Sync Config/Operator CRDs

Signed-off-by: Dale Haiducek <19750917+dhaiducek@users.noreply.github.com> (cherry picked from commit fc18f4868a35e21841889e6b62585711d8146ad5)
stolostron · May 29, 2024 · 7aa30ed · 7aa30ed
1 parent 6c4ef16
commit 7aa30ed
Show file tree

Hide file tree

Showing 2 changed files with 58 additions and 6 deletions.
diff --git a/...edclusterchart/templates/policy.open-cluster-management.io_configurationpolicies_crd.yaml b/...edclusterchart/templates/policy.open-cluster-management.io_configurationpolicies_crd.yaml
@@ -162,14 +162,29 @@ spec:
  x-kubernetes-preserve-unknown-fields: true
  recordDiff:
  description: |-
- RecordDiff specifies whether (and where) to log the diff between the object on the
- cluster and the objectDefinition in the policy. Defaults to "None" when the object kind is
- ConfigMap, OAuthAccessToken, OAuthAuthorizeTokens, Route, or Secret. Defaults to "InStatus" otherwise.
+ RecordDiff specifies whether and where to log the difference between the object on the cluster
+ and the `objectDefinition` parameter in the policy. The supported options are `InStatus` to record the
+ difference in the policy status field, `Log` to log the difference in the
+ `config-policy-controller` pod, and `None` to not log the difference. The default value is `None` for
+ object kinds that include sensitive data such as `ConfigMap`, `OAuthAccessToken`,
+ `OAuthAuthorizeTokens`, `Route`, and `Secret`, or when a templated `objectDefinition` references sensitive
+ data. For all other kinds, the default value is `InStatus`.
  enum:
  - Log
  - InStatus
  - None
  type: string
+ recreateOption:
+ description: |-
+ RecreateOption describes whether to delete and recreate an object when an update is required. `IfRequired`
+ will recreate the object when updating an immutable field. `Always` will always recreate the object if a mismatch
+ is detected. `RecreateOption` has no effect when the `remediationAction` is `inform`. `IfRequired` has no effect
+ on clusters without dry run update support. The default value is `None`.
+ enum:
+ - None
+ - IfRequired
+ - Always
+ type: string
  required:
  - complianceType
  - objectDefinition
@@ -491,14 +506,30 @@ spec:
  x-kubernetes-preserve-unknown-fields: true
  recordDiff:
  description: |-
- RecordDiff specifies whether (and where) to log the diff between the object on the
- cluster and the objectDefinition in the policy. Defaults to "None" when the object kind is
- ConfigMap, OAuthAccessToken, OAuthAuthorizeTokens, Route, or Secret. Defaults to "InStatus" otherwise.
+ RecordDiff specifies whether and where to log the difference between the object on the cluster
+ and the `objectDefinition` parameter in the policy. The supported options are `InStatus` to record the
+ difference in the policy status field, `Log` to log the difference in the
+ `config-policy-controller` pod, and `None` to not log the difference. The default value is `None` for
+ object kinds that include sensitive data such as `ConfigMap`, `OAuthAccessToken`,
+ `OAuthAuthorizeTokens`, `Route`, and `Secret`, or when a templated `objectDefinition` references sensitive
+ data. For all other kinds, the default value is `InStatus`.
  enum:
  - Log
  - InStatus
  - None
  type: string
+ recreateOption:
+ default: None
+ description: |-
+ RecreateOption describes whether to delete and recreate an object when an update is required. `IfRequired`
+ will recreate the object when updating an immutable field. `Always` will always recreate the object if a mismatch
+ is detected. `RecreateOption` has no effect when the `remediationAction` is `inform`. `IfRequired` has no effect
+ on clusters without dry run update support. The default value is `None`.
+ enum:
+ - None
+ - IfRequired
+ - Always
+ type: string
  required:
  - complianceType
  - objectDefinition

diff --git a/...managedclusterchart/templates/policy.open-cluster-management.io_operatorpolicies_crd.yaml b/...managedclusterchart/templates/policy.open-cluster-management.io_operatorpolicies_crd.yaml
@@ -125,6 +125,16 @@ spec:
  https://olm.operatorframework.io/docs/concepts/crds/subscription/
  type: object
  x-kubernetes-preserve-unknown-fields: true
+ upgradeApproval:
+ description: |-
+ UpgradeApproval determines whether 'upgrade' InstallPlans for the operator will be approved
+ by the controller when the policy is enforced and in 'musthave' mode. The initial InstallPlan
+ approval is not affected by this setting. This setting has no effect when the policy is in
+ 'mustnothave' mode. Allowed values are "None" or "Automatic".
+ enum:
+ - None
+ - Automatic
+ type: string
  versions:
  description: |-
  Versions is a list of nonempty strings that specifies which installed versions are compliant when
@@ -136,6 +146,7 @@ spec:
  required:
  - complianceType
  - subscription
+ - upgradeApproval
  type: object
  status:
  description: OperatorPolicyStatus defines the observed state of OperatorPolicy
@@ -207,6 +218,13 @@ spec:
  x-kubernetes-list-map-keys:
  - type
  x-kubernetes-list-type: map
+ overlappingPolicies:
+ description: |-
+ The list of overlapping OperatorPolicies (as name.namespace) which all manage the same
+ subscription, including this policy. When no overlapping is detected, this list will be empty.
+ items:
+ type: string
+ type: array
  relatedObjects:
  description: List of resources processed by the policy
  items:
@@ -253,6 +271,9 @@ spec:
  type: string
  type: object
  type: array
+ resolvedSubscriptionLabel:
+ description: The resolved name.namespace of the subscription
+ type: string
  type: object
  type: object
  served: true