TestData) { + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("test-log-acnp-deny"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + builder.AddEgress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, map[string]string{"ns": "z"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + builder.AddEgressLogging() + + _, err := k8sUtils.CreateOrUpdateLegacyACNP(builder.GetLegacy()) + failOnError(err, t) + time.Sleep(networkPolicyDelay) + + // generate some traffic that will be dropped by test-log-acnp-deny + k8sUtils.Probe("x", "a", "z", "a", p80, v1.ProtocolTCP) + k8sUtils.Probe("x", "a", "z", "b", p80, v1.ProtocolTCP) + k8sUtils.Probe("x", "a", "z", "c", p80, v1.ProtocolTCP) + time.Sleep(networkPolicyDelay) + + podXA, _ := k8sUtils.GetPodByLabel("x", "a") + // nodeName is guaranteed to be set at this stage, since the framework waits for all Pods to be in Running phase + nodeName := podXA.Spec.NodeName + antreaPodName, err := data.getAntreaPodOnNode(nodeName) + if err != nil { + t.Errorf("error occurred when trying to get the Antrea Agent pod running on node %s: %v", nodeName, err) + } + cmd := []string{"cat", logDir + logfileName} + stdout, stderr, err := data.runCommandFromPod(antreaNamespace, antreaPodName, "antrea-agent", cmd) + if err != nil || stderr != "" { + t.Errorf("error occurred when inspecting the audit log file. err: %v, stderr: %v", err, stderr) + } + assert.Equalf(t, true, strings.Contains(stdout, "test-log-acnp-deny"), "audit log does not contain entries for test-log-acnp-deny") + + destinations := []string{"z/a", "z/b", "z/c"} + srcIP, _ := podIPs["x/a"] + for _, d := range destinations { + dstIP, _ := podIPs[d] + // The audit log should contain log entry `... Drop SRC: DEST: ...` + pattern := `Drop [0-9]+ SRC: ` + srcIP + ` DEST: ` + dstIP + assert.Regexp(t, pattern, stdout, "audit log does not contain expected entry for x/a to %s", d) + } + failOnError(k8sUtils.CleanLegacyACNPs(), t) +} + +func testLegacyAppliedToPerRule(t *testing.T) { + builder := &AntreaNetworkPolicySpecBuilder{} + builder = builder.SetName("y", "np1").SetPriority(1.0) + anpATGrp1 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "a"}, PodSelectorMatchExp: nil} + anpATGrp2 := ANPAppliedToSpec{PodSelector: map[string]string{"pod": "b"}, PodSelectorMatchExp: nil} + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, []ANPAppliedToSpec{anpATGrp1}, crdv1alpha1.RuleActionDrop, "") + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, + nil, nil, []ANPAppliedToSpec{anpATGrp2}, crdv1alpha1.RuleActionDrop, "") + + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/b"), Pod("y/a"), Dropped) + reachability.Expect(Pod("z/b"), Pod("y/b"), Dropped) + testStep := []*TestStep{ + { + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + + builder2 := &ClusterNetworkPolicySpecBuilder{} + builder2 = builder2.SetName("cnp1").SetPriority(1.0) + cnpATGrp1 := ACNPAppliedToSpec{PodSelector: map[string]string{"pod": "a"}, PodSelectorMatchExp: nil} + cnpATGrp2 := ACNPAppliedToSpec{ + PodSelector: map[string]string{"pod": "b"}, NSSelector: map[string]string{"ns": "y"}, + PodSelectorMatchExp: nil, NSSelectorMatchExp: nil} + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, []ACNPAppliedToSpec{cnpATGrp1}, crdv1alpha1.RuleActionDrop, "", "") + builder2.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "z"}, + nil, nil, []ACNPAppliedToSpec{cnpATGrp2}, crdv1alpha1.RuleActionDrop, "", "") + + reachability2 := NewReachability(allPods, Connected) + reachability2.Expect(Pod("x/b"), Pod("x/a"), Dropped) + reachability2.Expect(Pod("x/b"), Pod("y/a"), Dropped) + reachability2.Expect(Pod("x/b"), Pod("z/a"), Dropped) + reachability2.Expect(Pod("z/b"), Pod("y/b"), Dropped) + testStep2 := []*TestStep{ + { + "Port 80", + reachability2, + []metav1.Object{builder2.GetLegacy()}, + nil, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + }, + } + + testCase := []*TestCase{ + {"ANP AppliedTo per rule", testStep}, + {"ACNP AppliedTo per rule", testStep2}, + } + executeLegacyTests(t, testCase) +} + +func testLegacyACNPClusterGroupServiceRefCreateAndUpdate(t *testing.T, data *TestData) { + svc1 := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "a"}, nil) + svc2 := k8sUtils.BuildService("svc2", "y", 80, 80, map[string]string{"app": "b"}, nil) + + cg1Name, cg2Name := "cg-svc1", "cg-svc2" + cgBuilder1 := &ClusterGroupSpecBuilder{} + cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference("x", "svc1") + cgBuilder2 := &ClusterGroupSpecBuilder{} + cgBuilder2 = cgBuilder2.SetName(cg2Name).SetServiceReference("y", "svc2") + + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("cnp-cg-svc-ref").SetPriority(1.0).SetAppliedToGroup([]ACNPAppliedToSpec{{Group: cg1Name}}) + builder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, + nil, crdv1alpha1.RuleActionDrop, cg2Name, "") + + // Pods backing svc1 (label pod=a) in Namespace x should not allow ingress from Pods backing svc2 (label pod=b) in Namespace y. + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("y/b"), Pod("x/a"), Dropped) + testStep1 := &TestStep{ + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{svc1, svc2, cgBuilder1.GetLegacy(), cgBuilder2.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + } + + // Test update selector of Service referred in cg-svc1, and update serviceReference of cg-svc2. + svc1Updated := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "b"}, nil) + svc3 := k8sUtils.BuildService("svc3", "y", 80, 80, map[string]string{"app": "a"}, nil) + cgBuilder2Updated := cgBuilder2.SetServiceReference("y", "svc3") + cp := []*CustomProbe{ + { + SourcePod: CustomPod{ + Pod: NewPod("y", "test-add-pod-svc3"), + Labels: map[string]string{"pod": "test-add-pod-svc3", "app": "a"}, + }, + DestPod: CustomPod{ + Pod: NewPod("x", "test-add-pod-svc1"), + Labels: map[string]string{"pod": "test-add-pod-svc1", "app": "b"}, + }, + ExpectConnectivity: Dropped, + Port: p80, + }, + } + + // Pods backing svc1 (label pod=b) in namespace x should not allow ingress from Pods backing svc3 (label pod=a) in namespace y. + reachability2 := NewReachability(allPods, Connected) + reachability2.Expect(Pod("y/a"), Pod("x/b"), Dropped) + testStep2 := &TestStep{ + "Port 80 updated", + reachability2, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{svc1Updated, svc3, cgBuilder1.GetLegacy(), cgBuilder2Updated.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + cp, + } + + builderUpdated := &ClusterNetworkPolicySpecBuilder{} + builderUpdated = builderUpdated.SetName("cnp-cg-svc-ref").SetPriority(1.0) + builderUpdated.SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"pod": "a"}, NSSelector: map[string]string{"ns": "x"}}}) + builderUpdated.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "y"}, + nil, nil, nil, crdv1alpha1.RuleActionDrop, "", "") + + // Pod x/a should not allow ingress from y/b per the updated ACNP spec. + testStep3 := &TestStep{ + "Port 80 ACNP spec updated to selector", + reachability, + []metav1.Object{builderUpdated.GetLegacy()}, + []metav1.Object{}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + } + + testSteps := []*TestStep{testStep1, testStep2, testStep3} + testCase := []*TestCase{ + {"ACNP ClusterGroup Service Reference create and update", testSteps}, + } + executeLegacyTestsWithData(t, testCase, data) +} + +func testLegacyACNPNestedClusterGroupCreateAndUpdate(t *testing.T, data *TestData) { + svc1 := k8sUtils.BuildService("svc1", "x", 80, 80, map[string]string{"app": "a"}, nil) + cg1Name, cg2Name := "cg-svc-x-a", "cg-select-y-b" + cgBuilder1 := &ClusterGroupSpecBuilder{} + cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference("x", "svc1") + cgBuilder2 := &ClusterGroupSpecBuilder{} + cgBuilder2 = cgBuilder2.SetName(cg2Name). + SetNamespaceSelector(map[string]string{"ns": "y"}, nil). + SetPodSelector(map[string]string{"pod": "b"}, nil) + cgNestedName := "cg-nested" + cgBuilderNested := &ClusterGroupSpecBuilder{} + cgBuilderNested = cgBuilderNested.SetName(cgNestedName).SetChildGroups([]string{cg1Name}) + + builder := &ClusterNetworkPolicySpecBuilder{} + builder = builder.SetName("cnp-nested-cg").SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{NSSelector: map[string]string{"ns": "z"}}}). + AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, nil, nil, nil, nil, + nil, crdv1alpha1.RuleActionDrop, cgNestedName, "") + + // Pods in Namespace z should not allow ingress from Pods backing svc1 (label pod=a) in Namespace x. + reachability := NewReachability(allPods, Connected) + reachability.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability.Expect(Pod("x/a"), Pod("z/c"), Dropped) + + testStep1 := &TestStep{ + "Port 80", + reachability, + []metav1.Object{builder.GetLegacy()}, + []metav1.Object{svc1, cgBuilder1.GetLegacy(), cgBuilderNested.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + nil, + } + + // Test update "cg-nested" to include "cg-select-y-b" as well. + cgBuilderNested = cgBuilderNested.SetChildGroups([]string{cg1Name, cg2Name}) + // In addition to x/a, all traffic from y/b to Namespace z should also be denied. + reachability2 := NewReachability(allPods, Connected) + reachability2.Expect(Pod("x/a"), Pod("z/a"), Dropped) + reachability2.Expect(Pod("x/a"), Pod("z/b"), Dropped) + reachability2.Expect(Pod("x/a"), Pod("z/c"), Dropped) + reachability2.Expect(Pod("y/b"), Pod("z/a"), Dropped) + reachability2.Expect(Pod("y/b"), Pod("z/b"), Dropped) + reachability2.Expect(Pod("y/b"), Pod("z/c"), Dropped) + // New member in cg-svc-x-a should be reflected in cg-nested as well. + cp := []*CustomProbe{ + { + SourcePod: CustomPod{ + Pod: NewPod("x", "test-add-pod-svc1"), + Labels: map[string]string{"pod": "test-add-pod-svc1", "app": "a"}, + }, + DestPod: CustomPod{ + Pod: NewPod("z", "test-add-pod-ns-z"), + Labels: map[string]string{"pod": "test-add-pod-ns-z"}, + }, + ExpectConnectivity: Dropped, + Port: p80, + }, + } + testStep2 := &TestStep{ + "Port 80 updated", + reachability2, + nil, + []metav1.Object{cgBuilder2.GetLegacy(), cgBuilderNested.GetLegacy()}, + []int32{80}, + v1.ProtocolTCP, + 0, + cp, + } + + testSteps := []*TestStep{testStep1, testStep2} + testCase := []*TestCase{ + {"ACNP nested ClusterGroup create and update", testSteps}, + } + executeLegacyTestsWithData(t, testCase, data) +} + +// executeTests runs all the tests in testList and prints results +func executeLegacyTests(t *testing.T, testList []*TestCase) { + executeLegacyTestsWithData(t, testList, nil) +} + +func executeLegacyTestsWithData(t *testing.T, testList []*TestCase, data *TestData) { + for _, testCase := range testList { + log.Infof("running test case %s", testCase.Name) + for _, step := range testCase.Steps { + log.Infof("running step %s of test case %s", step.Name, testCase.Name) + applyLegacyTestStepServicesAndGroups(t, step) + applyLegacyTestStepPolicies(t, step) + time.Sleep(networkPolicyDelay) + + reachability := step.Reachability + if reachability != nil { + start := time.Now() + for _, port := range step.Port { + k8sUtils.Validate(allPods, reachability, port, step.Protocol) + } + step.Duration = time.Now().Sub(start) + reachability.PrintSummary(true, true, true) + + _, wrong, _ := step.Reachability.Summary() + if wrong != 0 { + t.Errorf("failure -- %d wrong results", wrong) + } + } + if len(step.CustomProbes) > 0 && data == nil { + t.Errorf("test case %s with custom probe must set test data", testCase.Name) + continue + } + for _, p := range step.CustomProbes { + doProbe(t, data, p, step.Protocol) + } + } + cleanupLegacyTestCasePolicies(t, testCase) + cleanupLegacyTestCaseServicesAndGroups(t, testCase) + time.Sleep(networkPolicyDelay) + } + allTestList = append(allTestList, testList...) +} + +func applyLegacyTestStepPolicies(t *testing.T, step *TestStep) { + for _, policy := range step.Policies { + switch p := policy.(type) { + case *legacysecv1alpha1.ClusterNetworkPolicy: + _, err := k8sUtils.CreateOrUpdateLegacyACNP(p) + failOnError(err, t) + case *legacysecv1alpha1.NetworkPolicy: + _, err := k8sUtils.CreateOrUpdateLegacyANP(p) + failOnError(err, t) + case *v1net.NetworkPolicy: + _, err := k8sUtils.CreateOrUpdateNetworkPolicy(p) + failOnError(err, t) + } + warningOnTimeoutError(waitForResourceReady(policy, timeout), t) + } + if len(step.Policies) > 0 { + log.Debugf("Sleeping for %v for all policies to take effect", networkPolicyDelay) + time.Sleep(networkPolicyDelay) + } +} + +func cleanupLegacyTestCasePolicies(t *testing.T, c *TestCase) { + // TestSteps in a TestCase may first create and then update the same policy. + // Use sets to avoid duplicates. + acnpsToDelete, anpsToDelete, npsToDelete := sets.String{}, sets.String{}, sets.String{} + for _, step := range c.Steps { + for _, policy := range step.Policies { + switch p := policy.(type) { + case *legacysecv1alpha1.ClusterNetworkPolicy: + acnpsToDelete.Insert(p.Name) + case *legacysecv1alpha1.NetworkPolicy: + anpsToDelete.Insert(p.Namespace + "/" + p.Name) + case *v1net.NetworkPolicy: + npsToDelete.Insert(p.Namespace + "/" + p.Name) + } + } + } + for _, acnp := range acnpsToDelete.List() { + failOnError(k8sUtils.DeleteLegacyACNP(acnp), t) + warningOnTimeoutError(waitForResourceDelete("", acnp, resourceACNP, timeout), t) + } + for _, anp := range anpsToDelete.List() { + namespace := strings.Split(anp, "/")[0] + name := strings.Split(anp, "/")[1] + failOnError(k8sUtils.DeleteLegacyANP(namespace, name), t) + warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceANP, timeout), t) + } + for _, np := range npsToDelete.List() { + namespace := strings.Split(np, "/")[0] + name := strings.Split(np, "/")[1] + failOnError(k8sUtils.DeleteNetworkPolicy(namespace, name), t) + warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceNetworkPolicy, timeout), t) + } + if acnpsToDelete.Len()+anpsToDelete.Len()+npsToDelete.Len() > 0 { + log.Debugf("Sleeping for %v for all policy deletions to take effect", networkPolicyDelay) + time.Sleep(networkPolicyDelay) + } +} + +func applyLegacyTestStepServicesAndGroups(t *testing.T, step *TestStep) { + for _, obj := range step.ServicesAndGroups { + switch o := obj.(type) { + case *legacycorev1a2.ClusterGroup: + _, err := k8sUtils.CreateOrUpdateLegacyCG(o) + failOnError(err, t) + case *v1.Service: + _, err := k8sUtils.CreateOrUpdateService(o) + failOnError(err, t) + } + warningOnTimeoutError(waitForResourceReady(obj, timeout), t) + } + if len(step.ServicesAndGroups) > 0 { + log.Debugf("Sleeping for %v for all groups to have members computed", groupDelay) + time.Sleep(groupDelay) + } +} + +func cleanupLegacyTestCaseServicesAndGroups(t *testing.T, c *TestCase) { + svcsToDelete, groupsToDelete := sets.String{}, sets.String{} + var orderedGroups []string + for _, step := range c.Steps { + for _, obj := range step.ServicesAndGroups { + switch o := obj.(type) { + case *legacycorev1a2.ClusterGroup: + groupsToDelete.Insert(o.Name) + orderedGroups = append(orderedGroups, o.Name) + case *v1.Service: + svcsToDelete.Insert(o.Namespace + "/" + o.Name) + } + } + } + + for i := len(orderedGroups) - 1; i >= 0; i-- { + cg := orderedGroups[i] + if groupsToDelete.Has(cg) { + failOnError(k8sUtils.DeleteLegacyCG(cg), t) + warningOnTimeoutError(waitForResourceDelete("", cg, resourceCG, timeout), t) + groupsToDelete.Delete(cg) + } + } + + for _, svc := range svcsToDelete.List() { + namespace := strings.Split(svc, "/")[0] + name := strings.Split(svc, "/")[1] + failOnError(k8sUtils.DeleteService(namespace, name), t) + warningOnTimeoutError(waitForResourceDelete(namespace, name, resourceSVC, timeout), t) + } +} + +func TestLegacyAntreaPolicy(t *testing.T) { + data, err := setupTest(t) + if err != nil { + t.Fatalf("Error when setting up test: %v", err) + } + defer teardownTest(t, data) + initialize(t, data) + + t.Run("TestGroupValidateAntreaNativePolicies", func(t *testing.T) { + t.Run("Case=LegacyACNPNoPriority", func(t *testing.T) { testLegacyInvalidACNPNoPriority(t) }) + t.Run("Case=LegacyACNPRuleNameNotUniqueDenied", func(t *testing.T) { testLegacyInvalidACNPRuleNameNotUnique(t) }) + t.Run("Case=LegacyACNPTierDoesNotExistDenied", func(t *testing.T) { testLegacyInvalidACNPTierDoesNotExist(t) }) + t.Run("Case=LegacyACNPPortRangePortUnsetDenied", func(t *testing.T) { testLegacyInvalidACNPPortRangePortUnset(t) }) + t.Run("Case=LegacyACNPPortRangePortEndPortSmallDenied", func(t *testing.T) { testLegacyInvalidACNPPortRangeEndPortSmall(t) }) + t.Run("Case=LegacyACNPIngressPeerCGSetWithIPBlock", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithIPBlock(t) }) + t.Run("Case=LegacyACNPIngressPeerCGSetWithPodSelector", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithPodSelector(t) }) + t.Run("Case=LegacyACNPIngressPeerCGSetWithNSSelector", func(t *testing.T) { testLegacyInvalidACNPIngressPeerCGSetWithNSSelector(t) }) + t.Run("Case=LegacyACNPCGDoesNotExist", func(t *testing.T) { testLegacyInvalidACNPCGDoesNotExist(t) }) + t.Run("Case=LegacyACNPAppliedToCGDoesNotExist", func(t *testing.T) { testLegacyInvalidACNPAppliedToCGDoesNotExist(t) }) + t.Run("Case=LegacyACNPSpecAppliedToRuleAppliedToSet", func(t *testing.T) { testLegacyInvalidACNPSpecAppliedToRuleAppliedToSet(t) }) + t.Run("Case=LegacyACNPAppliedToNotSetInAllRules", func(t *testing.T) { testLegacyInvalidACNPAppliedToNotSetInAllRules(t) }) + t.Run("Case=LegacyANPNoPriority", func(t *testing.T) { testLegacyInvalidANPNoPriority(t) }) + t.Run("Case=LegacyANPRuleNameNotUniqueDenied", func(t *testing.T) { testLegacyInvalidANPRuleNameNotUnique(t) }) + t.Run("Case=LegacyANPTierDoesNotExistDenied", func(t *testing.T) { testLegacyInvalidANPTierDoesNotExist(t) }) + t.Run("Case=LegacyANPPortRangePortUnsetDenied", func(t *testing.T) { testLegacyInvalidANPPortRangePortUnset(t) }) + t.Run("Case=LegacyANPPortRangePortEndPortSmallDenied", func(t *testing.T) { testLegacyInvalidANPPortRangeEndPortSmall(t) }) + }) + + t.Run("TestGroupValidateTiers", func(t *testing.T) { + t.Run("Case=LegacyTierOverlapPriorityDenied", func(t *testing.T) { testLegacyInvalidTierPriorityOverlap(t) }) + t.Run("Case=LegacyTierOverlapReservedTierPriorityDenied", func(t *testing.T) { testLegacyInvalidTierReservedPriority(t) }) + t.Run("Case=LegacyTierPriorityUpdateDenied", func(t *testing.T) { testLegacyInvalidTierPriorityUpdate(t) }) + t.Run("Case=LegacyTierACNPReferencedDeleteDenied", func(t *testing.T) { testLegacyInvalidTierACNPRefDelete(t) }) + t.Run("Case=LegacyTierANPRefDeleteDenied", func(t *testing.T) { testLegacyInvalidTierANPRefDelete(t) }) + t.Run("Case=LegacyTierReservedDeleteDenied", func(t *testing.T) { testLegacyInvalidTierReservedDelete(t) }) + }) + + t.Run("TestGroupMutateAntreaNativePolicies", func(t *testing.T) { + t.Run("Case=LegacyACNPNoTierSetDefaultTier", func(t *testing.T) { testLegacyMutateACNPNoTier(t) }) + t.Run("Case=LegacyANPNoTierSetDefaultTier", func(t *testing.T) { testLegacyMutateANPNoTier(t) }) + t.Run("Case=LegacyANPNoRuleNameSetRuleName", func(t *testing.T) { testLegacyMutateANPNoRuleName(t) }) + t.Run("Case=LegacyACNPNoRuleNameSetRuleName", func(t *testing.T) { testLegacyMutateACNPNoRuleName(t) }) + }) + + t.Run("TestGroupDefaultDENY", func(t *testing.T) { + // testcases below require default-deny k8s NetworkPolicies to work + applyDefaultDenyToAllNamespaces(k8sUtils, namespaces) + t.Run("Case=LegacyACNPAllowXBtoA", func(t *testing.T) { testLegacyACNPAllowXBtoA(t) }) + t.Run("Case=LegacyACNPAllowXBtoYA", func(t *testing.T) { testLegacyACNPAllowXBtoYA(t) }) + t.Run("Case=LegacyACNPPriorityOverrideDefaultDeny", func(t *testing.T) { testLegacyACNPPriorityOverrideDefaultDeny(t) }) + cleanupDefaultDenyNPs(k8sUtils, namespaces) + }) + + t.Run("TestGroupNoK8sNP", func(t *testing.T) { + // testcases below do not depend on underlying default-deny K8s NetworkPolicies. + t.Run("Case=LegacyACNPAllowNoDefaultIsolationTCP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolTCP) }) + t.Run("Case=LegacyACNPAllowNoDefaultIsolationUDP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolUDP) }) + t.Run("Case=LegacyACNPAllowNoDefaultIsolationSCTP", func(t *testing.T) { testLegacyACNPAllowNoDefaultIsolation(t, v1.ProtocolSCTP) }) + t.Run("Case=LegacyACNPDropEgress", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolTCP) }) + t.Run("Case=LegacyACNPDropEgressUDP", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolUDP) }) + t.Run("Case=LegacyACNPDropEgressSCTP", func(t *testing.T) { testLegacyACNPDropEgress(t, v1.ProtocolSCTP) }) + t.Run("Case=LegacyACNPPortRange", func(t *testing.T) { testLegacyACNPPortRange(t) }) + t.Run("Case=LegacyACNPRejectEgress", func(t *testing.T) { testLegacyACNPRejectEgress(t) }) + t.Run("Case=LegacyACNPRejectIngress", func(t *testing.T) { testLegacyACNPRejectIngress(t, v1.ProtocolTCP) }) + t.Run("Case=LegacyACNPRejectIngressUDP", func(t *testing.T) { testLegacyACNPRejectIngress(t, v1.ProtocolUDP) }) + t.Run("Case=LegacyACNPNoEffectOnOtherProtocols", func(t *testing.T) { testLegacyACNPNoEffectOnOtherProtocols(t) }) + t.Run("Case=LegacyACNPBaselinePolicy", func(t *testing.T) { testLegacyBaselineNamespaceIsolation(t) }) + t.Run("Case=LegacyACNPPrioirtyOverride", func(t *testing.T) { testLegacyACNPPriorityOverride(t) }) + t.Run("Case=LegacyACNPTierOverride", func(t *testing.T) { testLegacyACNPTierOverride(t) }) + t.Run("Case=LegacyACNPCustomTiers", func(t *testing.T) { testLegacyACNPCustomTiers(t) }) + t.Run("Case=LegacyACNPPriorityConflictingRule", func(t *testing.T) { testLegacyACNPPriorityConflictingRule(t) }) + t.Run("Case=LegacyACNPRulePriority", func(t *testing.T) { testLegacyACNPRulePrioirty(t) }) + t.Run("Case=LegacyANPPortRange", func(t *testing.T) { testLegacyANPPortRange(t) }) + t.Run("Case=LegacyANPBasic", func(t *testing.T) { testLegacyANPBasic(t) }) + t.Run("Case=LegacyAppliedToPerRule", func(t *testing.T) { testLegacyAppliedToPerRule(t) }) + t.Run("Case=LegacyACNPClusterGroupEgressRulePodsAToCGWithNsZ", func(t *testing.T) { testLegacyACNPEgressRulePodsAToCGWithNsZ(t) }) + t.Run("Case=LegacyACNPClusterGroupUpdate", func(t *testing.T) { testLegacyACNPClusterGroupUpdate(t) }) + t.Run("Case=LegacyACNPClusterGroupAppliedToDenyXBToCGWithYA", func(t *testing.T) { testLegacyACNPAppliedToDenyXBtoCGWithYA(t) }) + t.Run("Case=LegacyACNPClusterGroupAppliedToRuleCGWithPodsAToNsZ", func(t *testing.T) { testLegacyACNPAppliedToRuleCGWithPodsAToNsZ(t) }) + t.Run("Case=LegacyACNPClusterGroupUpdateAppliedTo", func(t *testing.T) { testLegacyACNPClusterGroupUpdateAppliedTo(t) }) + t.Run("Case=LegacyACNPClusterGroupAppliedToPodAdd", func(t *testing.T) { testLegacyACNPClusterGroupAppliedToPodAdd(t, data) }) + t.Run("Case=LegacyACNPClusterGroupRefRulePodAdd", func(t *testing.T) { testLegacyACNPClusterGroupRefRulePodAdd(t, data) }) + t.Run("Case=LegacyACNPClusterGroupIngressRuleDenyCGWithXBtoYA", func(t *testing.T) { testLegacyACNPIngressRuleDenyCGWithXBtoYA(t) }) + t.Run("Case=LegacyACNPClusterGroupServiceRef", func(t *testing.T) { testLegacyACNPClusterGroupServiceRefCreateAndUpdate(t, data) }) + t.Run("Case=LegacyACNPNestedClusterGroup", func(t *testing.T) { testLegacyACNPNestedClusterGroupCreateAndUpdate(t, data) }) + }) + // print results for reachability tests + printResults() + + t.Run("TestGroupAuditLogging", func(t *testing.T) { + t.Run("Case=LegacyAuditLoggingBasic", func(t *testing.T) { testLegacyAuditLoggingBasic(t, data) }) + }) + k8sUtils.LegacyCleanup(namespaces) +} + +func TestLegacyAntreaPolicyStatus(t *testing.T) { + data, err := setupTest(t) + if err != nil { + t.Fatalf("Error when setting up test: %v", err) + } + defer teardownTest(t, data) + skipIfAntreaPolicyDisabled(t, data) + + _, _, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "server-0", controlPlaneNodeName()) + defer cleanupFunc() + _, _, cleanupFunc = createAndWaitForPod(t, data, data.createNginxPodOnNode, "server-1", workerNodeName(1)) + defer cleanupFunc() + + anpBuilder := &AntreaNetworkPolicySpecBuilder{} + anpBuilder = anpBuilder.SetName(testNamespace, "anp-applied-to-two-nodes"). + SetPriority(1.0). + SetAppliedToGroup([]ANPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) + anpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "") + anp := anpBuilder.GetLegacy() + log.Debugf("creating ANP %v", anp.Name) + _, err = data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Create(context.TODO(), anp, metav1.CreateOptions{}) + assert.NoError(t, err) + defer data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Delete(context.TODO(), anp.Name, metav1.DeleteOptions{}) + + acnpBuilder := &ClusterNetworkPolicySpecBuilder{} + acnpBuilder = acnpBuilder.SetName("acnp-applied-to-two-nodes"). + SetPriority(1.0). + SetAppliedToGroup([]ACNPAppliedToSpec{{PodSelector: map[string]string{"app": "nginx"}}}) + acnpBuilder.AddIngress(v1.ProtocolTCP, &p80, nil, nil, nil, map[string]string{"pod": "b"}, map[string]string{"ns": "x"}, + nil, nil, nil, crdv1alpha1.RuleActionAllow, "", "") + acnp := acnpBuilder.GetLegacy() + log.Debugf("creating ACNP %v", acnp.Name) + _, err = data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Create(context.TODO(), acnp, metav1.CreateOptions{}) + assert.NoError(t, err) + defer data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Delete(context.TODO(), acnp.Name, metav1.DeleteOptions{}) + + expectedStatus := crdv1alpha1.NetworkPolicyStatus{ + Phase: crdv1alpha1.NetworkPolicyRealized, + ObservedGeneration: 1, + CurrentNodesRealized: 2, + DesiredNodesRealized: 2, + } + err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { + anp, err := data.legacyCrdClient.SecurityV1alpha1().NetworkPolicies(anp.Namespace).Get(context.TODO(), anp.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + return anp.Status == expectedStatus, nil + }) + assert.NoError(t, err, "Antrea NetworkPolicy failed to reach expected status") + err = wait.Poll(100*time.Millisecond, 3*time.Second, func() (bool, error) { + anp, err := data.legacyCrdClient.SecurityV1alpha1().ClusterNetworkPolicies().Get(context.TODO(), acnp.Name, metav1.GetOptions{}) + if err != nil { + return false, err + } + return anp.Status == expectedStatus, nil + }) + assert.NoError(t, err, "Antrea ClusterNetworkPolicy failed to reach expected status") +} + +// TestLegacyANPNetworkPolicyStatsWithDropAction tests antreanetworkpolicystats can correctly collect dropped packets stats from ANP if +// networkpolicystats feature is enabled +func TestLegacyANPNetworkPolicyStatsWithDropAction(t *testing.T) { + data, err := setupTest(t) + if err != nil { + t.Fatalf("Error when setting up test: %v", err) + } + defer teardownTest(t, data) + skipIfAntreaPolicyDisabled(t, data) + + cc := []configChange{ + {"NetworkPolicyStats", "true", true}, + } + ac := []configChange{ + {"NetworkPolicyStats", "true", true}, + } + if err := testData.mutateAntreaConfigMap(cc, ac, true, true); err != nil { + t.Fatalf("Failed to enable NetworkPolicyStats feature: %v", err) + } + + serverName, serverIPs, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "test-server-", "") + defer cleanupFunc() + + clientName, _, cleanupFunc := createAndWaitForPod(t, data, data.createBusyboxPodOnNode, "test-client-", "") + defer cleanupFunc() + k8sUtils, err = NewKubernetesUtils(data) + failOnError(err, t) + p10 := float64(10) + intstr80 := intstr.FromInt(80) + intstr443 := intstr.FromInt(443) + dropAction := crdv1alpha1.RuleActionDrop + allowAction := crdv1alpha1.RuleActionAllow + selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} + selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} + protocol := v1.ProtocolUDP + + // When using the userspace OVS datapath and tunneling, + // the first IP packet sent on a tunnel is always dropped because of a missing ARP entry. + // So we need to "warm-up" the tunnel. + if clusterInfo.podV4NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + } + if clusterInfo.podV6NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + } + var anp = &legacysecurityv1alpha1.NetworkPolicy{ + ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "np1", Labels: map[string]string{"antrea-e2e": "np1"}}, + Spec: crdv1alpha1.NetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ + {PodSelector: &selectorC}, + }, + Priority: p10, + Ingress: []crdv1alpha1.Rule{ + { + Ports: []crdv1alpha1.NetworkPolicyPort{ + { + Port: &intstr80, + Protocol: &protocol, + }, + }, + From: []crdv1alpha1.NetworkPolicyPeer{ + { + PodSelector: &selectorB, + }, + }, + Action: &dropAction, + }, + { + Ports: []crdv1alpha1.NetworkPolicyPort{ + { + Port: &intstr443, + Protocol: &protocol, + }, + }, + From: []crdv1alpha1.NetworkPolicyPeer{ + { + PodSelector: &selectorB, + }, + }, + Action: &allowAction, + }, + }, + Egress: []crdv1alpha1.Rule{}, + }, + } + + if _, err = k8sUtils.CreateOrUpdateLegacyANP(anp); err != nil { + failOnError(fmt.Errorf("create ANP failed for ANP %s: %v", anp.Name, err), t) + } + + // Wait for a few seconds in case that connections are established before policies are enforced. + time.Sleep(networkPolicyDelay) + + sessionsPerAddressFamily := 10 + var wg sync.WaitGroup + for i := 0; i < sessionsPerAddressFamily; i++ { + wg.Add(1) + go func() { + if clusterInfo.podV4NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 80", serverIPs.ipv4.String())} + cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 443", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) + } + if clusterInfo.podV6NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 80", serverIPs.ipv6.String())} + cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 443", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) + } + wg.Done() + }() + } + wg.Wait() + + totalSessionsPerRule := 0 + if clusterInfo.podV4NetworkCIDR != "" { + totalSessionsPerRule += sessionsPerAddressFamily + } + if clusterInfo.podV6NetworkCIDR != "" { + totalSessionsPerRule += sessionsPerAddressFamily + } + + if err := wait.Poll(5*time.Second, defaultTimeout, func() (bool, error) { + stats, err := data.crdClient.StatsV1alpha1().AntreaNetworkPolicyStats(testNamespace).Get(context.TODO(), "np1", metav1.GetOptions{}) + if err != nil { + return false, err + } + t.Logf("Got AntreaNetworkPolicy stats: %v", stats) + if len(stats.RuleTrafficStats) != 2 { + return false, nil + } + if stats.RuleTrafficStats[0].TrafficStats.Sessions != int64(totalSessionsPerRule) { + return false, nil + } + if stats.RuleTrafficStats[1].TrafficStats.Sessions != int64(totalSessionsPerRule) { + return false, nil + } + if stats.TrafficStats.Sessions != stats.RuleTrafficStats[1].TrafficStats.Sessions+stats.RuleTrafficStats[0].TrafficStats.Sessions { + return false, fmt.Errorf("the rules stats under one policy should sum up to its total policy") + } + if stats.TrafficStats.Packets < stats.TrafficStats.Sessions || stats.TrafficStats.Bytes < stats.TrafficStats.Sessions { + return false, fmt.Errorf("neither 'Packets' nor 'Bytes' should be smaller than 'Sessions'") + } + return true, nil + }); err != nil { + failOnError(err, t) + } + k8sUtils.LegacyCleanup(namespaces) +} + +func TestLegacyAntreaClusterNetworkPolicyStats(t *testing.T) { + data, err := setupTest(t) + if err != nil { + t.Fatalf("Error when setting up test: %v", err) + } + defer teardownTest(t, data) + skipIfAntreaPolicyDisabled(t, data) + + cc := []configChange{ + {"NetworkPolicyStats", "true", true}, + } + ac := []configChange{ + {"NetworkPolicyStats", "true", true}, + } + if err := testData.mutateAntreaConfigMap(cc, ac, true, true); err != nil { + t.Fatalf("Failed to enable NetworkPolicyStats feature: %v", err) + } + serverName, serverIPs, cleanupFunc := createAndWaitForPod(t, data, data.createNginxPodOnNode, "test-server-", "") + defer cleanupFunc() + + clientName, _, cleanupFunc := createAndWaitForPod(t, data, data.createBusyboxPodOnNode, "test-client-", "") + defer cleanupFunc() + k8sUtils, err = NewKubernetesUtils(data) + failOnError(err, t) + p10 := float64(10) + intstr800 := intstr.FromInt(800) + intstr4430 := intstr.FromInt(4430) + dropAction := crdv1alpha1.RuleActionDrop + allowAction := crdv1alpha1.RuleActionAllow + selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": clientName}} + selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"antrea-e2e": serverName}} + protocol := v1.ProtocolUDP + + // When using the userspace OVS datapath and tunneling, + // the first IP packet sent on a tunnel is always dropped because of a missing ARP entry. + // So we need to "warm-up" the tunnel. + if clusterInfo.podV4NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + } + if clusterInfo.podV6NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("nc -vz -w 4 %s 80", serverIPs.ipv6.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + } + var acnp = &legacysecv1alpha1.ClusterNetworkPolicy{ + ObjectMeta: metav1.ObjectMeta{Namespace: testNamespace, Name: "cnp1", Labels: map[string]string{"antrea-e2e": "cnp1"}}, + Spec: crdv1alpha1.ClusterNetworkPolicySpec{ + AppliedTo: []crdv1alpha1.NetworkPolicyPeer{ + {PodSelector: &selectorC}, + }, + Priority: p10, + Ingress: []crdv1alpha1.Rule{ + { + Ports: []crdv1alpha1.NetworkPolicyPort{ + { + Port: &intstr800, + Protocol: &protocol, + }, + }, + From: []crdv1alpha1.NetworkPolicyPeer{ + { + PodSelector: &selectorB, + }, + }, + Action: &allowAction, + }, + { + Ports: []crdv1alpha1.NetworkPolicyPort{ + { + Port: &intstr4430, + Protocol: &protocol, + }, + }, + From: []crdv1alpha1.NetworkPolicyPeer{ + { + PodSelector: &selectorB, + }, + }, + Action: &dropAction, + }, + }, + Egress: []crdv1alpha1.Rule{}, + }, + } + + if _, err = k8sUtils.CreateOrUpdateLegacyACNP(acnp); err != nil { + failOnError(fmt.Errorf("create ACNP failed for ACNP %s: %v", acnp.Name, err), t) + } + + // Wait for a few seconds in case that connections are established before policies are enforced. + time.Sleep(networkPolicyDelay) + + sessionsPerAddressFamily := 10 + var wg sync.WaitGroup + for i := 0; i < sessionsPerAddressFamily; i++ { + wg.Add(1) + go func() { + if clusterInfo.podV4NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 800", serverIPs.ipv4.String())} + cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 4430", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) + } + if clusterInfo.podV6NetworkCIDR != "" { + cmd := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 800", serverIPs.ipv6.String())} + cmd2 := []string{"/bin/sh", "-c", fmt.Sprintf("echo test | nc -w 4 -u %s 4430", serverIPs.ipv4.String())} + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd) + data.runCommandFromPod(testNamespace, clientName, busyboxContainerName, cmd2) + } + wg.Done() + }() + } + wg.Wait() + + totalSessionsPerRule := 0 + if clusterInfo.podV4NetworkCIDR != "" { + totalSessionsPerRule += sessionsPerAddressFamily + } + if clusterInfo.podV6NetworkCIDR != "" { + totalSessionsPerRule += sessionsPerAddressFamily + } + + if err := wait.Poll(5*time.Second, defaultTimeout, func() (bool, error) { + stats, err := data.crdClient.StatsV1alpha1().AntreaClusterNetworkPolicyStats().Get(context.TODO(), "cnp1", metav1.GetOptions{}) + if err != nil { + return false, err + } + t.Logf("Got AntreaNetworkPolicy stats: %v", stats) + if len(stats.RuleTrafficStats) != 2 { + return false, nil + } + if stats.RuleTrafficStats[0].TrafficStats.Sessions != int64(totalSessionsPerRule) { + return false, nil + } + if stats.RuleTrafficStats[1].TrafficStats.Sessions != int64(totalSessionsPerRule) { + return false, nil + } + if stats.TrafficStats.Sessions != stats.RuleTrafficStats[1].TrafficStats.Sessions+stats.RuleTrafficStats[0].TrafficStats.Sessions { + return false, fmt.Errorf("the rules stats under one policy should sum up to its total policy") + } + if stats.TrafficStats.Packets < stats.TrafficStats.Sessions || stats.TrafficStats.Bytes < stats.TrafficStats.Sessions { + return false, fmt.Errorf("neither 'Packets' nor 'Bytes' should be smaller than 'Sessions'") + } + return true, nil + }); err != nil { + failOnError(err, t) + } + k8sUtils.LegacyCleanup(namespaces) +} diff --git a/test/e2e/legacyclustergroup_test.go b/test/e2e/legacyclustergroup_test.go new file mode 100644 index 00000000000..1f27f3f9565 --- /dev/null +++ b/test/e2e/legacyclustergroup_test.go @@ -0,0 +1,273 @@ +// Copyright 2021 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package e2e + +import ( + "fmt" + "testing" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + legacycorev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" +) + +func testLegacyInvalidCGIPBlockWithPodSelector(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with ipblock and podSelector") + cgName := "ipb-pod" + pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} + cidr := "10.0.0.10/32" + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + PodSelector: pSel, + IPBlock: ipb, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGIPBlockWithNSSelector(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with ipblock and namespaceSelector") + cgName := "ipb-ns" + nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} + cidr := "10.0.0.10/32" + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + NamespaceSelector: nSel, + IPBlock: ipb, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGServiceRefWithPodSelector(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with serviceReference and podSelector") + cgName := "svcref-pod-selector" + pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} + svcRef := &crdv1alpha2.ServiceReference{ + Namespace: "y", + Name: "test-svc", + } + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + PodSelector: pSel, + ServiceReference: svcRef, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGServiceRefWithNSSelector(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with serviceReference and namespaceSelector") + cgName := "svcref-ns-selector" + nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": "y"}} + svcRef := &crdv1alpha2.ServiceReference{ + Namespace: "y", + Name: "test-svc", + } + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + NamespaceSelector: nSel, + ServiceReference: svcRef, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGServiceRefWithIPBlock(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with ipblock and namespaceSelector") + cgName := "ipb-svcref" + cidr := "10.0.0.10/32" + ipb := &crdv1alpha1.IPBlock{CIDR: cidr} + svcRef := &crdv1alpha2.ServiceReference{ + Namespace: "y", + Name: "test-svc", + } + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + ServiceReference: svcRef, + IPBlock: ipb, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGChildGroupDoesNotExist(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup childGroup does not exist") + cgName := "child-group-not-exist" + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference("some-non-existing-cg")}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func createLegacyChildCGForTest(t *testing.T) { + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: testChildCGName, + }, + Spec: crdv1alpha2.GroupSpec{ + PodSelector: &metav1.LabelSelector{}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err != nil { + failOnError(err, t) + } +} + +func cleanupLegacyChildCGForTest(t *testing.T) { + if err := k8sUtils.DeleteLegacyCG(testChildCGName); err != nil { + failOnError(err, t) + } +} + +func testLegacyInvalidCGChildGroupWithPodSelector(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with childGroups and podSelector") + cgName := "child-group-pod-selector" + pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + PodSelector: pSel, + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGChildGroupWithServiceReference(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with childGroups and ServiceReference") + cgName := "child-group-svcref" + svcRef := &crdv1alpha2.ServiceReference{ + Namespace: "y", + Name: "test-svc", + } + cg := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: cgName, + }, + Spec: crdv1alpha2.GroupSpec{ + ServiceReference: svcRef, + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } +} + +func testLegacyInvalidCGMaxNestedLevel(t *testing.T) { + invalidErr := fmt.Errorf("clustergroup created with childGroup which has childGroups itself") + cgName1, cgName2 := "cg-nested-1", "cg-nested-2" + cg1 := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{Name: cgName1}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(testChildCGName)}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg1); err != nil { + // Above creation of CG must succeed as it is a valid spec. + failOnError(err, t) + } + cg2 := &legacycorev1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{Name: cgName2}, + Spec: crdv1alpha2.GroupSpec{ + ChildGroups: []crdv1alpha2.ClusterGroupReference{crdv1alpha2.ClusterGroupReference(cgName1)}, + }, + } + if _, err := k8sUtils.CreateOrUpdateLegacyCG(cg2); err == nil { + // Above creation of CG must fail as it is an invalid spec. + failOnError(invalidErr, t) + } + // cleanup cg-nested-1 + if err := k8sUtils.DeleteLegacyCG(cgName1); err != nil { + failOnError(err, t) + } +} + +func TestLegacyClusterGroup(t *testing.T) { + data, err := setupTest(t) + if err != nil { + t.Fatalf("Error when setting up test: %v", err) + } + defer teardownTest(t, data) + skipIfAntreaPolicyDisabled(t, data) + initialize(t, data) + + t.Run("TestLegacyGroupClusterGroupValidate", func(t *testing.T) { + t.Run("Case=LegacyIPBlockWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGIPBlockWithPodSelector(t) }) + t.Run("Case=LegacyIPBlockWithNamespaceSelectorDenied", func(t *testing.T) { testLegacyInvalidCGIPBlockWithNSSelector(t) }) + t.Run("Case=LegacyServiceRefWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithPodSelector(t) }) + t.Run("Case=LegacyServiceRefWithNamespaceSelectorDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithNSSelector(t) }) + t.Run("Case=LegacyServiceRefWithIPBlockDenied", func(t *testing.T) { testLegacyInvalidCGServiceRefWithIPBlock(t) }) + t.Run("Case=LegacyInvalidChildGroupName", func(t *testing.T) { testLegacyInvalidCGChildGroupDoesNotExist(t) }) + }) + + t.Run("TestLegacyGroupClusterGroupValidateChildGroup", func(t *testing.T) { + createLegacyChildCGForTest(t) + t.Run("Case=LegacyChildGroupWithPodSelectorDenied", func(t *testing.T) { testLegacyInvalidCGChildGroupWithPodSelector(t) }) + t.Run("Case=LegacyChildGroupWithPodServiceReferenceDenied", func(t *testing.T) { testLegacyInvalidCGChildGroupWithServiceReference(t) }) + t.Run("Case=LegacyChildGroupExceedMaxNestedLevel", func(t *testing.T) { testLegacyInvalidCGMaxNestedLevel(t) }) + cleanupLegacyChildCGForTest(t) + }) + failOnError(k8sUtils.CleanLegacyCGs(), t) +} diff --git a/test/e2e/networkpolicy_test.go b/test/e2e/networkpolicy_test.go index c8f1697a2e7..6af86a68f77 100644 --- a/test/e2e/networkpolicy_test.go +++ b/test/e2e/networkpolicy_test.go @@ -30,7 +30,7 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "github.com/vmware-tanzu/antrea/pkg/agent/apiserver/handlers/agentinfo" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" ) func TestNetworkPolicyStats(t *testing.T) { diff --git a/test/e2e/security_test.go b/test/e2e/security_test.go index 651776776eb..7368df33a8a 100644 --- a/test/e2e/security_test.go +++ b/test/e2e/security_test.go @@ -31,7 +31,7 @@ import ( certutil "k8s.io/client-go/util/cert" "github.com/vmware-tanzu/antrea/pkg/apis" - "github.com/vmware-tanzu/antrea/pkg/apis/clusterinformation/v1beta1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1beta1" "github.com/vmware-tanzu/antrea/pkg/apiserver/certificate" ) diff --git a/test/e2e/traceflow_test.go b/test/e2e/traceflow_test.go index baab1e87e19..a019b90f8d5 100644 --- a/test/e2e/traceflow_test.go +++ b/test/e2e/traceflow_test.go @@ -29,8 +29,8 @@ import ( "github.com/vmware-tanzu/antrea/pkg/agent/config" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - "github.com/vmware-tanzu/antrea/pkg/apis/ops/v1alpha1" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" "github.com/vmware-tanzu/antrea/pkg/features" ) @@ -134,7 +134,7 @@ func TestTraceflowIntraNodeANP(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", Action: v1alpha1.Dropped, }, @@ -181,7 +181,7 @@ func TestTraceflowIntraNodeANP(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressMetric", Action: v1alpha1.Dropped, }, @@ -296,12 +296,12 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressDefaultRule", Action: v1alpha1.Dropped, }, @@ -347,7 +347,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -397,7 +397,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -442,7 +442,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -514,12 +514,12 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "IngressDefaultRule", Action: v1alpha1.Dropped, }, @@ -565,7 +565,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -615,7 +615,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -660,7 +660,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -733,7 +733,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -781,7 +781,7 @@ func TestTraceflowIntraNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -935,7 +935,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1000,7 +1000,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1060,7 +1060,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1133,7 +1133,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1200,7 +1200,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1265,7 +1265,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1325,7 +1325,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1398,7 +1398,7 @@ func TestTraceflowInterNode(t *testing.T) { Action: v1alpha1.Forwarded, }, { - Component: v1alpha1.NetworkPolicy, + Component: v1alpha1.ComponentNetworkPolicy, ComponentInfo: "EgressRule", Action: v1alpha1.Forwarded, }, @@ -1502,7 +1502,7 @@ func (data *TestData) waitForTraceflow(t *testing.T, name string, phase v1alpha1 var err error timeout := 15 * time.Second if err = wait.PollImmediate(defaultInterval, timeout, func() (bool, error) { - tf, err = data.crdClient.OpsV1alpha1().Traceflows().Get(context.TODO(), name, metav1.GetOptions{}) + tf, err = data.crdClient.CrdV1alpha1().Traceflows().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil || tf.Status.Phase != phase { return false, nil } @@ -1571,7 +1571,7 @@ func (data *TestData) createANPDenyIngress(key string, value string, name string Egress: []secv1alpha1.Rule{}, }, } - anpCreated, err := k8sUtils.securityClient.NetworkPolicies(testNamespace).Create(context.TODO(), &anp, metav1.CreateOptions{}) + anpCreated, err := k8sUtils.crdClient.CrdV1alpha1().NetworkPolicies(testNamespace).Create(context.TODO(), &anp, metav1.CreateOptions{}) if err != nil { return nil, err } @@ -1580,7 +1580,7 @@ func (data *TestData) createANPDenyIngress(key string, value string, name string // deleteAntreaNetworkpolicy deletes an Antrea NetworkPolicy. func (data *TestData) deleteAntreaNetworkpolicy(policy *secv1alpha1.NetworkPolicy) error { - if err := k8sUtils.securityClient.NetworkPolicies(testNamespace).Delete(context.TODO(), policy.Name, metav1.DeleteOptions{}); err != nil { + if err := k8sUtils.crdClient.CrdV1alpha1().NetworkPolicies(testNamespace).Delete(context.TODO(), policy.Name, metav1.DeleteOptions{}); err != nil { return fmt.Errorf("unable to cleanup policy %v: %v", policy.Name, err) } return nil @@ -1639,11 +1639,11 @@ func runTestTraceflow(t *testing.T, data *TestData, tc testcase) { case 6: skipIfNotIPv6Cluster(t) } - if _, err := data.crdClient.OpsV1alpha1().Traceflows().Create(context.TODO(), tc.tf, metav1.CreateOptions{}); err != nil { + if _, err := data.crdClient.CrdV1alpha1().Traceflows().Create(context.TODO(), tc.tf, metav1.CreateOptions{}); err != nil { t.Fatalf("Error when creating traceflow: %v", err) } defer func() { - if err := data.crdClient.OpsV1alpha1().Traceflows().Delete(context.TODO(), tc.tf.Name, metav1.DeleteOptions{}); err != nil { + if err := data.crdClient.CrdV1alpha1().Traceflows().Delete(context.TODO(), tc.tf.Name, metav1.DeleteOptions{}); err != nil { t.Errorf("Error when deleting traceflow: %v", err) } }() diff --git a/test/e2e/util.go b/test/e2e/util.go index 89ec9cb28e6..3d1102c7151 100644 --- a/test/e2e/util.go +++ b/test/e2e/util.go @@ -3,6 +3,9 @@ package e2e import ( "io" "os" + "time" + + "k8s.io/klog" ) // IsDirEmpty checks whether a directory is empty or not. @@ -19,3 +22,11 @@ func IsDirEmpty(name string) (bool, error) { } return false, err } + +func timeCost() func(string) { + start := time.Now() + return func(status string) { + tc := time.Since(start) + klog.Infof("Confirming %s status costs %v", status, tc) + } +} diff --git a/test/e2e/utils/anpspecbuilder.go b/test/e2e/utils/anpspecbuilder.go index cc1d0cc3dbb..2031e9155bb 100644 --- a/test/e2e/utils/anpspecbuilder.go +++ b/test/e2e/utils/anpspecbuilder.go @@ -19,11 +19,12 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + legacysecv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" ) type AntreaNetworkPolicySpecBuilder struct { - Spec secv1alpha1.NetworkPolicySpec + Spec crdv1alpha1.NetworkPolicySpec Name string Namespace string } @@ -33,14 +34,30 @@ type ANPAppliedToSpec struct { PodSelectorMatchExp []metav1.LabelSelectorRequirement } -func (b *AntreaNetworkPolicySpecBuilder) Get() *secv1alpha1.NetworkPolicy { +func (b *AntreaNetworkPolicySpecBuilder) Get() *crdv1alpha1.NetworkPolicy { if b.Spec.Ingress == nil { - b.Spec.Ingress = []secv1alpha1.Rule{} + b.Spec.Ingress = []crdv1alpha1.Rule{} } if b.Spec.Egress == nil { - b.Spec.Egress = []secv1alpha1.Rule{} + b.Spec.Egress = []crdv1alpha1.Rule{} } - return &secv1alpha1.NetworkPolicy{ + return &crdv1alpha1.NetworkPolicy{ + ObjectMeta: metav1.ObjectMeta{ + Name: b.Name, + Namespace: b.Namespace, + }, + Spec: b.Spec, + } +} + +func (b *AntreaNetworkPolicySpecBuilder) GetLegacy() *legacysecv1alpha1.NetworkPolicy { + if b.Spec.Ingress == nil { + b.Spec.Ingress = []crdv1alpha1.Rule{} + } + if b.Spec.Egress == nil { + b.Spec.Egress = []crdv1alpha1.Rule{} + } + return &legacysecv1alpha1.NetworkPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: b.Name, Namespace: b.Namespace, @@ -74,7 +91,7 @@ func (b *AntreaNetworkPolicySpecBuilder) SetAppliedToGroup(specs []ANPAppliedToS } func (b *AntreaNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[string]string, - podSelectorMatchExp []metav1.LabelSelectorRequirement) secv1alpha1.NetworkPolicyPeer { + podSelectorMatchExp []metav1.LabelSelectorRequirement) crdv1alpha1.NetworkPolicyPeer { var ps *metav1.LabelSelector if podSelector != nil { ps = &metav1.LabelSelector{ @@ -89,7 +106,7 @@ func (b *AntreaNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[string MatchExpressions: podSelectorMatchExp, } } - return secv1alpha1.NetworkPolicyPeer{ + return crdv1alpha1.NetworkPolicyPeer{ PodSelector: ps, } } @@ -98,12 +115,12 @@ func (b *AntreaNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, port *int32, portName *string, endPort *int32, cidr *string, podSelector map[string]string, nsSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, - ruleAppliedToSpecs []ANPAppliedToSpec, action secv1alpha1.RuleAction, name string) *AntreaNetworkPolicySpecBuilder { + ruleAppliedToSpecs []ANPAppliedToSpec, action crdv1alpha1.RuleAction, name string) *AntreaNetworkPolicySpecBuilder { var ps, ns *metav1.LabelSelector - var appliedTos []secv1alpha1.NetworkPolicyPeer + var appliedTos []crdv1alpha1.NetworkPolicyPeer if b.Spec.Ingress == nil { - b.Spec.Ingress = []secv1alpha1.Rule{} + b.Spec.Ingress = []crdv1alpha1.Rule{} } if podSelector != nil { @@ -132,30 +149,30 @@ func (b *AntreaNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, MatchExpressions: nsSelectorMatchExp, } } - var ipBlock *secv1alpha1.IPBlock + var ipBlock *crdv1alpha1.IPBlock if cidr != nil { - ipBlock = &secv1alpha1.IPBlock{ + ipBlock = &crdv1alpha1.IPBlock{ CIDR: *cidr, } } for _, at := range ruleAppliedToSpecs { appliedTos = append(appliedTos, b.GetAppliedToPeer(at.PodSelector, at.PodSelectorMatchExp)) } - var policyPeer []secv1alpha1.NetworkPolicyPeer + var policyPeer []crdv1alpha1.NetworkPolicyPeer if ps != nil || ns != nil || ipBlock != nil { - policyPeer = []secv1alpha1.NetworkPolicyPeer{{ + policyPeer = []crdv1alpha1.NetworkPolicyPeer{{ PodSelector: ps, NamespaceSelector: ns, IPBlock: ipBlock, }} } - var ports []secv1alpha1.NetworkPolicyPort + var ports []crdv1alpha1.NetworkPolicyPort if port != nil && portName != nil { panic("specify portname or port, not both") } if portName != nil { - ports = []secv1alpha1.NetworkPolicyPort{ + ports = []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr.IntOrString{Type: intstr.String, StrVal: *portName}, Protocol: &protoc, @@ -167,7 +184,7 @@ func (b *AntreaNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, if port != nil { pVal = &intstr.IntOrString{IntVal: *port} } - ports = []secv1alpha1.NetworkPolicyPort{ + ports = []crdv1alpha1.NetworkPolicyPort{ { Port: pVal, EndPort: endPort, @@ -176,7 +193,7 @@ func (b *AntreaNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, } } - newRule := secv1alpha1.Rule{ + newRule := crdv1alpha1.Rule{ From: policyPeer, Ports: ports, Action: &action, @@ -191,7 +208,7 @@ func (b *AntreaNetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, port *int32, portName *string, endPort *int32, cidr *string, podSelector map[string]string, nsSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, - ruleAppliedToSpecs []ANPAppliedToSpec, action secv1alpha1.RuleAction, name string) *AntreaNetworkPolicySpecBuilder { + ruleAppliedToSpecs []ANPAppliedToSpec, action crdv1alpha1.RuleAction, name string) *AntreaNetworkPolicySpecBuilder { // For simplicity, we just reuse the Ingress code here. The underlying data model for ingress/egress is identical // With the exception of calling the rule `To` vs. `From`. @@ -200,7 +217,7 @@ func (b *AntreaNetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, podSelectorMatchExp, nsSelectorMatchExp, ruleAppliedToSpecs, action, name) theRule := c.Get().Spec.Ingress[0] - b.Spec.Egress = append(b.Spec.Egress, secv1alpha1.Rule{ + b.Spec.Egress = append(b.Spec.Egress, crdv1alpha1.Rule{ To: theRule.From, Ports: theRule.Ports, Action: theRule.Action, diff --git a/test/e2e/utils/cgspecbuilder.go b/test/e2e/utils/cgspecbuilder.go index 1a57f833c2d..5fa40aa009d 100644 --- a/test/e2e/utils/cgspecbuilder.go +++ b/test/e2e/utils/cgspecbuilder.go @@ -17,17 +17,27 @@ package utils import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - corev1a2 "github.com/vmware-tanzu/antrea/pkg/apis/core/v1alpha2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + crdv1alpha2 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha2" + legacycorev1alpha2 "github.com/vmware-tanzu/antrea/pkg/legacyapis/core/v1alpha2" ) type ClusterGroupSpecBuilder struct { - Spec corev1a2.GroupSpec + Spec crdv1alpha2.GroupSpec Name string } -func (b *ClusterGroupSpecBuilder) Get() *corev1a2.ClusterGroup { - return &corev1a2.ClusterGroup{ +func (b *ClusterGroupSpecBuilder) Get() *crdv1alpha2.ClusterGroup { + return &crdv1alpha2.ClusterGroup{ + ObjectMeta: metav1.ObjectMeta{ + Name: b.Name, + }, + Spec: b.Spec, + } +} + +func (b *ClusterGroupSpecBuilder) GetLegacy() *legacycorev1alpha2.ClusterGroup { + return &legacycorev1alpha2.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: b.Name, }, @@ -68,13 +78,13 @@ func (b *ClusterGroupSpecBuilder) SetNamespaceSelector(nsSelector map[string]str return b } -func (b *ClusterGroupSpecBuilder) SetIPBlock(ipb *secv1alpha1.IPBlock) *ClusterGroupSpecBuilder { +func (b *ClusterGroupSpecBuilder) SetIPBlock(ipb *crdv1alpha1.IPBlock) *ClusterGroupSpecBuilder { b.Spec.IPBlock = ipb return b } func (b *ClusterGroupSpecBuilder) SetServiceReference(svcNS, svcName string) *ClusterGroupSpecBuilder { - svcRef := &corev1a2.ServiceReference{ + svcRef := &crdv1alpha2.ServiceReference{ Namespace: svcNS, Name: svcName, } @@ -83,9 +93,9 @@ func (b *ClusterGroupSpecBuilder) SetServiceReference(svcNS, svcName string) *Cl } func (b *ClusterGroupSpecBuilder) SetChildGroups(cgs []string) *ClusterGroupSpecBuilder { - var childGroups []corev1a2.ClusterGroupReference + var childGroups []crdv1alpha2.ClusterGroupReference for _, c := range cgs { - childGroups = append(childGroups, corev1a2.ClusterGroupReference(c)) + childGroups = append(childGroups, crdv1alpha2.ClusterGroupReference(c)) } b.Spec.ChildGroups = childGroups return b diff --git a/test/e2e/utils/cnpspecbuilder.go b/test/e2e/utils/cnpspecbuilder.go index 47ab3afe420..1f1f6d8b9d6 100644 --- a/test/e2e/utils/cnpspecbuilder.go +++ b/test/e2e/utils/cnpspecbuilder.go @@ -19,11 +19,12 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" + legacysecv1alpha1 "github.com/vmware-tanzu/antrea/pkg/legacyapis/security/v1alpha1" ) type ClusterNetworkPolicySpecBuilder struct { - Spec secv1alpha1.ClusterNetworkPolicySpec + Spec crdv1alpha1.ClusterNetworkPolicySpec Name string } @@ -35,14 +36,29 @@ type ACNPAppliedToSpec struct { Group string } -func (b *ClusterNetworkPolicySpecBuilder) Get() *secv1alpha1.ClusterNetworkPolicy { +func (b *ClusterNetworkPolicySpecBuilder) Get() *crdv1alpha1.ClusterNetworkPolicy { if b.Spec.Ingress == nil { - b.Spec.Ingress = []secv1alpha1.Rule{} + b.Spec.Ingress = []crdv1alpha1.Rule{} } if b.Spec.Egress == nil { - b.Spec.Egress = []secv1alpha1.Rule{} + b.Spec.Egress = []crdv1alpha1.Rule{} } - return &secv1alpha1.ClusterNetworkPolicy{ + return &crdv1alpha1.ClusterNetworkPolicy{ + ObjectMeta: metav1.ObjectMeta{ + Name: b.Name, + }, + Spec: b.Spec, + } +} + +func (b *ClusterNetworkPolicySpecBuilder) GetLegacy() *legacysecv1alpha1.ClusterNetworkPolicy { + if b.Spec.Ingress == nil { + b.Spec.Ingress = []crdv1alpha1.Rule{} + } + if b.Spec.Egress == nil { + b.Spec.Egress = []crdv1alpha1.Rule{} + } + return &legacysecv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{ Name: b.Name, }, @@ -77,7 +93,7 @@ func (b *ClusterNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[strin nsSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement, nsSelectorMatchExp []metav1.LabelSelectorRequirement, - appliedToCG string) secv1alpha1.NetworkPolicyPeer { + appliedToCG string) crdv1alpha1.NetworkPolicyPeer { var ps *metav1.LabelSelector var ns *metav1.LabelSelector @@ -108,7 +124,7 @@ func (b *ClusterNetworkPolicySpecBuilder) GetAppliedToPeer(podSelector map[strin MatchExpressions: nsSelectorMatchExp, } } - peer := secv1alpha1.NetworkPolicyPeer{ + peer := crdv1alpha1.NetworkPolicyPeer{ PodSelector: ps, NamespaceSelector: ns, } @@ -122,13 +138,13 @@ func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, port *int32, portName *string, endPort *int32, cidr *string, podSelector map[string]string, nsSelector map[string]string, podSelectorMatchExp *[]metav1.LabelSelectorRequirement, nsSelectorMatchExp *[]metav1.LabelSelectorRequirement, - ruleAppliedToSpecs []ACNPAppliedToSpec, action secv1alpha1.RuleAction, ruleClusterGroup, name string) *ClusterNetworkPolicySpecBuilder { + ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1alpha1.RuleAction, ruleClusterGroup, name string) *ClusterNetworkPolicySpecBuilder { var ps *metav1.LabelSelector var ns *metav1.LabelSelector - var appliedTos []secv1alpha1.NetworkPolicyPeer + var appliedTos []crdv1alpha1.NetworkPolicyPeer if b.Spec.Ingress == nil { - b.Spec.Ingress = []secv1alpha1.Rule{} + b.Spec.Ingress = []crdv1alpha1.Rule{} } if podSelector != nil { @@ -157,18 +173,18 @@ func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, MatchExpressions: *nsSelectorMatchExp, } } - var ipBlock *secv1alpha1.IPBlock + var ipBlock *crdv1alpha1.IPBlock if cidr != nil { - ipBlock = &secv1alpha1.IPBlock{ + ipBlock = &crdv1alpha1.IPBlock{ CIDR: *cidr, } } for _, at := range ruleAppliedToSpecs { appliedTos = append(appliedTos, b.GetAppliedToPeer(at.PodSelector, at.NSSelector, at.PodSelectorMatchExp, at.NSSelectorMatchExp, at.Group)) } - var policyPeer []secv1alpha1.NetworkPolicyPeer + var policyPeer []crdv1alpha1.NetworkPolicyPeer if ps != nil || ns != nil || ipBlock != nil || ruleClusterGroup != "" { - policyPeer = []secv1alpha1.NetworkPolicyPeer{{ + policyPeer = []crdv1alpha1.NetworkPolicyPeer{{ PodSelector: ps, NamespaceSelector: ns, IPBlock: ipBlock, @@ -176,12 +192,12 @@ func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, }} } - var ports []secv1alpha1.NetworkPolicyPort + var ports []crdv1alpha1.NetworkPolicyPort if port != nil && portName != nil { panic("specify portname or port, not both") } if portName != nil { - ports = []secv1alpha1.NetworkPolicyPort{ + ports = []crdv1alpha1.NetworkPolicyPort{ { Port: &intstr.IntOrString{Type: intstr.String, StrVal: *portName}, Protocol: &protoc, @@ -193,7 +209,7 @@ func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, if port != nil { pVal = &intstr.IntOrString{IntVal: *port} } - ports = []secv1alpha1.NetworkPolicyPort{ + ports = []crdv1alpha1.NetworkPolicyPort{ { Port: pVal, EndPort: endPort, @@ -202,7 +218,7 @@ func (b *ClusterNetworkPolicySpecBuilder) AddIngress(protoc v1.Protocol, } } - newRule := secv1alpha1.Rule{ + newRule := crdv1alpha1.Rule{ From: policyPeer, Ports: ports, Action: &action, @@ -217,7 +233,7 @@ func (b *ClusterNetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, port *int32, portName *string, endPort *int32, cidr *string, podSelector map[string]string, nsSelector map[string]string, podSelectorMatchExp *[]metav1.LabelSelectorRequirement, nsSelectorMatchExp *[]metav1.LabelSelectorRequirement, - ruleAppliedToSpecs []ACNPAppliedToSpec, action secv1alpha1.RuleAction, ruleClusterGroup, name string) *ClusterNetworkPolicySpecBuilder { + ruleAppliedToSpecs []ACNPAppliedToSpec, action crdv1alpha1.RuleAction, ruleClusterGroup, name string) *ClusterNetworkPolicySpecBuilder { // For simplicity, we just reuse the Ingress code here. The underlying data model for ingress/egress is identical // With the exception of calling the rule `To` vs. `From`. @@ -226,7 +242,7 @@ func (b *ClusterNetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, podSelectorMatchExp, nsSelectorMatchExp, ruleAppliedToSpecs, action, ruleClusterGroup, name) theRule := c.Get().Spec.Ingress[0] - b.Spec.Egress = append(b.Spec.Egress, secv1alpha1.Rule{ + b.Spec.Egress = append(b.Spec.Egress, crdv1alpha1.Rule{ To: theRule.From, Ports: theRule.Ports, Action: theRule.Action, @@ -239,7 +255,7 @@ func (b *ClusterNetworkPolicySpecBuilder) AddEgress(protoc v1.Protocol, // AddEgressDNS mutates the nth policy rule to allow DNS, convenience method func (b *ClusterNetworkPolicySpecBuilder) WithEgressDNS() *ClusterNetworkPolicySpecBuilder { protocolUDP := v1.ProtocolUDP - route53 := secv1alpha1.NetworkPolicyPort{ + route53 := crdv1alpha1.NetworkPolicyPort{ Protocol: &protocolUDP, Port: &intstr.IntOrString{Type: intstr.Int, IntVal: 53}, } diff --git a/test/integration/agent/openflow_test.go b/test/integration/agent/openflow_test.go index 53aa25cc1f5..f2c987e38db 100644 --- a/test/integration/agent/openflow_test.go +++ b/test/integration/agent/openflow_test.go @@ -37,7 +37,7 @@ import ( k8stypes "github.com/vmware-tanzu/antrea/pkg/agent/proxy/types" "github.com/vmware-tanzu/antrea/pkg/agent/types" "github.com/vmware-tanzu/antrea/pkg/apis/controlplane/v1beta2" - secv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/security/v1alpha1" + crdv1alpha1 "github.com/vmware-tanzu/antrea/pkg/apis/crd/v1alpha1" ofconfig "github.com/vmware-tanzu/antrea/pkg/ovs/openflow" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsconfig" "github.com/vmware-tanzu/antrea/pkg/ovs/ovsctl" @@ -184,7 +184,7 @@ func TestReplayFlowsNetworkPolicyFlows(t *testing.T) { port2 := intstr.FromInt(8080) tcpProtocol := v1beta2.ProtocolTCP - defaultAction := secv1alpha1.RuleActionAllow + defaultAction := crdv1alpha1.RuleActionAllow npPort1 := v1beta2.Service{Protocol: &tcpProtocol, Port: &port2} toIPList := prepareIPAddresses(toList) rule := &types.PolicyRule{ @@ -363,7 +363,7 @@ func TestNetworkPolicyFlows(t *testing.T) { port2 := intstr.FromInt(8080) tcpProtocol := v1beta2.ProtocolTCP - defaultAction := secv1alpha1.RuleActionAllow + defaultAction := crdv1alpha1.RuleActionAllow npPort1 := v1beta2.Service{Protocol: &tcpProtocol, Port: &port2} toIPList := prepareIPAddresses(toList) rule := &types.PolicyRule{