diff --git a/api/v2/types_firewall.go b/api/v2/types_firewall.go index 151ab0e..322ce25 100644 --- a/api/v2/types_firewall.go +++ b/api/v2/types_firewall.go @@ -255,9 +255,9 @@ type FirewallNetwork struct { // Asn is the autonomous system number of this network. ASN *int64 `json:"asn"` // DestinationPrefixes are the destination prefixes of this network. - DestinationPrefixes []string `json:"destinationPrefixes"` + DestinationPrefixes []string `json:"destinationPrefixes,omitempty"` // IPs are the ip addresses used in this network. - IPs []string `json:"ips"` + IPs []string `json:"ips,omitempty"` // Nat specifies whether the outgoing traffic is natted or not. Nat *bool `json:"nat"` // NetworkID is the id of this network. @@ -265,7 +265,7 @@ type FirewallNetwork struct { // NetworkType is the type of this network. NetworkType *string `json:"networkType"` // Prefixes are the network prefixes of this network. - Prefixes []string `json:"prefixes"` + Prefixes []string `json:"prefixes,omitempty"` // Vrf is vrf id of this network. Vrf *int64 `json:"vrf"` } diff --git a/config/crds/firewall.metal-stack.io_firewalldeployments.yaml b/config/crds/firewall.metal-stack.io_firewalldeployments.yaml index bdbf4f2..af0ea84 100644 --- a/config/crds/firewall.metal-stack.io_firewalldeployments.yaml +++ b/config/crds/firewall.metal-stack.io_firewalldeployments.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: firewalldeployments.firewall.metal-stack.io spec: group: firewall.metal-stack.io @@ -41,14 +40,19 @@ spec: rolling update for the managed firewalls. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -56,21 +60,22 @@ spec: description: Spec contains the firewall deployment specification. properties: replicas: - description: Replicas is the amount of firewall replicas targeted - to be running. Defaults to 1. + description: |- + Replicas is the amount of firewall replicas targeted to be running. + Defaults to 1. type: integer selector: additionalProperties: type: string - description: Selector is a label query over firewalls that should - match the replicas count. If selector is empty, it is defaulted - to the labels present on the firewall template. Label keys and values - that must match in order to be controlled by this replication controller, - if empty defaulted to labels on firewall template. + description: |- + Selector is a label query over firewalls that should match the replicas count. + If selector is empty, it is defaulted to the labels present on the firewall template. + Label keys and values that must match in order to be controlled by this replication + controller, if empty defaulted to labels on firewall template. type: object strategy: - description: Strategy describes the strategy how firewalls are updated - in case the update requires a physical recreation of the firewalls. + description: |- + Strategy describes the strategy how firewalls are updated in case the update requires a physical recreation of the firewalls. Defaults to RollingUpdate strategy. type: string template: @@ -100,11 +105,10 @@ spec: description: Spec contains the firewall specification. properties: allowedNetworks: - description: AllowedNetworks defines dedicated networks for - which the firewall allows in- and outgoing traffic. The - firewall-controller only enforces this setting in combination - with NetworkAccessType set to forbidden. The node network - is always allowed. + description: |- + AllowedNetworks defines dedicated networks for which the firewall allows in- and outgoing traffic. + The firewall-controller only enforces this setting in combination with NetworkAccessType set to forbidden. + The node network is always allowed. properties: egress: description: Egress defines a list of cidrs which are @@ -161,15 +165,14 @@ spec: type: object type: array image: - description: Image is the os image of the firewall. An update - on this field requires the recreation of the physical firewall - and can therefore lead to traffic interruption for the cluster. + description: |- + Image is the os image of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string internalPrefixes: - description: InternalPrefixes specify prefixes which are considered - local to the partition or all regions. This is used for - the traffic counters. Traffic to/from these prefixes is - counted as internal traffic. + description: |- + InternalPrefixes specify prefixes which are considered local to the partition or all regions. This is used for the traffic counters. + Traffic to/from these prefixes is counted as internal traffic. items: type: string type: array @@ -186,12 +189,10 @@ spec: accepted connections in the droptailer log. type: boolean networks: - description: Networks are the networks to which this firewall - is connected. An update on this field requires the recreation - of the physical firewall and can therefore lead to traffic - interruption for the cluster. Detailed information about - the networks are fetched continuously during runtime and - stored in the status.firewallNetworks. + description: |- + Networks are the networks to which this firewall is connected. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. + Detailed information about the networks are fetched continuously during runtime and stored in the status.firewallNetworks. items: type: string type: array @@ -232,24 +233,21 @@ spec: type: object type: array size: - description: Size is the machine size of the firewall. An - update on this field requires the recreation of the physical - firewall and can therefore lead to traffic interruption - for the cluster. + description: |- + Size is the machine size of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string sshPublicKeys: - description: SSHPublicKeys are public keys which are added - to the firewall's authorized keys file on creation. It gets - defaulted to the public key of ssh secret as provided by - the controller flags. + description: |- + SSHPublicKeys are public keys which are added to the firewall's authorized keys file on creation. + It gets defaulted to the public key of ssh secret as provided by the controller flags. items: type: string type: array userdata: - description: Userdata contains the userdata used for the creation - of the firewall. It gets defaulted to a userdata matching - for the firewall-controller with connection to Gardener - shoot and seed. + description: |- + Userdata contains the userdata used for the creation of the firewall. + It gets defaulted to a userdata matching for the firewall-controller with connection to Gardener shoot and seed. type: string required: - image diff --git a/config/crds/firewall.metal-stack.io_firewallmonitors.yaml b/config/crds/firewall.metal-stack.io_firewallmonitors.yaml index 438f5b0..c73f36a 100644 --- a/config/crds/firewall.metal-stack.io_firewallmonitors.yaml +++ b/config/crds/firewall.metal-stack.io_firewallmonitors.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: firewallmonitors.firewall.metal-stack.io spec: group: firewall.metal-stack.io @@ -36,14 +35,16 @@ spec: name: v2 schema: openAPIV3Schema: - description: FirewallMonitor is typically deployed into the shoot cluster - in comparison to the other resources of this controller which are deployed - into the seed cluster's shoot namespace. + description: |- + FirewallMonitor is typically deployed into the shoot cluster in comparison to the other resources of this controller + which are deployed into the seed cluster's shoot namespace. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string conditions: description: Conditions contain the latest available observations of a @@ -89,19 +90,18 @@ spec: controllerVersion: type: string distance: - description: FirewallDistance defines the as-path length of firewalls, - influencing how strong they attract network traffic for routing - traffic in and out of the cluster. This is of particular interest - during rolling firewall updates, i.e. when there is more than a - single firewall running in front of the cluster. During a rolling - update, new firewalls start with a longer distance such that traffic - is only attracted by the existing firewalls ("firewall staging"). - When the new firewall has connected successfully to the firewall - monitor, the deployment controller throws away the old firewalls - and the new firewall takes over the routing. The deployment controller - will then shorten the distance of the new firewall. This approach - reduces service interruption of the external user traffic of the - cluster (for firewall-controller versions that support this feature). + description: |- + FirewallDistance defines the as-path length of firewalls, influencing how strong they attract + network traffic for routing traffic in and out of the cluster. + This is of particular interest during rolling firewall updates, i.e. when there is + more than a single firewall running in front of the cluster. + During a rolling update, new firewalls start with a longer distance such that + traffic is only attracted by the existing firewalls ("firewall staging"). + When the new firewall has connected successfully to the firewall monitor, the deployment + controller throws away the old firewalls and the new firewall takes over the routing. + The deployment controller will then shorten the distance of the new firewall. + This approach reduces service interruption of the external user traffic of the cluster + (for firewall-controller versions that support this feature). type: integer distanceSupported: type: boolean @@ -209,9 +209,12 @@ spec: description: Image is the os image of the firewall. type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string logAcceptedConnections: description: LogAcceptedConnections if set to true, also log accepted diff --git a/config/crds/firewall.metal-stack.io_firewalls.yaml b/config/crds/firewall.metal-stack.io_firewalls.yaml index bf2cb43..f0f56f9 100644 --- a/config/crds/firewall.metal-stack.io_firewalls.yaml +++ b/config/crds/firewall.metal-stack.io_firewalls.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: firewalls.firewall.metal-stack.io spec: group: firewall.metal-stack.io @@ -48,18 +47,24 @@ spec: cluster. It has a 1:1 relationship to a firewall in the metal-stack api. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string distance: - description: Distance defines the as-path length of a firewall. This field - is typically orchestrated by the deployment controller. + description: |- + Distance defines the as-path length of a firewall. + This field is typically orchestrated by the deployment controller. type: integer kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -67,10 +72,10 @@ spec: description: Spec contains the firewall specification. properties: allowedNetworks: - description: AllowedNetworks defines dedicated networks for which - the firewall allows in- and outgoing traffic. The firewall-controller - only enforces this setting in combination with NetworkAccessType - set to forbidden. The node network is always allowed. + description: |- + AllowedNetworks defines dedicated networks for which the firewall allows in- and outgoing traffic. + The firewall-controller only enforces this setting in combination with NetworkAccessType set to forbidden. + The node network is always allowed. properties: egress: description: Egress defines a list of cidrs which are allowed @@ -126,15 +131,14 @@ spec: type: object type: array image: - description: Image is the os image of the firewall. An update on this - field requires the recreation of the physical firewall and can therefore - lead to traffic interruption for the cluster. + description: |- + Image is the os image of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string internalPrefixes: - description: InternalPrefixes specify prefixes which are considered - local to the partition or all regions. This is used for the traffic - counters. Traffic to/from these prefixes is counted as internal - traffic. + description: |- + InternalPrefixes specify prefixes which are considered local to the partition or all regions. This is used for the traffic counters. + Traffic to/from these prefixes is counted as internal traffic. items: type: string type: array @@ -151,11 +155,10 @@ spec: connections in the droptailer log. type: boolean networks: - description: Networks are the networks to which this firewall is connected. - An update on this field requires the recreation of the physical - firewall and can therefore lead to traffic interruption for the - cluster. Detailed information about the networks are fetched continuously - during runtime and stored in the status.firewallNetworks. + description: |- + Networks are the networks to which this firewall is connected. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. + Detailed information about the networks are fetched continuously during runtime and stored in the status.firewallNetworks. items: type: string type: array @@ -193,21 +196,21 @@ spec: type: object type: array size: - description: Size is the machine size of the firewall. An update on - this field requires the recreation of the physical firewall and - can therefore lead to traffic interruption for the cluster. + description: |- + Size is the machine size of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string sshPublicKeys: - description: SSHPublicKeys are public keys which are added to the - firewall's authorized keys file on creation. It gets defaulted to - the public key of ssh secret as provided by the controller flags. + description: |- + SSHPublicKeys are public keys which are added to the firewall's authorized keys file on creation. + It gets defaulted to the public key of ssh secret as provided by the controller flags. items: type: string type: array userdata: - description: Userdata contains the userdata used for the creation - of the firewall. It gets defaulted to a userdata matching for the - firewall-controller with connection to Gardener shoot and seed. + description: |- + Userdata contains the userdata used for the creation of the firewall. + It gets defaulted to a userdata matching for the firewall-controller with connection to Gardener shoot and seed. type: string required: - image @@ -258,11 +261,10 @@ spec: type: object type: array controllerStatus: - description: ControllerStatus holds the a brief version of the firewall-controller - reconciling this firewall. The firewall-controller itself has only - read-access to resources in the seed, including the firewall status - inside the firewall resource. This will be updated by the firewall - monitor controller. + description: |- + ControllerStatus holds the a brief version of the firewall-controller reconciling this firewall. + The firewall-controller itself has only read-access to resources in the seed, including the firewall status + inside the firewall resource. This will be updated by the firewall monitor controller. properties: actualDistance: description: ActualDistance is the actual distance as reflected @@ -284,14 +286,14 @@ spec: type: string type: object firewallNetworks: - description: FirewallNetworks holds refined information about the - networks that this firewall is connected to. The information is - used by the firewall-controller in order to reconcile this firewall. + description: |- + FirewallNetworks holds refined information about the networks that this firewall is connected to. + The information is used by the firewall-controller in order to reconcile this firewall. See .spec.networks. items: - description: FirewallNetwork holds refined information about a network - that the firewall is connected to. The information is used by - the firewall-controller in order to reconcile the firewall. + description: |- + FirewallNetwork holds refined information about a network that the firewall is connected to. + The information is used by the firewall-controller in order to reconcile the firewall. properties: asn: description: Asn is the autonomous system number of this network. @@ -329,12 +331,9 @@ spec: type: integer required: - asn - - destinationPrefixes - - ips - nat - networkID - networkType - - prefixes - vrf type: object type: array @@ -396,9 +395,9 @@ spec: description: APIServerURL is the URL of the shoot's API server. type: string genericKubeconfigSecretName: - description: GenericKubeconfigSecretName is the secret name of - the generic kubeconfig secret deployed by Gardener to be used - as a template for constructing a shoot client. + description: |- + GenericKubeconfigSecretName is the secret name of the generic kubeconfig secret deployed by Gardener + to be used as a template for constructing a shoot client. type: string namespace: description: Namespace is the namespace in the seed where the diff --git a/config/crds/firewall.metal-stack.io_firewallsets.yaml b/config/crds/firewall.metal-stack.io_firewallsets.yaml index e752c9a..ae2878a 100644 --- a/config/crds/firewall.metal-stack.io_firewallsets.yaml +++ b/config/crds/firewall.metal-stack.io_firewallsets.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.11.3 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.14.0 name: firewallsets.firewall.metal-stack.io spec: group: firewall.metal-stack.io @@ -45,14 +44,19 @@ spec: of firewall replicas is running. properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -60,7 +64,8 @@ spec: description: Spec contains the firewall set specification. properties: distance: - description: Distance defines the as-path length of the firewalls. + description: |- + Distance defines the as-path length of the firewalls. This field is typically orchestrated by the deployment controller. type: integer replicas: @@ -70,11 +75,11 @@ spec: selector: additionalProperties: type: string - description: Selector is a label query over firewalls that should - match the replicas count. If selector is empty, it is defaulted - to the labels present on the firewall template. Label keys and values - that must match in order to be controlled by this replication controller, - if empty defaulted to labels on firewall template. + description: |- + Selector is a label query over firewalls that should match the replicas count. + If selector is empty, it is defaulted to the labels present on the firewall template. + Label keys and values that must match in order to be controlled by this replication + controller, if empty defaulted to labels on firewall template. type: object template: description: Template is the firewall spec used for creating the firewalls. @@ -103,11 +108,10 @@ spec: description: Spec contains the firewall specification. properties: allowedNetworks: - description: AllowedNetworks defines dedicated networks for - which the firewall allows in- and outgoing traffic. The - firewall-controller only enforces this setting in combination - with NetworkAccessType set to forbidden. The node network - is always allowed. + description: |- + AllowedNetworks defines dedicated networks for which the firewall allows in- and outgoing traffic. + The firewall-controller only enforces this setting in combination with NetworkAccessType set to forbidden. + The node network is always allowed. properties: egress: description: Egress defines a list of cidrs which are @@ -164,15 +168,14 @@ spec: type: object type: array image: - description: Image is the os image of the firewall. An update - on this field requires the recreation of the physical firewall - and can therefore lead to traffic interruption for the cluster. + description: |- + Image is the os image of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string internalPrefixes: - description: InternalPrefixes specify prefixes which are considered - local to the partition or all regions. This is used for - the traffic counters. Traffic to/from these prefixes is - counted as internal traffic. + description: |- + InternalPrefixes specify prefixes which are considered local to the partition or all regions. This is used for the traffic counters. + Traffic to/from these prefixes is counted as internal traffic. items: type: string type: array @@ -189,12 +192,10 @@ spec: accepted connections in the droptailer log. type: boolean networks: - description: Networks are the networks to which this firewall - is connected. An update on this field requires the recreation - of the physical firewall and can therefore lead to traffic - interruption for the cluster. Detailed information about - the networks are fetched continuously during runtime and - stored in the status.firewallNetworks. + description: |- + Networks are the networks to which this firewall is connected. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. + Detailed information about the networks are fetched continuously during runtime and stored in the status.firewallNetworks. items: type: string type: array @@ -235,24 +236,21 @@ spec: type: object type: array size: - description: Size is the machine size of the firewall. An - update on this field requires the recreation of the physical - firewall and can therefore lead to traffic interruption - for the cluster. + description: |- + Size is the machine size of the firewall. + An update on this field requires the recreation of the physical firewall and can therefore lead to traffic interruption for the cluster. type: string sshPublicKeys: - description: SSHPublicKeys are public keys which are added - to the firewall's authorized keys file on creation. It gets - defaulted to the public key of ssh secret as provided by - the controller flags. + description: |- + SSHPublicKeys are public keys which are added to the firewall's authorized keys file on creation. + It gets defaulted to the public key of ssh secret as provided by the controller flags. items: type: string type: array userdata: - description: Userdata contains the userdata used for the creation - of the firewall. It gets defaulted to a userdata matching - for the firewall-controller with connection to Gardener - shoot and seed. + description: |- + Userdata contains the userdata used for the creation of the firewall. + It gets defaulted to a userdata matching for the firewall-controller with connection to Gardener shoot and seed. type: string required: - image diff --git a/config/webhooks/manifests.yaml b/config/webhooks/manifests.yaml index d37b532..279b136 100644 --- a/config/webhooks/manifests.yaml +++ b/config/webhooks/manifests.yaml @@ -2,7 +2,6 @@ apiVersion: admissionregistration.k8s.io/v1 kind: MutatingWebhookConfiguration metadata: - creationTimestamp: null name: mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -30,9 +29,9 @@ webhooks: service: name: webhook-service namespace: system - path: /mutate-firewall-metal-stack-io-v2-firewallset + path: /mutate-firewall-metal-stack-io-v2-firewalldeployment failurePolicy: Fail - name: firewallset.metal-stack.io + name: firewalldeployment.metal-stack.io rules: - apiGroups: - firewall.metal-stack.io @@ -41,7 +40,7 @@ webhooks: operations: - CREATE resources: - - firewallsets + - firewalldeployments sideEffects: None - admissionReviewVersions: - v1 @@ -49,9 +48,9 @@ webhooks: service: name: webhook-service namespace: system - path: /mutate-firewall-metal-stack-io-v2-firewalldeployment + path: /mutate-firewall-metal-stack-io-v2-firewallset failurePolicy: Fail - name: firewalldeployment.metal-stack.io + name: firewallset.metal-stack.io rules: - apiGroups: - firewall.metal-stack.io @@ -60,13 +59,12 @@ webhooks: operations: - CREATE resources: - - firewalldeployments + - firewallsets sideEffects: None --- apiVersion: admissionregistration.k8s.io/v1 kind: ValidatingWebhookConfiguration metadata: - creationTimestamp: null name: validating-webhook-configuration webhooks: - admissionReviewVersions: @@ -95,9 +93,9 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-firewall-metal-stack-io-v2-firewallset + path: /validate-firewall-metal-stack-io-v2-firewalldeployment failurePolicy: Fail - name: firewallset.metal-stack.io + name: firewalldeployment.metal-stack.io rules: - apiGroups: - firewall.metal-stack.io @@ -107,7 +105,7 @@ webhooks: - CREATE - UPDATE resources: - - firewallsets + - firewalldeployments sideEffects: None - admissionReviewVersions: - v1 @@ -115,9 +113,9 @@ webhooks: service: name: webhook-service namespace: system - path: /validate-firewall-metal-stack-io-v2-firewalldeployment + path: /validate-firewall-metal-stack-io-v2-firewallset failurePolicy: Fail - name: firewalldeployment.metal-stack.io + name: firewallset.metal-stack.io rules: - apiGroups: - firewall.metal-stack.io @@ -127,5 +125,5 @@ webhooks: - CREATE - UPDATE resources: - - firewalldeployments + - firewallsets sideEffects: None diff --git a/go.mod b/go.mod index 2578ad4..a196837 100644 --- a/go.mod +++ b/go.mod @@ -12,12 +12,12 @@ require ( github.com/metal-stack/metal-go v0.28.1 github.com/metal-stack/metal-lib v0.15.1 github.com/metal-stack/v v1.0.3 - github.com/onsi/ginkgo/v2 v2.16.0 - github.com/onsi/gomega v1.31.1 + github.com/onsi/ginkgo/v2 v2.17.1 + github.com/onsi/gomega v1.32.0 github.com/stretchr/testify v1.9.0 - k8s.io/api v0.28.3 - k8s.io/apimachinery v0.28.3 - k8s.io/client-go v0.28.3 + k8s.io/api v0.29.0 + k8s.io/apimachinery v0.29.0 + k8s.io/client-go v0.29.0 sigs.k8s.io/controller-runtime v0.14.5 ) @@ -40,7 +40,7 @@ require ( github.com/decred/dcrd/dcrec/secp256k1/v4 v4.2.0 // indirect github.com/emicklei/go-restful/v3 v3.11.2 // indirect github.com/evanphx/json-patch v5.6.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.6.0 // indirect + github.com/evanphx/json-patch/v5 v5.8.0 // indirect github.com/fatih/color v1.16.0 // indirect github.com/flatcar/ignition v0.36.2 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect @@ -83,7 +83,7 @@ require ( github.com/mattn/go-colorable v0.1.13 // indirect github.com/mattn/go-isatty v0.0.20 // indirect github.com/mattn/go-runewidth v0.0.15 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect github.com/metal-stack/security v0.7.2 // indirect github.com/mitchellh/mapstructure v1.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect @@ -95,10 +95,10 @@ require ( github.com/pelletier/go-toml/v2 v2.1.1 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/client_golang v1.16.0 // indirect - github.com/prometheus/client_model v0.4.0 // indirect - github.com/prometheus/common v0.44.0 // indirect - github.com/prometheus/procfs v0.10.1 // indirect + github.com/prometheus/client_golang v1.18.0 // indirect + github.com/prometheus/client_model v0.5.0 // indirect + github.com/prometheus/common v0.45.0 // indirect + github.com/prometheus/procfs v0.12.0 // indirect github.com/rivo/uniseg v0.4.4 // indirect github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect @@ -117,7 +117,6 @@ require ( go.opentelemetry.io/otel/metric v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect go.uber.org/multierr v1.11.0 // indirect - go.uber.org/zap v1.26.0 // indirect go4.org v0.0.0-20201209231011-d4a079459e60 // indirect golang.org/x/crypto v0.21.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect @@ -137,12 +136,12 @@ require ( gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.28.3 // indirect - k8s.io/component-base v0.28.3 // indirect - k8s.io/klog/v2 v2.100.1 // indirect - k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect - k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect + k8s.io/apiextensions-apiserver v0.29.0 // indirect + k8s.io/component-base v0.29.0 // indirect + k8s.io/klog/v2 v2.110.1 // indirect + k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect + k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect - sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect - sigs.k8s.io/yaml v1.3.0 // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect + sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 521aa8f..2463a96 100644 --- a/go.sum +++ b/go.sum @@ -60,8 +60,8 @@ github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= -github.com/evanphx/json-patch/v5 v5.6.0/go.mod h1:G79N1coSVB93tBe7j6PhzjmR3/2VvlbKOFpnXhI9Bw4= +github.com/evanphx/json-patch/v5 v5.8.0 h1:lRj6N9Nci7MvzrXuX6HFzU8XjmhPiXPlsKEy1u0KQro= +github.com/evanphx/json-patch/v5 v5.8.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/flatcar/container-linux-config-transpiler v0.9.4 h1:yXQ0NB8PeNrKJPrZvbv5/DV63PNhTqt8vaf8YxmX/RA= @@ -77,8 +77,8 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2 github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= -github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= @@ -154,6 +154,7 @@ github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMyw github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= @@ -182,7 +183,6 @@ github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= @@ -225,8 +225,8 @@ github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= -github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg= +github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k= github.com/metal-stack/metal-go v0.28.1 h1:fn/mMmcXLMGOkVLNec4dFP/oserzkeYr/00zDcumTmU= github.com/metal-stack/metal-go v0.28.1/go.mod h1:Iw4xnzbtcn3qz7YaK0ekCAcLZUyz5E7e0ZCvJ5pX0gU= github.com/metal-stack/metal-lib v0.15.1 h1:QCmtZ6ci6pHsf3RQnSDbbvYshpyRaxCSeXghVvbDFuA= @@ -248,31 +248,30 @@ github.com/oklog/ulid v1.3.1 h1:EGfNDEx6MqHz8B3uNV6QAib1UR2Lm97sHi3ocA6ESJ4= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec= github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= -github.com/onsi/ginkgo/v2 v2.16.0 h1:7q1w9frJDzninhXxjZd+Y/x54XNjG/UlRLIYPZafsPM= -github.com/onsi/ginkgo/v2 v2.16.0/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= -github.com/onsi/gomega v1.31.1 h1:KYppCUK+bUgAZwHOu7EXVBKyQA6ILvOESHkn/tgoqvo= -github.com/onsi/gomega v1.31.1/go.mod h1:y40C95dwAD1Nz36SsEnxvfFe8FFfNxzI5eJ0EYGyAy0= +github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= +github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= +github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk= +github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/pborman/uuid v0.0.0-20170612153648-e790cca94e6c/go.mod h1:VyrYX9gd7irzKovcSS6BIIEwPRkP2Wm2m9ufcdFSJ34= github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pin/tftp v2.1.0+incompatible/go.mod h1:xVpZOMCXTy+A5QMjEVN0Glwa1sUvaJhFXbr/aAxuxGY= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8= -github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc= +github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk= +github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= -github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= -github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY= -github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY= -github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= -github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= +github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw= +github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI= +github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM= +github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY= +github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= +github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= @@ -338,16 +337,18 @@ go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= -go.opentelemetry.io/otel/sdk v1.17.0 h1:FLN2X66Ke/k5Sg3V623Q7h7nt3cHXaW1FOvKKrW0IpE= -go.opentelemetry.io/otel/sdk v1.17.0/go.mod h1:U87sE0f5vQB7hwUoW98pW5Rz4ZDuCFBZFNUBlSgmDFQ= +go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= +go.opentelemetry.io/otel/sdk v1.19.0/go.mod h1:NedEbbS4w3C6zElbLdPJKOpJQOrGUJ+GfzpjUvI0v1A= go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= -go.uber.org/goleak v1.2.1 h1:NBol2c7O1ZokfZ0LEU9K6Whx/KnwvepVetCUhtKja4A= -go.uber.org/goleak v1.2.1/go.mod h1:qlT2yGI9QafXHhZZLxlSuNsMw3FFLxBr+tBRlmO1xH4= +go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ= +go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= +go.uber.org/goleak v1.2.0 h1:xqgm/S+aQvhWFTtR0XK3Jvg7z8kGV8P4X14IzwN3Eqk= +go.uber.org/goleak v1.2.0/go.mod h1:XJYK+MuIchqpmGmUSAzotztawfKvYLUIgg7guXrwVUo= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60= +go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= go4.org v0.0.0-20160314031811-03efcb870d84/go.mod h1:MkTOUMDaeVYJUOUsaDXIhWPZYa1yOyC1qaOBpL57BhE= go4.org v0.0.0-20201209231011-d4a079459e60 h1:iqAGo78tVOJXELHQFRjR6TMwItrvXH4hrGJ32I/NFF8= go4.org v0.0.0-20201209231011-d4a079459e60/go.mod h1:CIiUVy99QCPfoE13bO4EZaz5GZMZXMSBGhxRdsvzbkg= @@ -579,20 +580,20 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= k8s.io/api v0.26.3 h1:emf74GIQMTik01Aum9dPP0gAypL8JTLl/lHa4V9RFSU= k8s.io/api v0.26.3/go.mod h1:PXsqwPMXBSBcL1lJ9CYDKy7kIReUydukS5JiRlxC3qE= -k8s.io/apiextensions-apiserver v0.28.3 h1:Od7DEnhXHnHPZG+W9I97/fSQkVpVPQx2diy+2EtmY08= -k8s.io/apiextensions-apiserver v0.28.3/go.mod h1:NE1XJZ4On0hS11aWWJUTNkmVB03j9LM7gJSisbRt8Lc= -k8s.io/apimachinery v0.28.3 h1:B1wYx8txOaCQG0HmYF6nbpU8dg6HvA06x5tEffvOe7A= -k8s.io/apimachinery v0.28.3/go.mod h1:uQTKmIqs+rAYaq+DFaoD2X7pcjLOqbQX2AOiO0nIpb8= +k8s.io/apiextensions-apiserver v0.29.0 h1:0VuspFG7Hj+SxyF/Z/2T0uFbI5gb5LRgEyUVE3Q4lV0= +k8s.io/apiextensions-apiserver v0.29.0/go.mod h1:TKmpy3bTS0mr9pylH0nOt/QzQRrW7/h7yLdRForMZwc= +k8s.io/apimachinery v0.29.0 h1:+ACVktwyicPz0oc6MTMLwa2Pw3ouLAfAon1wPLtG48o= +k8s.io/apimachinery v0.29.0/go.mod h1:eVBxQ/cwiJxH58eK/jd/vAk4mrxmVlnpBH5J2GbMeis= k8s.io/client-go v0.26.3 h1:k1UY+KXfkxV2ScEL3gilKcF7761xkYsSD6BC9szIu8s= k8s.io/client-go v0.26.3/go.mod h1:ZPNu9lm8/dbRIPAgteN30RSXea6vrCpFvq+MateTUuQ= -k8s.io/component-base v0.28.3 h1:rDy68eHKxq/80RiMb2Ld/tbH8uAE75JdCqJyi6lXMzI= -k8s.io/component-base v0.28.3/go.mod h1:fDJ6vpVNSk6cRo5wmDa6eKIG7UlIQkaFmZN2fYgIUD8= -k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= -k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/component-base v0.29.0 h1:T7rjd5wvLnPBV1vC4zWd/iWRbV8Mdxs+nGaoaFzGw3s= +k8s.io/component-base v0.29.0/go.mod h1:sADonFTQ9Zc9yFLghpDpmNXEdHyQmFIGbiuZbqAXQ1M= +k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= +k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5FJ2kxm1WrQFanWchyKuqGg= k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= -k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= +k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= @@ -600,7 +601,7 @@ sigs.k8s.io/controller-runtime v0.14.5 h1:6xaWFqzT5KuAQ9ufgUaj1G/+C4Y1GRkhrxl+BJ sigs.k8s.io/controller-runtime v0.14.5/go.mod h1:WqIdsAY6JBsjfc/CqO0CORmNtoCtE4S6qbPc9s68h+0= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= -sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= -sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= -sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= +sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=