* bump version strings
* bump go.mod
* run ./hack/update-deps.sh
* run ./hack/update-codegen.sh
* fix build
* fix fuzzing lib change
* switch fuzzers to use randfill
* run ./hack/update-deps.sh
* gofumpt file
* fix webhook build on go1.24
* ignore endpoint deprecation
* disable a staticcheck that isn't really that bad
* fix nolint directives
* don't use deprecated List and WatchFuncs
* fix deprecation of gengo.ExtractCommentTags
* apply demorgan's law where it makes sense
* Add AuthStatus type
This commit adds a new AuthStatus type which currently contains the ServiceAccountName attribute, which is used for OIDC authentication
Signed-off-by: karthikmurali60 <karthik.murali60@gmail.com>
* Update generated code
Signed-off-by: karthikmurali60 <karthik.murali60@gmail.com>
---------
Signed-off-by: karthikmurali60 <karthik.murali60@gmail.com>
* Added Audience field in duckv1.Destination
* generated the DeepCopy functions to include the new field
Signed-off-by: Abhijeet Gaurav <abhijeetdav24aug@gmail.com>
* removed trailing whitespaces from both lines
Signed-off-by: Abhijeet Gaurav <abhijeetdav24aug@gmail.com>
---------
Signed-off-by: Abhijeet Gaurav <abhijeetdav24aug@gmail.com>
* Added Audience field in duckv1.Addressable
* generated the DeepCopy functions to include the new field
Signed-off-by: Abhijeet Gaurav <abhijeetdav24aug@gmail.com>
* removing one empty line
Co-authored-by: Christoph Stäbler <cstabler@redhat.com>
---------
Signed-off-by: Abhijeet Gaurav <abhijeetdav24aug@gmail.com>
Co-authored-by: Christoph Stäbler <cstabler@redhat.com>
* Update defaultMinimumVersion
* Fix issues that occurred after running update-k8s-deps
* Adding changes to vendor and other folders
* Add new files after running update-codegen
* Add newLine
* Add FieldError#GetErrors to allow downstream reads
* Rename based on PR feedback
* Rename correctly for real
* Also expose `Normalized`
* WrappedErrors = merge(normalized)
* Add support for admission webhook warnings.
This extends `apis.FieldError` to support designating certain FieldErrors as "warnings" (or explicitly as "errors", however, this is the default for back-compat).
You can turn an `apis.FieldError` into a warning using: `fe.At(apis.WarningLevel)` or force it into an error using: `fe.At(apis.ErrorLevel)`.
You can get the errors at a particular diagnostic level using: `fe.Filter(apis.WarningLevel)`.
This change also hooks this into the admission webhook infrastructure to support surfacing the "warning" level `apis.FieldError`s via the `Warnings` section of the `AdmissionResponse`.
Fixes: #2497
* Add a comment about the use of defer.
* Validate Sink in SourceSpec
The `Sink` in `SourceSpec` is required.
Signed-off-by: Pierangelo Di Pilato <pierdipi@redhat.com>
* Update apis/duck/v1/source_types.go
Co-authored-by: Pablo Mercado <pablo@triggermesh.com>
Co-authored-by: Pablo Mercado <pablo@triggermesh.com>
It's better to have nil checks inside the Validate method of the
type itself instead of the type that holds a field of that type
because this allows using the types in other contexts without
the types that hold a field.
Signed-off-by: Pierangelo Di Pilato <pdipilat@redhat.com>
* move some functional map operations to it's own package
* include a new accessor helper for migrating key names
* use kmap methods
* add deprecation notices
* fix boilerplate
* Rename Accessor to OrderedLookup
Today, we can use `Path()` of `/foo/` (trailing slash) to support prefix-matched webhooks, but unfortunately the request context is lost when `Admit()` or `Convert()` is called.
This ensures that information flows through associated with context for anyone who would like this metadata for additional processing.
* added basic structure for source validation
* added validation to the sources.spec.ceOverrides.extensions field
* added multi function validation acording to the spec field thats been validated
* added tests to source types validation
* added full coverage to validation cases
* updated codegen and dependencies
* fixed deepcopy not been generated + added link and explanation for the maxExtensionNameLength in cloud events
* removed extension name length because is a SHOULD not a MUST
* removed extension name length because is a SHOULD not a MUST
* fixed copyright dates on edited files
* fixed error message and header copyright year in pr comments
* fixed unnecesary method ValidateSource
* fixed pr comments
* fixed deprecated method used on apis/duck/ABOUT.md
* updated tests names to match the spec
* fixed error message
* added key keyword to test to description
* fixed extension keys validation error message
This is mostly for symmetry since many folks that validate PodSpecable types often also want to validate `Pod`, so while `Pod` isn't as often a duck-type, the main value of this is exposing similar mechanisms to #2279 for `corev1.Pod` without folks needing to define their own `corev1.Pod` clone.
Today you can't use `duckv1.WithPod` to author webhooks because it doesn't implement the `Validate` or `SetDefaults` methods, and that makes sense since they are (by definition) a generic encapsulation of a number of types.
However, if we could infuse `ctx` with appropriate callbacks for `Validate` and `SetDefaults` then folks can use our types, but infuse `ctx` with callbacks that perform the appropriate validation.
What I have in mind is something along these lines:
```go
return defaulting.NewAdmissionController(ctx,
// Name of the resource webhook.
"foo.bar.dev",
// The path on which to serve the webhook.
"/defaulting",
// The resources to default.
map[schema.GroupVersionKind]resourcesemantics.GenericCRD{
appsv1.SchemeGroupVersion.WithKind("Deployment"): &duckv1.WithPod{},
appsv1.SchemeGroupVersion.WithKind("ReplicaSet"): &duckv1.WithPod{},
appsv1.SchemeGroupVersion.WithKind("StatefulSet"): &duckv1.WithPod{},
appsv1.SchemeGroupVersion.WithKind("DaemonSet"): &duckv1.WithPod{},
batchv1.SchemeGroupVersion.WithKind("Job"): &duckv1.WithPod{},
},
// A function that infuses the context passed to Validate/SetDefaults with custom metadata.
func(ctx context.Context) context.Context{
return duckv1.WithPodSpecDefaulter(ctx, myFancyLogic)
},
// Whether to disallow unknown fields.
false,
)
```
It is roughly equivalent for validation.
* Use consistent case for "Deprecated" comments
Not the most important thing ever, but the canonical string to use for
Deprecated warnings is case sensitive, and also it's nice to be
consistent.
* Add nolint comment
* Add Group field and ResolveGroup function
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Remove core special case
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Copyright
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Added validation code
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Fix comment
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Add omitempty
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Moved ResolveGroup code to kref
Made ResolveGroup a util method, more than an instance method
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* New type KReferenceResolver
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* Added +optional as suggested
Signed-off-by: Francesco Guardiani <francescoguard@gmail.com>
* bump k8s deps to v1.20.7
* fix migrator test pkg
* dynamicclient now expects List types to be declare either via a scheme or manually
* fix error message comparison
* drop excess vendor licenses
* Using the injection fake dynamic client will preserve pre-1.20 behaviour
This is accomplished by preprocessing the scheme/fixtures and declaring
a custom scheme were we map our types & lists to unstructured.* types
* revert webhook factory changes
* ensure objects to the dynamic client are unstructured
* seed the default dynamic client with k8s scheme
* include duckv1 types in default fake dynamic client scheme
* use default k8s scheme
looks like eventing adds to this scheme but we should import the correct one vs the one from the fake package
* drop duckv1 from default scheme
* set APIVersion/Kind if empty
* refactor ToUnstructured helper to a new package
Dave Protasowski
dependabot[bot]
Christoph Stäbler
Karthik Muraliprasad
Abhijeet Gaurav
Kenjiro Nakayama
Pierangelo Di Pilato
pradnyavmw
Vishal Choudhary
Rahul kumar
Rahul Sawra
Vishal Choudhary
Nghia Tran
Jonathan Innis
Ville Aikas
Paul Schweigert
Matt Moore
Chunyi Lyu
Pierangelo Di Pilato
knative-automation
Matt Moore
Gabriel Freites
Gabriel Freites
Senthilnathan M
Julian Friedman
Francesco Guardiani
Markus Thömmes