From 01b5accbc8c73d064261e0f71884d347cd7957ab Mon Sep 17 00:00:00 2001 From: GraysonWu Date: Fri, 21 Jul 2023 05:15:10 -0700 Subject: [PATCH] Upgrade ClusterGroup and Group to v1beta1 (#5181) Signed-off-by: graysonwu --- build/charts/antrea/crds/clustergroup.yaml | 128 ++++- .../antrea/{templates => }/crds/group.yaml | 116 +++- .../webhooks/validating/crdvalidator.yaml | 4 +- build/yamls/antrea-aks.yml | 507 +++++++++++++----- build/yamls/antrea-crds.yml | 371 ++++++++++++- build/yamls/antrea-eks.yml | 507 +++++++++++++----- build/yamls/antrea-gke.yml | 507 +++++++++++++----- build/yamls/antrea-ipsec.yml | 507 +++++++++++++----- build/yamls/antrea.yml | 507 +++++++++++++----- cmd/antrea-controller/controller.go | 4 +- docs/antrea-network-policy.md | 18 +- docs/api.md | 6 +- pkg/apis/crd/v1beta1/register.go | 4 + pkg/apis/crd/v1beta1/types.go | 108 ++++ pkg/apis/crd/v1beta1/zz_generated.deepcopy.go | 210 ++++++++ pkg/apiserver/openapi/zz_generated.openapi.go | 332 ++++++++++++ .../typed/crd/v1beta1/clustergroup.go | 182 +++++++ .../versioned/typed/crd/v1beta1/crd_client.go | 10 + .../crd/v1beta1/fake/fake_clustergroup.go | 131 +++++ .../typed/crd/v1beta1/fake/fake_crd_client.go | 8 + .../typed/crd/v1beta1/fake/fake_group.go | 140 +++++ .../typed/crd/v1beta1/generated_expansion.go | 4 + .../versioned/typed/crd/v1beta1/group.go | 193 +++++++ .../crd/v1beta1/clustergroup.go | 87 +++ .../externalversions/crd/v1beta1/group.go | 88 +++ .../externalversions/crd/v1beta1/interface.go | 14 + .../informers/externalversions/generic.go | 4 + .../listers/crd/v1beta1/clustergroup.go | 66 +++ .../crd/v1beta1/expansion_generated.go | 12 + pkg/client/listers/crd/v1beta1/group.go | 97 ++++ pkg/controller/networkpolicy/clustergroup.go | 28 +- .../networkpolicy/clustergroup_test.go | 122 ++--- .../clusternetworkpolicy_test.go | 41 +- pkg/controller/networkpolicy/convert.go | 6 +- pkg/controller/networkpolicy/crd_utils.go | 6 +- .../networkpolicy/crd_utils_test.go | 22 +- pkg/controller/networkpolicy/group.go | 28 +- pkg/controller/networkpolicy/group_test.go | 104 ++-- .../networkpolicy/networkpolicy_controller.go | 14 +- .../networkpolicy_controller_test.go | 146 ++--- pkg/controller/networkpolicy/validate.go | 39 +- pkg/controller/networkpolicy/validate_test.go | 166 +++--- pkg/monitor/controller_test.go | 4 +- test/e2e/antreapolicy_test.go | 99 ++-- test/e2e/clustergroup_test.go | 110 ++-- test/e2e/group_test.go | 80 +-- test/e2e/k8s_util.go | 114 +--- test/e2e/utils/cg_spec_builder.go | 28 +- test/e2e/utils/grp_spec_builder.go | 12 +- 49 files changed, 4743 insertions(+), 1298 deletions(-) rename build/charts/antrea/{templates => }/crds/group.yaml (51%) create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/clustergroup.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_clustergroup.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_group.go create mode 100644 pkg/client/clientset/versioned/typed/crd/v1beta1/group.go create mode 100644 pkg/client/informers/externalversions/crd/v1beta1/clustergroup.go create mode 100644 pkg/client/informers/externalversions/crd/v1beta1/group.go create mode 100644 pkg/client/listers/crd/v1beta1/clustergroup.go create mode 100644 pkg/client/listers/crd/v1beta1/group.go diff --git a/build/charts/antrea/crds/clustergroup.yaml b/build/charts/antrea/crds/clustergroup.yaml index 747952dbf07..34734c27668 100644 --- a/build/charts/antrea/crds/clustergroup.yaml +++ b/build/charts/antrea/crds/clustergroup.yaml @@ -131,7 +131,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -246,6 +246,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: diff --git a/build/charts/antrea/templates/crds/group.yaml b/build/charts/antrea/crds/group.yaml similarity index 51% rename from build/charts/antrea/templates/crds/group.yaml rename to build/charts/antrea/crds/group.yaml index 043446ea43f..a39783a7b57 100644 --- a/build/charts/antrea/templates/crds/group.yaml +++ b/build/charts/antrea/crds/group.yaml @@ -7,7 +7,7 @@ spec: versions: - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -119,6 +119,120 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } scope: Namespaced names: plural: groups diff --git a/build/charts/antrea/templates/webhooks/validating/crdvalidator.yaml b/build/charts/antrea/templates/webhooks/validating/crdvalidator.yaml index 326366fe018..a1e1648ca43 100644 --- a/build/charts/antrea/templates/webhooks/validating/crdvalidator.yaml +++ b/build/charts/antrea/templates/webhooks/validating/crdvalidator.yaml @@ -60,7 +60,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -75,7 +75,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/build/yamls/antrea-aks.yml b/build/yamls/antrea-aks.yml index a44990300fd..6d80f03c29c 100644 --- a/build/yamls/antrea-aks.yml +++ b/build/yamls/antrea-aks.yml @@ -243,7 +243,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -358,6 +358,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1530,6 +1656,251 @@ spec: shortNames: - en +--- +# Source: crds/group.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp + --- # Source: crds/ippool.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3627,136 +3998,6 @@ data: # Enable Multi-cluster NetworkPolicy. enableStretchedNetworkPolicy: false --- -# Source: antrea/templates/crds/group.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: groups.crd.antrea.io -spec: - group: crd.antrea.io - versions: - - name: v1alpha3 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Namespaced - names: - plural: groups - singular: group - kind: Group - shortNames: - - grp ---- # Source: antrea/templates/agent/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -5077,7 +5318,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -5092,7 +5333,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/build/yamls/antrea-crds.yml b/build/yamls/antrea-crds.yml index df993db57c1..1e5920072c5 100644 --- a/build/yamls/antrea-crds.yml +++ b/build/yamls/antrea-crds.yml @@ -238,7 +238,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -353,6 +353,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1517,6 +1643,249 @@ spec: --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition metadata: name: ippools.crd.antrea.io labels: diff --git a/build/yamls/antrea-eks.yml b/build/yamls/antrea-eks.yml index b5c792d578c..416ce56152f 100644 --- a/build/yamls/antrea-eks.yml +++ b/build/yamls/antrea-eks.yml @@ -243,7 +243,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -358,6 +358,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1530,6 +1656,251 @@ spec: shortNames: - en +--- +# Source: crds/group.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp + --- # Source: crds/ippool.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3627,136 +3998,6 @@ data: # Enable Multi-cluster NetworkPolicy. enableStretchedNetworkPolicy: false --- -# Source: antrea/templates/crds/group.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: groups.crd.antrea.io -spec: - group: crd.antrea.io - versions: - - name: v1alpha3 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Namespaced - names: - plural: groups - singular: group - kind: Group - shortNames: - - grp ---- # Source: antrea/templates/agent/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -5078,7 +5319,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -5093,7 +5334,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/build/yamls/antrea-gke.yml b/build/yamls/antrea-gke.yml index d85dfa58f27..bd169c332b5 100644 --- a/build/yamls/antrea-gke.yml +++ b/build/yamls/antrea-gke.yml @@ -243,7 +243,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -358,6 +358,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1530,6 +1656,251 @@ spec: shortNames: - en +--- +# Source: crds/group.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp + --- # Source: crds/ippool.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3627,136 +3998,6 @@ data: # Enable Multi-cluster NetworkPolicy. enableStretchedNetworkPolicy: false --- -# Source: antrea/templates/crds/group.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: groups.crd.antrea.io -spec: - group: crd.antrea.io - versions: - - name: v1alpha3 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Namespaced - names: - plural: groups - singular: group - kind: Group - shortNames: - - grp ---- # Source: antrea/templates/agent/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -5075,7 +5316,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -5090,7 +5331,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/build/yamls/antrea-ipsec.yml b/build/yamls/antrea-ipsec.yml index b9b3436cad4..72ba51bd8ce 100644 --- a/build/yamls/antrea-ipsec.yml +++ b/build/yamls/antrea-ipsec.yml @@ -243,7 +243,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -358,6 +358,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1530,6 +1656,251 @@ spec: shortNames: - en +--- +# Source: crds/group.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp + --- # Source: crds/ippool.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3640,136 +4011,6 @@ data: # Enable Multi-cluster NetworkPolicy. enableStretchedNetworkPolicy: false --- -# Source: antrea/templates/crds/group.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: groups.crd.antrea.io -spec: - group: crd.antrea.io - versions: - - name: v1alpha3 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Namespaced - names: - plural: groups - singular: group - kind: Group - shortNames: - - grp ---- # Source: antrea/templates/agent/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -5134,7 +5375,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -5149,7 +5390,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/build/yamls/antrea.yml b/build/yamls/antrea.yml index 85878221c8c..3fd6f8be538 100644 --- a/build/yamls/antrea.yml +++ b/build/yamls/antrea.yml @@ -243,7 +243,7 @@ spec: type: string - name: v1alpha3 served: true - storage: true + storage: false schema: openAPIV3Schema: type: object @@ -358,6 +358,132 @@ spec: type: string subresources: status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + matchLabels: + additionalProperties: + type: string + pattern: "^(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])?$" + type: object + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } conversion: strategy: Webhook webhook: @@ -1530,6 +1656,251 @@ spec: shortNames: - en +--- +# Source: crds/group.yaml +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: groups.crd.antrea.io +spec: + group: crd.antrea.io + versions: + - name: v1alpha3 + served: true + storage: false + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: {} + - name: v1beta1 + served: true + storage: true + schema: + openAPIV3Schema: + type: object + properties: + spec: + type: object + properties: + childGroups: + type: array + items: + type: string + podSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + namespaceSelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + externalEntitySelector: + type: object + properties: + matchExpressions: + type: array + items: + type: object + properties: + key: + type: string + operator: + enum: + - In + - NotIn + - Exists + - DoesNotExist + type: string + values: + type: array + items: + type: string + matchLabels: + x-kubernetes-preserve-unknown-fields: true + ipBlocks: + type: array + items: + type: object + properties: + cidr: + type: string + format: cidr + serviceReference: + type: object + properties: + name: + type: string + namespace: + type: string + status: + type: object + properties: + conditions: + type: array + items: + type: object + properties: + type: + type: string + status: + type: string + lastTransitionTime: + type: string + subresources: + status: { } + scope: Namespaced + names: + plural: groups + singular: group + kind: Group + shortNames: + - grp + --- # Source: crds/ippool.yaml apiVersion: apiextensions.k8s.io/v1 @@ -3627,136 +3998,6 @@ data: # Enable Multi-cluster NetworkPolicy. enableStretchedNetworkPolicy: false --- -# Source: antrea/templates/crds/group.yaml -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - name: groups.crd.antrea.io -spec: - group: crd.antrea.io - versions: - - name: v1alpha3 - served: true - storage: true - schema: - openAPIV3Schema: - type: object - properties: - spec: - type: object - properties: - childGroups: - type: array - items: - type: string - podSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - namespaceSelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - externalEntitySelector: - type: object - properties: - matchExpressions: - type: array - items: - type: object - properties: - key: - type: string - operator: - enum: - - In - - NotIn - - Exists - - DoesNotExist - type: string - values: - type: array - items: - type: string - matchLabels: - x-kubernetes-preserve-unknown-fields: true - ipBlocks: - type: array - items: - type: object - properties: - cidr: - type: string - format: cidr - serviceReference: - type: object - properties: - name: - type: string - namespace: - type: string - status: - type: object - properties: - conditions: - type: array - items: - type: object - properties: - type: - type: string - status: - type: string - lastTransitionTime: - type: string - subresources: - status: {} - scope: Namespaced - names: - plural: groups - singular: group - kind: Group - shortNames: - - grp ---- # Source: antrea/templates/agent/clusterrole.yaml kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -5075,7 +5316,7 @@ webhooks: rules: - operations: ["CREATE", "UPDATE"] apiGroups: ["crd.antrea.io"] - apiVersions: ["v1alpha3", "v1alpha2"] + apiVersions: ["v1beta1"] resources: ["clustergroups"] scope: "Cluster" admissionReviewVersions: ["v1", "v1beta1"] @@ -5090,7 +5331,7 @@ webhooks: rules: - operations: [ "CREATE", "UPDATE" ] apiGroups: [ "crd.antrea.io" ] - apiVersions: [ "v1alpha3" ] + apiVersions: [ "v1beta1" ] resources: [ "groups" ] scope: "Namespaced" admissionReviewVersions: [ "v1", "v1beta1" ] diff --git a/cmd/antrea-controller/controller.go b/cmd/antrea-controller/controller.go index 34aeb18fd78..d9c9aaa3bf4 100644 --- a/cmd/antrea-controller/controller.go +++ b/cmd/antrea-controller/controller.go @@ -139,8 +139,8 @@ func run(o *Options) error { annpInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() tierInformer := crdInformerFactory.Crd().V1beta1().Tiers() tfInformer := crdInformerFactory.Crd().V1alpha1().Traceflows() - cgInformer := crdInformerFactory.Crd().V1alpha3().ClusterGroups() - grpInformer := crdInformerFactory.Crd().V1alpha3().Groups() + cgInformer := crdInformerFactory.Crd().V1beta1().ClusterGroups() + grpInformer := crdInformerFactory.Crd().V1beta1().Groups() egressInformer := crdInformerFactory.Crd().V1alpha2().Egresses() externalIPPoolInformer := crdInformerFactory.Crd().V1beta1().ExternalIPPools() externalNodeInformer := crdInformerFactory.Crd().V1alpha1().ExternalNodes() diff --git a/docs/antrea-network-policy.md b/docs/antrea-network-policy.md index 2eaf896b511..4f3d2a10e34 100644 --- a/docs/antrea-network-policy.md +++ b/docs/antrea-network-policy.md @@ -1516,7 +1516,7 @@ without having to update individual policy rules. Below are some example ClusterGroup specs: ```yaml -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: ClusterGroup metadata: name: test-cg-sel @@ -1528,7 +1528,7 @@ spec: matchLabels: env: prod --- -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: ClusterGroup metadata: name: test-cg-ip-block @@ -1537,7 +1537,7 @@ spec: ipBlocks: - cidr: 10.0.10.0/24 --- -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: ClusterGroup metadata: name: test-cg-svc-ref @@ -1547,7 +1547,7 @@ spec: name: test-service namespace: default --- -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: ClusterGroup metadata: name: test-cg-nested @@ -1643,7 +1643,7 @@ Below are some example Group specs: ```yaml # Group that selects all Pods labeled role: db in the default Namespace -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: Group metadata: name: test-grp-sel @@ -1655,7 +1655,7 @@ spec: --- # Group that selects all Pods labeled role: db in Namespaces labeled env: prod. # This Group cannot be used in Antrea NetworkPolicy appliedTo because of the namespaceSelector. -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: Group metadata: name: test-grp-with-namespace @@ -1668,7 +1668,7 @@ spec: env: prod --- # Group that selects IP block 10.0.10.0/24. -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: Group metadata: name: test-grp-ip-block @@ -1678,7 +1678,7 @@ spec: - cidr: 10.0.10.0/24 --- # Group that selects Service named test-service in the default Namespace. -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: Group metadata: name: test-grp-svc-ref @@ -1689,7 +1689,7 @@ spec: namespace: default --- # Group that includes the previous Groups as childGroups. -apiVersion: crd.antrea.io/v1alpha3 +apiVersion: crd.antrea.io/v1beta1 kind: Group metadata: name: test-grp-nested diff --git a/docs/api.md b/docs/api.md index 89f61be27a5..3799f5f4eab 100644 --- a/docs/api.md +++ b/docs/api.md @@ -29,13 +29,15 @@ These are the CRDs currently available in `crd.antrea.io`. | `AntreaAgentInfo` | v1beta1 | v1.0.0 | N/A | N/A | | `AntreaControllerInfo` | v1beta1 | v1.0.0 | N/A | N/A | | `ClusterGroup` | v1alpha2 | v1.0.0 | v1.1.0 | v2.0.0 | -| `ClusterGroup` | v1alpha3 | v1.1.0 | N/A | N/A | +| `ClusterGroup` | v1alpha3 | v1.1.0 | v1.13.0 | N/A | +| `ClusterGroup` | v1beta1 | v1.13.0 | N/A | N/A | | `ClusterNetworkPolicy` | v1alpha1 | v1.0.0 | N/A | N/A | | `Egress` | v1alpha2 | v1.0.0 | N/A | N/A | | `ExternalEntity` | v1alpha2 | v1.0.0 | N/A | N/A | | `ExternalIPPool` | v1alpha2 | v1.2.0 | v1.13.0 | N/A | | `ExternalIPPool` | v1beta1 | v1.13.0 | N/A | N/A | -| `Group` | v1alpha3 | v1.8.0 | N/A | N/A | +| `Group` | v1alpha3 | v1.8.0 | v1.13.0 | N/A | +| `Group` | v1beta1 | v1.13.0 | N/A | N/A | | `NetworkPolicy` | v1alpha1 | v1.0.0 | N/A | N/A | | `Tier` | v1alpha1 | v1.0.0 | v1.13.0 | v2.0.0 | | `Tier` | v1beta1 | v1.13.0 | N/A | N/A | diff --git a/pkg/apis/crd/v1beta1/register.go b/pkg/apis/crd/v1beta1/register.go index cd5e2213eb2..82a785cd6ec 100644 --- a/pkg/apis/crd/v1beta1/register.go +++ b/pkg/apis/crd/v1beta1/register.go @@ -50,6 +50,10 @@ func addKnownTypes(scheme *runtime.Scheme) error { &TierList{}, &ExternalIPPool{}, &ExternalIPPoolList{}, + &ClusterGroup{}, + &ClusterGroupList{}, + &Group{}, + &GroupList{}, ) metav1.AddToGroupVersion( diff --git a/pkg/apis/crd/v1beta1/types.go b/pkg/apis/crd/v1beta1/types.go index 79a1184a3fe..6bd9e698f5f 100644 --- a/pkg/apis/crd/v1beta1/types.go +++ b/pkg/apis/crd/v1beta1/types.go @@ -17,6 +17,8 @@ package v1beta1 import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "antrea.io/antrea/pkg/apis/crd/v1alpha1" ) // +genclient @@ -243,3 +245,109 @@ type IPPoolUsage struct { // Number of allocated IPs. Used int `json:"used"` } + +// +genclient +// +genclient:nonNamespaced +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterGroup struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Desired state of the group. + Spec GroupSpec `json:"spec"` + // Most recently observed status of the group. + Status GroupStatus `json:"status"` +} + +type GroupSpec struct { + // Select Pods matching the labels set in the PodSelector in + // AppliedTo/To/From fields. If set with NamespaceSelector, Pods are + // matched from Namespaces matched by the NamespaceSelector. + // Cannot be set with any other selector except NamespaceSelector. + // +optional + PodSelector *metav1.LabelSelector `json:"podSelector,omitempty"` + // Select all Pods from Namespaces matched by this selector, as + // workloads in AppliedTo/To/From fields. If set with PodSelector, + // Pods are matched from Namespaces matched by the NamespaceSelector. + // Cannot be set with any other selector except PodSelector. + // +optional + NamespaceSelector *metav1.LabelSelector `json:"namespaceSelector,omitempty"` + // IPBlocks describe the IPAddresses/IPBlocks that are matched in to/from. + // IPBlocks cannot be set as part of the AppliedTo field. + // Cannot be set with any other selector or ServiceReference. + // +optional + IPBlocks []v1alpha1.IPBlock `json:"ipBlocks,omitempty"` + // Select backend Pods of the referred Service. + // Cannot be set with any other selector or ipBlock. + // +optional + ServiceReference *v1alpha1.NamespacedName `json:"serviceReference,omitempty"` + // Select ExternalEntities from all Namespaces as workloads + // in AppliedTo/To/From fields. If set with NamespaceSelector, + // ExternalEntities are matched from Namespaces matched by the + // NamespaceSelector. + // Cannot be set with any other selector except NamespaceSelector. + // +optional + ExternalEntitySelector *metav1.LabelSelector `json:"externalEntitySelector,omitempty"` + // Select other ClusterGroups by name. The ClusterGroups must already + // exist and must not contain ChildGroups themselves. + // Cannot be set with any selector/IPBlock/ServiceReference. + // +optional + ChildGroups []ClusterGroupReference `json:"childGroups,omitempty"` +} + +type GroupConditionType string + +const GroupMembersComputed GroupConditionType = "GroupMembersComputed" + +type GroupCondition struct { + Type GroupConditionType `json:"type"` + Status corev1.ConditionStatus `json:"status"` + LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"` +} + +// GroupStatus represents information about the status of a Group. +type GroupStatus struct { + Conditions []GroupCondition `json:"conditions,omitempty"` +} + +// ClusterGroupReference represent reference to a ClusterGroup. +type ClusterGroupReference string + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type ClusterGroupList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []ClusterGroup `json:"items,omitempty"` +} + +// +genclient +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +// Group can be used in AntreaNetworkPolicies. When used with AppliedTo, it cannot include NamespaceSelector, +// otherwise, Antrea will not realize the NetworkPolicy or rule, but will just update the NetworkPolicy +// Status as "Unrealizable". +type Group struct { + metav1.TypeMeta `json:",inline"` + // Standard metadata of the object. + metav1.ObjectMeta `json:"metadata,omitempty"` + + // Desired state of the group. + Spec GroupSpec `json:"spec"` + // Most recently observed status of the group. + Status GroupStatus `json:"status"` +} + +// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object + +type GroupList struct { + metav1.TypeMeta `json:",inline"` + // +optional + metav1.ListMeta `json:"metadata,omitempty"` + + Items []Group `json:"items,omitempty"` +} diff --git a/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go b/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go index 65ec6c41cc9..46d5f6da8b6 100644 --- a/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go +++ b/pkg/apis/crd/v1beta1/zz_generated.deepcopy.go @@ -20,6 +20,8 @@ package v1beta1 import ( + v1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -190,6 +192,67 @@ func (in *AntreaControllerInfoList) DeepCopyObject() runtime.Object { return nil } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterGroup) DeepCopyInto(out *ClusterGroup) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroup. +func (in *ClusterGroup) DeepCopy() *ClusterGroup { + if in == nil { + return nil + } + out := new(ClusterGroup) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterGroup) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ClusterGroupList) DeepCopyInto(out *ClusterGroupList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]ClusterGroup, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterGroupList. +func (in *ClusterGroupList) DeepCopy() *ClusterGroupList { + if in == nil { + return nil + } + out := new(ClusterGroupList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *ClusterGroupList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ControllerCondition) DeepCopyInto(out *ControllerCondition) { *out = *in @@ -307,6 +370,153 @@ func (in *ExternalIPPoolStatus) DeepCopy() *ExternalIPPoolStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Group) DeepCopyInto(out *Group) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Group. +func (in *Group) DeepCopy() *Group { + if in == nil { + return nil + } + out := new(Group) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *Group) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupCondition) DeepCopyInto(out *GroupCondition) { + *out = *in + in.LastTransitionTime.DeepCopyInto(&out.LastTransitionTime) + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupCondition. +func (in *GroupCondition) DeepCopy() *GroupCondition { + if in == nil { + return nil + } + out := new(GroupCondition) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupList) DeepCopyInto(out *GroupList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]Group, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupList. +func (in *GroupList) DeepCopy() *GroupList { + if in == nil { + return nil + } + out := new(GroupList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *GroupList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupSpec) DeepCopyInto(out *GroupSpec) { + *out = *in + if in.PodSelector != nil { + in, out := &in.PodSelector, &out.PodSelector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.NamespaceSelector != nil { + in, out := &in.NamespaceSelector, &out.NamespaceSelector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.IPBlocks != nil { + in, out := &in.IPBlocks, &out.IPBlocks + *out = make([]v1alpha1.IPBlock, len(*in)) + copy(*out, *in) + } + if in.ServiceReference != nil { + in, out := &in.ServiceReference, &out.ServiceReference + *out = new(v1alpha1.NamespacedName) + **out = **in + } + if in.ExternalEntitySelector != nil { + in, out := &in.ExternalEntitySelector, &out.ExternalEntitySelector + *out = new(v1.LabelSelector) + (*in).DeepCopyInto(*out) + } + if in.ChildGroups != nil { + in, out := &in.ChildGroups, &out.ChildGroups + *out = make([]ClusterGroupReference, len(*in)) + copy(*out, *in) + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec. +func (in *GroupSpec) DeepCopy() *GroupSpec { + if in == nil { + return nil + } + out := new(GroupSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *GroupStatus) DeepCopyInto(out *GroupStatus) { + *out = *in + if in.Conditions != nil { + in, out := &in.Conditions, &out.Conditions + *out = make([]GroupCondition, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + return +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupStatus. +func (in *GroupStatus) DeepCopy() *GroupStatus { + if in == nil { + return nil + } + out := new(GroupStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *IPPoolUsage) DeepCopyInto(out *IPPoolUsage) { *out = *in diff --git a/pkg/apiserver/openapi/zz_generated.openapi.go b/pkg/apiserver/openapi/zz_generated.openapi.go index 6f6e76d5a8d..491d243e52b 100644 --- a/pkg/apiserver/openapi/zz_generated.openapi.go +++ b/pkg/apiserver/openapi/zz_generated.openapi.go @@ -78,11 +78,18 @@ func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenA "antrea.io/antrea/pkg/apis/crd/v1beta1.AntreaAgentInfoList": schema_pkg_apis_crd_v1beta1_AntreaAgentInfoList(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfo": schema_pkg_apis_crd_v1beta1_AntreaControllerInfo(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.AntreaControllerInfoList": schema_pkg_apis_crd_v1beta1_AntreaControllerInfoList(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.ClusterGroup": schema_pkg_apis_crd_v1beta1_ClusterGroup(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.ClusterGroupList": schema_pkg_apis_crd_v1beta1_ClusterGroupList(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.ControllerCondition": schema_pkg_apis_crd_v1beta1_ControllerCondition(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.ExternalIPPool": schema_pkg_apis_crd_v1beta1_ExternalIPPool(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.ExternalIPPoolList": schema_pkg_apis_crd_v1beta1_ExternalIPPoolList(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.ExternalIPPoolSpec": schema_pkg_apis_crd_v1beta1_ExternalIPPoolSpec(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.ExternalIPPoolStatus": schema_pkg_apis_crd_v1beta1_ExternalIPPoolStatus(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.Group": schema_pkg_apis_crd_v1beta1_Group(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupCondition": schema_pkg_apis_crd_v1beta1_GroupCondition(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupList": schema_pkg_apis_crd_v1beta1_GroupList(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupSpec": schema_pkg_apis_crd_v1beta1_GroupSpec(ref), + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupStatus": schema_pkg_apis_crd_v1beta1_GroupStatus(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.IPPoolUsage": schema_pkg_apis_crd_v1beta1_IPPoolUsage(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.IPRange": schema_pkg_apis_crd_v1beta1_IPRange(ref), "antrea.io/antrea/pkg/apis/crd/v1beta1.NetworkPolicyControllerInfo": schema_pkg_apis_crd_v1beta1_NetworkPolicyControllerInfo(ref), @@ -2804,6 +2811,103 @@ func schema_pkg_apis_crd_v1beta1_AntreaControllerInfoList(ref common.ReferenceCa } } +func schema_pkg_apis_crd_v1beta1_ClusterGroup(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "Standard metadata of the object.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "Desired state of the group.", + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.GroupSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Most recently observed status of the group.", + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.GroupStatus"), + }, + }, + }, + Required: []string{"spec", "status"}, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupSpec", "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_crd_v1beta1_ClusterGroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.ClusterGroup"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1beta1.ClusterGroup", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + func schema_pkg_apis_crd_v1beta1_ControllerCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ @@ -3011,6 +3115,234 @@ func schema_pkg_apis_crd_v1beta1_ExternalIPPoolStatus(ref common.ReferenceCallba } } +func schema_pkg_apis_crd_v1beta1_Group(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "Group can be used in AntreaNetworkPolicies. When used with AppliedTo, it cannot include NamespaceSelector, otherwise, Antrea will not realize the NetworkPolicy or rule, but will just update the NetworkPolicy Status as \"Unrealizable\".", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Description: "Standard metadata of the object.", + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), + }, + }, + "spec": { + SchemaProps: spec.SchemaProps{ + Description: "Desired state of the group.", + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.GroupSpec"), + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Description: "Most recently observed status of the group.", + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.GroupStatus"), + }, + }, + }, + Required: []string{"spec", "status"}, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupSpec", "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, + } +} + +func schema_pkg_apis_crd_v1beta1_GroupCondition(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "type": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "status": { + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + "lastTransitionTime": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.Time"), + }, + }, + }, + Required: []string{"type", "status"}, + }, + }, + Dependencies: []string{ + "k8s.io/apimachinery/pkg/apis/meta/v1.Time"}, + } +} + +func schema_pkg_apis_crd_v1beta1_GroupList(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "kind": { + SchemaProps: spec.SchemaProps{ + Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", + Type: []string{"string"}, + Format: "", + }, + }, + "apiVersion": { + SchemaProps: spec.SchemaProps{ + Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", + Type: []string{"string"}, + Format: "", + }, + }, + "metadata": { + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"), + }, + }, + "items": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.Group"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1beta1.Group", "k8s.io/apimachinery/pkg/apis/meta/v1.ListMeta"}, + } +} + +func schema_pkg_apis_crd_v1beta1_GroupSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "podSelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select Pods matching the labels set in the PodSelector in AppliedTo/To/From fields. If set with NamespaceSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "namespaceSelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select all Pods from Namespaces matched by this selector, as workloads in AppliedTo/To/From fields. If set with PodSelector, Pods are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except PodSelector.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "ipBlocks": { + SchemaProps: spec.SchemaProps{ + Description: "IPBlocks describe the IPAddresses/IPBlocks that are matched in to/from. IPBlocks cannot be set as part of the AppliedTo field. Cannot be set with any other selector or ServiceReference.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1alpha1.IPBlock"), + }, + }, + }, + }, + }, + "serviceReference": { + SchemaProps: spec.SchemaProps{ + Description: "Select backend Pods of the referred Service. Cannot be set with any other selector or ipBlock.", + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1alpha1.NamespacedName"), + }, + }, + "externalEntitySelector": { + SchemaProps: spec.SchemaProps{ + Description: "Select ExternalEntities from all Namespaces as workloads in AppliedTo/To/From fields. If set with NamespaceSelector, ExternalEntities are matched from Namespaces matched by the NamespaceSelector. Cannot be set with any other selector except NamespaceSelector.", + Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"), + }, + }, + "childGroups": { + SchemaProps: spec.SchemaProps{ + Description: "Select other ClusterGroups by name. The ClusterGroups must already exist and must not contain ChildGroups themselves. Cannot be set with any selector/IPBlock/ServiceReference.", + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: "", + Type: []string{"string"}, + Format: "", + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1alpha1.IPBlock", "antrea.io/antrea/pkg/apis/crd/v1alpha1.NamespacedName", "k8s.io/apimachinery/pkg/apis/meta/v1.LabelSelector"}, + } +} + +func schema_pkg_apis_crd_v1beta1_GroupStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { + return common.OpenAPIDefinition{ + Schema: spec.Schema{ + SchemaProps: spec.SchemaProps{ + Description: "GroupStatus represents information about the status of a Group.", + Type: []string{"object"}, + Properties: map[string]spec.Schema{ + "conditions": { + SchemaProps: spec.SchemaProps{ + Type: []string{"array"}, + Items: &spec.SchemaOrArray{ + Schema: &spec.Schema{ + SchemaProps: spec.SchemaProps{ + Default: map[string]interface{}{}, + Ref: ref("antrea.io/antrea/pkg/apis/crd/v1beta1.GroupCondition"), + }, + }, + }, + }, + }, + }, + }, + }, + Dependencies: []string{ + "antrea.io/antrea/pkg/apis/crd/v1beta1.GroupCondition"}, + } +} + func schema_pkg_apis_crd_v1beta1_IPPoolUsage(ref common.ReferenceCallback) common.OpenAPIDefinition { return common.OpenAPIDefinition{ Schema: spec.Schema{ diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/clustergroup.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/clustergroup.go new file mode 100644 index 00000000000..315471e69fe --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/clustergroup.go @@ -0,0 +1,182 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + scheme "antrea.io/antrea/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// ClusterGroupsGetter has a method to return a ClusterGroupInterface. +// A group's client should implement this interface. +type ClusterGroupsGetter interface { + ClusterGroups() ClusterGroupInterface +} + +// ClusterGroupInterface has methods to work with ClusterGroup resources. +type ClusterGroupInterface interface { + Create(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.CreateOptions) (*v1beta1.ClusterGroup, error) + Update(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (*v1beta1.ClusterGroup, error) + UpdateStatus(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (*v1beta1.ClusterGroup, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.ClusterGroup, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.ClusterGroupList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterGroup, err error) + ClusterGroupExpansion +} + +// clusterGroups implements ClusterGroupInterface +type clusterGroups struct { + client rest.Interface +} + +// newClusterGroups returns a ClusterGroups +func newClusterGroups(c *CrdV1beta1Client) *clusterGroups { + return &clusterGroups{ + client: c.RESTClient(), + } +} + +// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. +func (c *clusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ClusterGroup, err error) { + result = &v1beta1.ClusterGroup{} + err = c.client.Get(). + Resource("clustergroups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. +func (c *clusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ClusterGroupList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.ClusterGroupList{} + err = c.client.Get(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested clusterGroups. +func (c *clusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *clusterGroups) Create(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.CreateOptions) (result *v1beta1.ClusterGroup, err error) { + result = &v1beta1.ClusterGroup{} + err = c.client.Post(). + Resource("clustergroups"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *clusterGroups) Update(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (result *v1beta1.ClusterGroup, err error) { + result = &v1beta1.ClusterGroup{} + err = c.client.Put(). + Resource("clustergroups"). + Name(clusterGroup.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *clusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (result *v1beta1.ClusterGroup, err error) { + result = &v1beta1.ClusterGroup{} + err = c.client.Put(). + Resource("clustergroups"). + Name(clusterGroup.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(clusterGroup). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. +func (c *clusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Resource("clustergroups"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *clusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Resource("clustergroups"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched clusterGroup. +func (c *clusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterGroup, err error) { + result = &v1beta1.ClusterGroup{} + err = c.client.Patch(pt). + Resource("clustergroups"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go index 665bcced49e..e637197eaa0 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/crd_client.go @@ -28,7 +28,9 @@ type CrdV1beta1Interface interface { RESTClient() rest.Interface AntreaAgentInfosGetter AntreaControllerInfosGetter + ClusterGroupsGetter ExternalIPPoolsGetter + GroupsGetter TiersGetter } @@ -45,10 +47,18 @@ func (c *CrdV1beta1Client) AntreaControllerInfos() AntreaControllerInfoInterface return newAntreaControllerInfos(c) } +func (c *CrdV1beta1Client) ClusterGroups() ClusterGroupInterface { + return newClusterGroups(c) +} + func (c *CrdV1beta1Client) ExternalIPPools() ExternalIPPoolInterface { return newExternalIPPools(c) } +func (c *CrdV1beta1Client) Groups(namespace string) GroupInterface { + return newGroups(c, namespace) +} + func (c *CrdV1beta1Client) Tiers() TierInterface { return newTiers(c) } diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_clustergroup.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_clustergroup.go new file mode 100644 index 00000000000..99e839507dd --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_clustergroup.go @@ -0,0 +1,131 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeClusterGroups implements ClusterGroupInterface +type FakeClusterGroups struct { + Fake *FakeCrdV1beta1 +} + +var clustergroupsResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1beta1", Resource: "clustergroups"} + +var clustergroupsKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1beta1", Kind: "ClusterGroup"} + +// Get takes name of the clusterGroup, and returns the corresponding clusterGroup object, and an error if there is any. +func (c *FakeClusterGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootGetAction(clustergroupsResource, name), &v1beta1.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ClusterGroup), err +} + +// List takes label and field selectors, and returns the list of ClusterGroups that match those selectors. +func (c *FakeClusterGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.ClusterGroupList, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootListAction(clustergroupsResource, clustergroupsKind, opts), &v1beta1.ClusterGroupList{}) + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.ClusterGroupList{ListMeta: obj.(*v1beta1.ClusterGroupList).ListMeta} + for _, item := range obj.(*v1beta1.ClusterGroupList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested clusterGroups. +func (c *FakeClusterGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewRootWatchAction(clustergroupsResource, opts)) +} + +// Create takes the representation of a clusterGroup and creates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *FakeClusterGroups) Create(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.CreateOptions) (result *v1beta1.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootCreateAction(clustergroupsResource, clusterGroup), &v1beta1.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ClusterGroup), err +} + +// Update takes the representation of a clusterGroup and updates it. Returns the server's representation of the clusterGroup, and an error, if there is any. +func (c *FakeClusterGroups) Update(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (result *v1beta1.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateAction(clustergroupsResource, clusterGroup), &v1beta1.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ClusterGroup), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeClusterGroups) UpdateStatus(ctx context.Context, clusterGroup *v1beta1.ClusterGroup, opts v1.UpdateOptions) (*v1beta1.ClusterGroup, error) { + obj, err := c.Fake. + Invokes(testing.NewRootUpdateSubresourceAction(clustergroupsResource, "status", clusterGroup), &v1beta1.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ClusterGroup), err +} + +// Delete takes name of the clusterGroup and deletes it. Returns an error if one occurs. +func (c *FakeClusterGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewRootDeleteActionWithOptions(clustergroupsResource, name, opts), &v1beta1.ClusterGroup{}) + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeClusterGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewRootDeleteCollectionAction(clustergroupsResource, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.ClusterGroupList{}) + return err +} + +// Patch applies the patch and returns the patched clusterGroup. +func (c *FakeClusterGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.ClusterGroup, err error) { + obj, err := c.Fake. + Invokes(testing.NewRootPatchSubresourceAction(clustergroupsResource, name, pt, data, subresources...), &v1beta1.ClusterGroup{}) + if obj == nil { + return nil, err + } + return obj.(*v1beta1.ClusterGroup), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go index 66c1007fe7e..c7df84a72ed 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_crd_client.go @@ -34,10 +34,18 @@ func (c *FakeCrdV1beta1) AntreaControllerInfos() v1beta1.AntreaControllerInfoInt return &FakeAntreaControllerInfos{c} } +func (c *FakeCrdV1beta1) ClusterGroups() v1beta1.ClusterGroupInterface { + return &FakeClusterGroups{c} +} + func (c *FakeCrdV1beta1) ExternalIPPools() v1beta1.ExternalIPPoolInterface { return &FakeExternalIPPools{c} } +func (c *FakeCrdV1beta1) Groups(namespace string) v1beta1.GroupInterface { + return &FakeGroups{c, namespace} +} + func (c *FakeCrdV1beta1) Tiers() v1beta1.TierInterface { return &FakeTiers{c} } diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_group.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_group.go new file mode 100644 index 00000000000..2ee7d88a77c --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/fake/fake_group.go @@ -0,0 +1,140 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package fake + +import ( + "context" + + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + labels "k8s.io/apimachinery/pkg/labels" + schema "k8s.io/apimachinery/pkg/runtime/schema" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + testing "k8s.io/client-go/testing" +) + +// FakeGroups implements GroupInterface +type FakeGroups struct { + Fake *FakeCrdV1beta1 + ns string +} + +var groupsResource = schema.GroupVersionResource{Group: "crd.antrea.io", Version: "v1beta1", Resource: "groups"} + +var groupsKind = schema.GroupVersionKind{Group: "crd.antrea.io", Version: "v1beta1", Kind: "Group"} + +// Get takes name of the group, and returns the corresponding group object, and an error if there is any. +func (c *FakeGroups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Group, err error) { + obj, err := c.Fake. + Invokes(testing.NewGetAction(groupsResource, c.ns, name), &v1beta1.Group{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Group), err +} + +// List takes label and field selectors, and returns the list of Groups that match those selectors. +func (c *FakeGroups) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.GroupList, err error) { + obj, err := c.Fake. + Invokes(testing.NewListAction(groupsResource, groupsKind, c.ns, opts), &v1beta1.GroupList{}) + + if obj == nil { + return nil, err + } + + label, _, _ := testing.ExtractFromListOptions(opts) + if label == nil { + label = labels.Everything() + } + list := &v1beta1.GroupList{ListMeta: obj.(*v1beta1.GroupList).ListMeta} + for _, item := range obj.(*v1beta1.GroupList).Items { + if label.Matches(labels.Set(item.Labels)) { + list.Items = append(list.Items, item) + } + } + return list, err +} + +// Watch returns a watch.Interface that watches the requested groups. +func (c *FakeGroups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + return c.Fake. + InvokesWatch(testing.NewWatchAction(groupsResource, c.ns, opts)) + +} + +// Create takes the representation of a group and creates it. Returns the server's representation of the group, and an error, if there is any. +func (c *FakeGroups) Create(ctx context.Context, group *v1beta1.Group, opts v1.CreateOptions) (result *v1beta1.Group, err error) { + obj, err := c.Fake. + Invokes(testing.NewCreateAction(groupsResource, c.ns, group), &v1beta1.Group{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Group), err +} + +// Update takes the representation of a group and updates it. Returns the server's representation of the group, and an error, if there is any. +func (c *FakeGroups) Update(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (result *v1beta1.Group, err error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateAction(groupsResource, c.ns, group), &v1beta1.Group{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Group), err +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *FakeGroups) UpdateStatus(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (*v1beta1.Group, error) { + obj, err := c.Fake. + Invokes(testing.NewUpdateSubresourceAction(groupsResource, "status", c.ns, group), &v1beta1.Group{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Group), err +} + +// Delete takes name of the group and deletes it. Returns an error if one occurs. +func (c *FakeGroups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + _, err := c.Fake. + Invokes(testing.NewDeleteActionWithOptions(groupsResource, c.ns, name, opts), &v1beta1.Group{}) + + return err +} + +// DeleteCollection deletes a collection of objects. +func (c *FakeGroups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + action := testing.NewDeleteCollectionAction(groupsResource, c.ns, listOpts) + + _, err := c.Fake.Invokes(action, &v1beta1.GroupList{}) + return err +} + +// Patch applies the patch and returns the patched group. +func (c *FakeGroups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Group, err error) { + obj, err := c.Fake. + Invokes(testing.NewPatchSubresourceAction(groupsResource, c.ns, name, pt, data, subresources...), &v1beta1.Group{}) + + if obj == nil { + return nil, err + } + return obj.(*v1beta1.Group), err +} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go index 93dd67a2d3b..578b75d698a 100644 --- a/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/generated_expansion.go @@ -20,6 +20,10 @@ type AntreaAgentInfoExpansion interface{} type AntreaControllerInfoExpansion interface{} +type ClusterGroupExpansion interface{} + type ExternalIPPoolExpansion interface{} +type GroupExpansion interface{} + type TierExpansion interface{} diff --git a/pkg/client/clientset/versioned/typed/crd/v1beta1/group.go b/pkg/client/clientset/versioned/typed/crd/v1beta1/group.go new file mode 100644 index 00000000000..6a3cc8a2975 --- /dev/null +++ b/pkg/client/clientset/versioned/typed/crd/v1beta1/group.go @@ -0,0 +1,193 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by client-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + "time" + + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + scheme "antrea.io/antrea/pkg/client/clientset/versioned/scheme" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + types "k8s.io/apimachinery/pkg/types" + watch "k8s.io/apimachinery/pkg/watch" + rest "k8s.io/client-go/rest" +) + +// GroupsGetter has a method to return a GroupInterface. +// A group's client should implement this interface. +type GroupsGetter interface { + Groups(namespace string) GroupInterface +} + +// GroupInterface has methods to work with Group resources. +type GroupInterface interface { + Create(ctx context.Context, group *v1beta1.Group, opts v1.CreateOptions) (*v1beta1.Group, error) + Update(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (*v1beta1.Group, error) + UpdateStatus(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (*v1beta1.Group, error) + Delete(ctx context.Context, name string, opts v1.DeleteOptions) error + DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error + Get(ctx context.Context, name string, opts v1.GetOptions) (*v1beta1.Group, error) + List(ctx context.Context, opts v1.ListOptions) (*v1beta1.GroupList, error) + Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) + Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Group, err error) + GroupExpansion +} + +// groups implements GroupInterface +type groups struct { + client rest.Interface + ns string +} + +// newGroups returns a Groups +func newGroups(c *CrdV1beta1Client, namespace string) *groups { + return &groups{ + client: c.RESTClient(), + ns: namespace, + } +} + +// Get takes name of the group, and returns the corresponding group object, and an error if there is any. +func (c *groups) Get(ctx context.Context, name string, options v1.GetOptions) (result *v1beta1.Group, err error) { + result = &v1beta1.Group{} + err = c.client.Get(). + Namespace(c.ns). + Resource("groups"). + Name(name). + VersionedParams(&options, scheme.ParameterCodec). + Do(ctx). + Into(result) + return +} + +// List takes label and field selectors, and returns the list of Groups that match those selectors. +func (c *groups) List(ctx context.Context, opts v1.ListOptions) (result *v1beta1.GroupList, err error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + result = &v1beta1.GroupList{} + err = c.client.Get(). + Namespace(c.ns). + Resource("groups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Do(ctx). + Into(result) + return +} + +// Watch returns a watch.Interface that watches the requested groups. +func (c *groups) Watch(ctx context.Context, opts v1.ListOptions) (watch.Interface, error) { + var timeout time.Duration + if opts.TimeoutSeconds != nil { + timeout = time.Duration(*opts.TimeoutSeconds) * time.Second + } + opts.Watch = true + return c.client.Get(). + Namespace(c.ns). + Resource("groups"). + VersionedParams(&opts, scheme.ParameterCodec). + Timeout(timeout). + Watch(ctx) +} + +// Create takes the representation of a group and creates it. Returns the server's representation of the group, and an error, if there is any. +func (c *groups) Create(ctx context.Context, group *v1beta1.Group, opts v1.CreateOptions) (result *v1beta1.Group, err error) { + result = &v1beta1.Group{} + err = c.client.Post(). + Namespace(c.ns). + Resource("groups"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(group). + Do(ctx). + Into(result) + return +} + +// Update takes the representation of a group and updates it. Returns the server's representation of the group, and an error, if there is any. +func (c *groups) Update(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (result *v1beta1.Group, err error) { + result = &v1beta1.Group{} + err = c.client.Put(). + Namespace(c.ns). + Resource("groups"). + Name(group.Name). + VersionedParams(&opts, scheme.ParameterCodec). + Body(group). + Do(ctx). + Into(result) + return +} + +// UpdateStatus was generated because the type contains a Status member. +// Add a +genclient:noStatus comment above the type to avoid generating UpdateStatus(). +func (c *groups) UpdateStatus(ctx context.Context, group *v1beta1.Group, opts v1.UpdateOptions) (result *v1beta1.Group, err error) { + result = &v1beta1.Group{} + err = c.client.Put(). + Namespace(c.ns). + Resource("groups"). + Name(group.Name). + SubResource("status"). + VersionedParams(&opts, scheme.ParameterCodec). + Body(group). + Do(ctx). + Into(result) + return +} + +// Delete takes name of the group and deletes it. Returns an error if one occurs. +func (c *groups) Delete(ctx context.Context, name string, opts v1.DeleteOptions) error { + return c.client.Delete(). + Namespace(c.ns). + Resource("groups"). + Name(name). + Body(&opts). + Do(ctx). + Error() +} + +// DeleteCollection deletes a collection of objects. +func (c *groups) DeleteCollection(ctx context.Context, opts v1.DeleteOptions, listOpts v1.ListOptions) error { + var timeout time.Duration + if listOpts.TimeoutSeconds != nil { + timeout = time.Duration(*listOpts.TimeoutSeconds) * time.Second + } + return c.client.Delete(). + Namespace(c.ns). + Resource("groups"). + VersionedParams(&listOpts, scheme.ParameterCodec). + Timeout(timeout). + Body(&opts). + Do(ctx). + Error() +} + +// Patch applies the patch and returns the patched group. +func (c *groups) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts v1.PatchOptions, subresources ...string) (result *v1beta1.Group, err error) { + result = &v1beta1.Group{} + err = c.client.Patch(pt). + Namespace(c.ns). + Resource("groups"). + Name(name). + SubResource(subresources...). + VersionedParams(&opts, scheme.ParameterCodec). + Body(data). + Do(ctx). + Into(result) + return +} diff --git a/pkg/client/informers/externalversions/crd/v1beta1/clustergroup.go b/pkg/client/informers/externalversions/crd/v1beta1/clustergroup.go new file mode 100644 index 00000000000..72428d03121 --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1beta1/clustergroup.go @@ -0,0 +1,87 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + versioned "antrea.io/antrea/pkg/client/clientset/versioned" + internalinterfaces "antrea.io/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1beta1 "antrea.io/antrea/pkg/client/listers/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// ClusterGroupInformer provides access to a shared informer and lister for +// ClusterGroups. +type ClusterGroupInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.ClusterGroupLister +} + +type clusterGroupInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc +} + +// NewClusterGroupInformer constructs a new informer for ClusterGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredClusterGroupInformer(client, resyncPeriod, indexers, nil) +} + +// NewFilteredClusterGroupInformer constructs a new informer for ClusterGroup type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredClusterGroupInformer(client versioned.Interface, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().ClusterGroups().List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().ClusterGroups().Watch(context.TODO(), options) + }, + }, + &crdv1beta1.ClusterGroup{}, + resyncPeriod, + indexers, + ) +} + +func (f *clusterGroupInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredClusterGroupInformer(client, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *clusterGroupInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1beta1.ClusterGroup{}, f.defaultInformer) +} + +func (f *clusterGroupInformer) Lister() v1beta1.ClusterGroupLister { + return v1beta1.NewClusterGroupLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1beta1/group.go b/pkg/client/informers/externalversions/crd/v1beta1/group.go new file mode 100644 index 00000000000..c8b219c371e --- /dev/null +++ b/pkg/client/informers/externalversions/crd/v1beta1/group.go @@ -0,0 +1,88 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by informer-gen. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + time "time" + + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + versioned "antrea.io/antrea/pkg/client/clientset/versioned" + internalinterfaces "antrea.io/antrea/pkg/client/informers/externalversions/internalinterfaces" + v1beta1 "antrea.io/antrea/pkg/client/listers/crd/v1beta1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + runtime "k8s.io/apimachinery/pkg/runtime" + watch "k8s.io/apimachinery/pkg/watch" + cache "k8s.io/client-go/tools/cache" +) + +// GroupInformer provides access to a shared informer and lister for +// Groups. +type GroupInformer interface { + Informer() cache.SharedIndexInformer + Lister() v1beta1.GroupLister +} + +type groupInformer struct { + factory internalinterfaces.SharedInformerFactory + tweakListOptions internalinterfaces.TweakListOptionsFunc + namespace string +} + +// NewGroupInformer constructs a new informer for Group type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewGroupInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers) cache.SharedIndexInformer { + return NewFilteredGroupInformer(client, namespace, resyncPeriod, indexers, nil) +} + +// NewFilteredGroupInformer constructs a new informer for Group type. +// Always prefer using an informer factory to get a shared informer instead of getting an independent +// one. This reduces memory footprint and number of connections to the server. +func NewFilteredGroupInformer(client versioned.Interface, namespace string, resyncPeriod time.Duration, indexers cache.Indexers, tweakListOptions internalinterfaces.TweakListOptionsFunc) cache.SharedIndexInformer { + return cache.NewSharedIndexInformer( + &cache.ListWatch{ + ListFunc: func(options v1.ListOptions) (runtime.Object, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().Groups(namespace).List(context.TODO(), options) + }, + WatchFunc: func(options v1.ListOptions) (watch.Interface, error) { + if tweakListOptions != nil { + tweakListOptions(&options) + } + return client.CrdV1beta1().Groups(namespace).Watch(context.TODO(), options) + }, + }, + &crdv1beta1.Group{}, + resyncPeriod, + indexers, + ) +} + +func (f *groupInformer) defaultInformer(client versioned.Interface, resyncPeriod time.Duration) cache.SharedIndexInformer { + return NewFilteredGroupInformer(client, f.namespace, resyncPeriod, cache.Indexers{cache.NamespaceIndex: cache.MetaNamespaceIndexFunc}, f.tweakListOptions) +} + +func (f *groupInformer) Informer() cache.SharedIndexInformer { + return f.factory.InformerFor(&crdv1beta1.Group{}, f.defaultInformer) +} + +func (f *groupInformer) Lister() v1beta1.GroupLister { + return v1beta1.NewGroupLister(f.Informer().GetIndexer()) +} diff --git a/pkg/client/informers/externalversions/crd/v1beta1/interface.go b/pkg/client/informers/externalversions/crd/v1beta1/interface.go index 495dd84c7dd..2a7a0fa88ba 100644 --- a/pkg/client/informers/externalversions/crd/v1beta1/interface.go +++ b/pkg/client/informers/externalversions/crd/v1beta1/interface.go @@ -26,8 +26,12 @@ type Interface interface { AntreaAgentInfos() AntreaAgentInfoInformer // AntreaControllerInfos returns a AntreaControllerInfoInformer. AntreaControllerInfos() AntreaControllerInfoInformer + // ClusterGroups returns a ClusterGroupInformer. + ClusterGroups() ClusterGroupInformer // ExternalIPPools returns a ExternalIPPoolInformer. ExternalIPPools() ExternalIPPoolInformer + // Groups returns a GroupInformer. + Groups() GroupInformer // Tiers returns a TierInformer. Tiers() TierInformer } @@ -53,11 +57,21 @@ func (v *version) AntreaControllerInfos() AntreaControllerInfoInformer { return &antreaControllerInfoInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } +// ClusterGroups returns a ClusterGroupInformer. +func (v *version) ClusterGroups() ClusterGroupInformer { + return &clusterGroupInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} +} + // ExternalIPPools returns a ExternalIPPoolInformer. func (v *version) ExternalIPPools() ExternalIPPoolInformer { return &externalIPPoolInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} } +// Groups returns a GroupInformer. +func (v *version) Groups() GroupInformer { + return &groupInformer{factory: v.factory, namespace: v.namespace, tweakListOptions: v.tweakListOptions} +} + // Tiers returns a TierInformer. func (v *version) Tiers() TierInformer { return &tierInformer{factory: v.factory, tweakListOptions: v.tweakListOptions} diff --git a/pkg/client/informers/externalversions/generic.go b/pkg/client/informers/externalversions/generic.go index a6feeb14963..a1ea279fc40 100644 --- a/pkg/client/informers/externalversions/generic.go +++ b/pkg/client/informers/externalversions/generic.go @@ -92,8 +92,12 @@ func (f *sharedInformerFactory) ForResource(resource schema.GroupVersionResource return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().AntreaAgentInfos().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("antreacontrollerinfos"): return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().AntreaControllerInfos().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("clustergroups"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().ClusterGroups().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("externalippools"): return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().ExternalIPPools().Informer()}, nil + case v1beta1.SchemeGroupVersion.WithResource("groups"): + return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().Groups().Informer()}, nil case v1beta1.SchemeGroupVersion.WithResource("tiers"): return &genericInformer{resource: resource.GroupResource(), informer: f.Crd().V1beta1().Tiers().Informer()}, nil diff --git a/pkg/client/listers/crd/v1beta1/clustergroup.go b/pkg/client/listers/crd/v1beta1/clustergroup.go new file mode 100644 index 00000000000..f3df1f83983 --- /dev/null +++ b/pkg/client/listers/crd/v1beta1/clustergroup.go @@ -0,0 +1,66 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// ClusterGroupLister helps list ClusterGroups. +// All objects returned here must be treated as read-only. +type ClusterGroupLister interface { + // List lists all ClusterGroups in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.ClusterGroup, err error) + // Get retrieves the ClusterGroup from the index for a given name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1beta1.ClusterGroup, error) + ClusterGroupListerExpansion +} + +// clusterGroupLister implements the ClusterGroupLister interface. +type clusterGroupLister struct { + indexer cache.Indexer +} + +// NewClusterGroupLister returns a new ClusterGroupLister. +func NewClusterGroupLister(indexer cache.Indexer) ClusterGroupLister { + return &clusterGroupLister{indexer: indexer} +} + +// List lists all ClusterGroups in the indexer. +func (s *clusterGroupLister) List(selector labels.Selector) (ret []*v1beta1.ClusterGroup, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.ClusterGroup)) + }) + return ret, err +} + +// Get retrieves the ClusterGroup from the index for a given name. +func (s *clusterGroupLister) Get(name string) (*v1beta1.ClusterGroup, error) { + obj, exists, err := s.indexer.GetByKey(name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("clustergroup"), name) + } + return obj.(*v1beta1.ClusterGroup), nil +} diff --git a/pkg/client/listers/crd/v1beta1/expansion_generated.go b/pkg/client/listers/crd/v1beta1/expansion_generated.go index 2a0e63f981f..8df6946e5fa 100644 --- a/pkg/client/listers/crd/v1beta1/expansion_generated.go +++ b/pkg/client/listers/crd/v1beta1/expansion_generated.go @@ -24,10 +24,22 @@ type AntreaAgentInfoListerExpansion interface{} // AntreaControllerInfoLister. type AntreaControllerInfoListerExpansion interface{} +// ClusterGroupListerExpansion allows custom methods to be added to +// ClusterGroupLister. +type ClusterGroupListerExpansion interface{} + // ExternalIPPoolListerExpansion allows custom methods to be added to // ExternalIPPoolLister. type ExternalIPPoolListerExpansion interface{} +// GroupListerExpansion allows custom methods to be added to +// GroupLister. +type GroupListerExpansion interface{} + +// GroupNamespaceListerExpansion allows custom methods to be added to +// GroupNamespaceLister. +type GroupNamespaceListerExpansion interface{} + // TierListerExpansion allows custom methods to be added to // TierLister. type TierListerExpansion interface{} diff --git a/pkg/client/listers/crd/v1beta1/group.go b/pkg/client/listers/crd/v1beta1/group.go new file mode 100644 index 00000000000..56c3d95e716 --- /dev/null +++ b/pkg/client/listers/crd/v1beta1/group.go @@ -0,0 +1,97 @@ +// Copyright 2023 Antrea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Code generated by lister-gen. DO NOT EDIT. + +package v1beta1 + +import ( + v1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" + "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/client-go/tools/cache" +) + +// GroupLister helps list Groups. +// All objects returned here must be treated as read-only. +type GroupLister interface { + // List lists all Groups in the indexer. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.Group, err error) + // Groups returns an object that can list and get Groups. + Groups(namespace string) GroupNamespaceLister + GroupListerExpansion +} + +// groupLister implements the GroupLister interface. +type groupLister struct { + indexer cache.Indexer +} + +// NewGroupLister returns a new GroupLister. +func NewGroupLister(indexer cache.Indexer) GroupLister { + return &groupLister{indexer: indexer} +} + +// List lists all Groups in the indexer. +func (s *groupLister) List(selector labels.Selector) (ret []*v1beta1.Group, err error) { + err = cache.ListAll(s.indexer, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.Group)) + }) + return ret, err +} + +// Groups returns an object that can list and get Groups. +func (s *groupLister) Groups(namespace string) GroupNamespaceLister { + return groupNamespaceLister{indexer: s.indexer, namespace: namespace} +} + +// GroupNamespaceLister helps list and get Groups. +// All objects returned here must be treated as read-only. +type GroupNamespaceLister interface { + // List lists all Groups in the indexer for a given namespace. + // Objects returned here must be treated as read-only. + List(selector labels.Selector) (ret []*v1beta1.Group, err error) + // Get retrieves the Group from the indexer for a given namespace and name. + // Objects returned here must be treated as read-only. + Get(name string) (*v1beta1.Group, error) + GroupNamespaceListerExpansion +} + +// groupNamespaceLister implements the GroupNamespaceLister +// interface. +type groupNamespaceLister struct { + indexer cache.Indexer + namespace string +} + +// List lists all Groups in the indexer for a given namespace. +func (s groupNamespaceLister) List(selector labels.Selector) (ret []*v1beta1.Group, err error) { + err = cache.ListAllByNamespace(s.indexer, s.namespace, selector, func(m interface{}) { + ret = append(ret, m.(*v1beta1.Group)) + }) + return ret, err +} + +// Get retrieves the Group from the indexer for a given namespace and name. +func (s groupNamespaceLister) Get(name string) (*v1beta1.Group, error) { + obj, exists, err := s.indexer.GetByKey(s.namespace + "/" + name) + if err != nil { + return nil, err + } + if !exists { + return nil, errors.NewNotFound(v1beta1.Resource("group"), name) + } + return obj.(*v1beta1.Group), nil +} diff --git a/pkg/controller/networkpolicy/clustergroup.go b/pkg/controller/networkpolicy/clustergroup.go index aad4c948bbb..ed29e637386 100644 --- a/pkg/controller/networkpolicy/clustergroup.go +++ b/pkg/controller/networkpolicy/clustergroup.go @@ -27,14 +27,14 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/pkg/controller/networkpolicy/store" antreatypes "antrea.io/antrea/pkg/controller/types" ) // addClusterGroup is responsible for processing the ADD event of a ClusterGroup resource. func (c *NetworkPolicyController) addClusterGroup(curObj interface{}) { - cg := curObj.(*crdv1alpha3.ClusterGroup) + cg := curObj.(*crdv1beta1.ClusterGroup) key := internalGroupKeyFunc(cg) klog.V(2).Infof("Processing ADD event for ClusterGroup %s", cg.Name) newGroup := c.processClusterGroup(cg) @@ -45,8 +45,8 @@ func (c *NetworkPolicyController) addClusterGroup(curObj interface{}) { // updateClusterGroup is responsible for processing the UPDATE event of a ClusterGroup resource. func (c *NetworkPolicyController) updateClusterGroup(oldObj, curObj interface{}) { - cg := curObj.(*crdv1alpha3.ClusterGroup) - og := oldObj.(*crdv1alpha3.ClusterGroup) + cg := curObj.(*crdv1beta1.ClusterGroup) + og := oldObj.(*crdv1beta1.ClusterGroup) key := internalGroupKeyFunc(cg) klog.V(2).Infof("Processing UPDATE event for ClusterGroup %s", cg.Name) newGroup := c.processClusterGroup(cg) @@ -94,7 +94,7 @@ func (c *NetworkPolicyController) updateClusterGroup(oldObj, curObj interface{}) // deleteClusterGroup is responsible for processing the DELETE event of a ClusterGroup resource. func (c *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { - og, ok := oldObj.(*crdv1alpha3.ClusterGroup) + og, ok := oldObj.(*crdv1beta1.ClusterGroup) klog.V(2).Infof("Processing DELETE event for ClusterGroup %s", og.Name) if !ok { tombstone, ok := oldObj.(cache.DeletedFinalStateUnknown) @@ -102,7 +102,7 @@ func (c *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { klog.Errorf("Error decoding object when deleting ClusterGroup, invalid type: %v", oldObj) return } - og, ok = tombstone.Obj.(*crdv1alpha3.ClusterGroup) + og, ok = tombstone.Obj.(*crdv1beta1.ClusterGroup) if !ok { klog.Errorf("Error decoding object tombstone when deleting ClusterGroup, invalid type: %v", tombstone.Obj) return @@ -117,7 +117,7 @@ func (c *NetworkPolicyController) deleteClusterGroup(oldObj interface{}) { c.enqueueInternalGroup(key) } -func (c *NetworkPolicyController) processClusterGroup(cg *crdv1alpha3.ClusterGroup) *antreatypes.Group { +func (c *NetworkPolicyController) processClusterGroup(cg *crdv1beta1.ClusterGroup) *antreatypes.Group { internalGroup := antreatypes.Group{ SourceReference: getClusterGroupSourceRef(cg), UID: cg.UID, @@ -258,7 +258,7 @@ func (c *NetworkPolicyController) syncInternalClusterGroup(grp *antreatypes.Grou return err } -func getClusterGroupSourceRef(cg *crdv1alpha3.ClusterGroup) *controlplane.GroupReference { +func getClusterGroupSourceRef(cg *crdv1beta1.ClusterGroup) *controlplane.GroupReference { return &controlplane.GroupReference{ Name: cg.GetName(), Namespace: cg.GetNamespace(), @@ -310,23 +310,23 @@ func (c *NetworkPolicyController) triggerCNPUpdates(cg string) { } // updateClusterGroupStatus updates the Status subresource for a ClusterGroup. -func (c *NetworkPolicyController) updateClusterGroupStatus(cg *crdv1alpha3.ClusterGroup, cStatus v1.ConditionStatus) error { - condStatus := crdv1alpha3.GroupCondition{ +func (c *NetworkPolicyController) updateClusterGroupStatus(cg *crdv1beta1.ClusterGroup, cStatus v1.ConditionStatus) error { + condStatus := crdv1beta1.GroupCondition{ Status: cStatus, - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, } if groupMembersComputedConditionEqual(cg.Status.Conditions, condStatus) { // There is no change in conditions. return nil } condStatus.LastTransitionTime = metav1.Now() - status := crdv1alpha3.GroupStatus{ - Conditions: []crdv1alpha3.GroupCondition{condStatus}, + status := crdv1beta1.GroupStatus{ + Conditions: []crdv1beta1.GroupCondition{condStatus}, } klog.V(4).Infof("Updating ClusterGroup %s status to %#v", cg.Name, condStatus) toUpdate := cg.DeepCopy() toUpdate.Status = status - _, err := c.crdClient.CrdV1alpha3().ClusterGroups().UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) + _, err := c.crdClient.CrdV1beta1().ClusterGroups().UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) return err } diff --git a/pkg/controller/networkpolicy/clustergroup_test.go b/pkg/controller/networkpolicy/clustergroup_test.go index afb0ea39d0a..a6f8fef8746 100644 --- a/pkg/controller/networkpolicy/clustergroup_test.go +++ b/pkg/controller/networkpolicy/clustergroup_test.go @@ -29,7 +29,7 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" ) @@ -43,14 +43,14 @@ func TestProcessClusterGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - inputGroup *crdv1alpha3.ClusterGroup + inputGroup *crdv1beta1.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-with-ns-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -65,9 +65,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-pod-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorB, }, }, @@ -82,9 +82,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-pod-ns-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -100,9 +100,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-ip-block", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -127,9 +127,9 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-svc-reference", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgE", UID: "uidE"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc", Namespace: "test-ns", @@ -150,10 +150,10 @@ func TestProcessClusterGroup(t *testing.T) { }, { name: "cg-with-child-groups", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgF", UID: "uidF"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA", "cgB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA", "cgB"}, }, }, expectedGroup: &antreatypes.Group{ @@ -185,14 +185,14 @@ func TestAddClusterGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - inputGroup *crdv1alpha3.ClusterGroup + inputGroup *crdv1beta1.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-with-ns-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -207,9 +207,9 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-pod-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorB, }, }, @@ -224,9 +224,9 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-pod-ns-selector", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -242,9 +242,9 @@ func TestAddClusterGroup(t *testing.T) { }, { name: "cg-with-ip-block", - inputGroup: &crdv1alpha3.ClusterGroup{ + inputGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -285,9 +285,9 @@ func TestUpdateClusterGroup(t *testing.T) { selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} selectorD := metav1.LabelSelector{MatchLabels: map[string]string{"foo4": "bar4"}} - testCG := crdv1alpha3.ClusterGroup{ + testCG := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -296,14 +296,14 @@ func TestUpdateClusterGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - updatedGroup *crdv1alpha3.ClusterGroup + updatedGroup *crdv1beta1.ClusterGroup expectedGroup *antreatypes.Group }{ { name: "cg-update-ns-selector", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorB, }, }, @@ -318,9 +318,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-pod-selector", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorC, }, }, @@ -335,9 +335,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-pod-ns-selector", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -353,9 +353,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-ip-block", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -380,9 +380,9 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-svc-reference", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc", Namespace: "test-ns", @@ -403,10 +403,10 @@ func TestUpdateClusterGroup(t *testing.T) { }, { name: "cg-update-child-groups", - updatedGroup: &crdv1alpha3.ClusterGroup{ + updatedGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgB", "cgC"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgB", "cgC"}, }, }, expectedGroup: &antreatypes.Group{ @@ -434,9 +434,9 @@ func TestUpdateClusterGroup(t *testing.T) { func TestDeleteCG(t *testing.T) { selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - testCG := crdv1alpha3.ClusterGroup{ + testCG := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -451,15 +451,15 @@ func TestDeleteCG(t *testing.T) { func TestClusterClusterGroupMembersComputedConditionEqual(t *testing.T) { tests := []struct { name string - existingConds []crdv1alpha3.GroupCondition + existingConds []crdv1beta1.GroupCondition checkStatus corev1.ConditionStatus expValue bool }{ { name: "groupmem-cond-exists-not-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, Status: corev1.ConditionFalse, }, }, @@ -468,9 +468,9 @@ func TestClusterClusterGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-exists-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, Status: corev1.ConditionTrue, }, }, @@ -479,7 +479,7 @@ func TestClusterClusterGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-not-exists-not-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { Status: corev1.ConditionFalse, }, @@ -490,8 +490,8 @@ func TestClusterClusterGroupMembersComputedConditionEqual(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - inCond := crdv1alpha3.GroupCondition{ - Type: crdv1alpha3.GroupMembersComputed, + inCond := crdv1beta1.GroupCondition{ + Type: crdv1beta1.GroupMembersComputed, Status: tt.checkStatus, } actualValue := groupMembersComputedConditionEqual(tt.existingConds, inCond) @@ -931,9 +931,9 @@ func TestSyncInternalGroup(t *testing.T) { allowAction := crdv1alpha1.RuleActionAllow cgName := "cgA" cgUID := types.UID("uidA") - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: cgName, UID: cgUID}, - Spec: crdv1alpha3.GroupSpec{NamespaceSelector: &selectorA}, + Spec: crdv1beta1.GroupSpec{NamespaceSelector: &selectorA}, } cnp1 := &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnp1", UID: "uid1"}, @@ -1102,12 +1102,12 @@ func TestSyncInternalGroup(t *testing.T) { func TestGetClusterGroupSourceRef(t *testing.T) { tests := []struct { name string - group *crdv1alpha3.ClusterGroup + group *crdv1beta1.ClusterGroup expectedRef *controlplane.GroupReference }{ { name: "cg-ref", - group: &crdv1alpha3.ClusterGroup{ + group: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, }, expectedRef: &controlplane.GroupReference{ @@ -1126,26 +1126,26 @@ func TestGetClusterGroupSourceRef(t *testing.T) { } func TestGetAssociatedIPBlockGroups(t *testing.T) { - cg1 := &crdv1alpha3.ClusterGroup{ + cg1 := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "ipBlockGrp1", UID: "UID1"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "172.60.0.0/16"}, }, }, } - cg2 := &crdv1alpha3.ClusterGroup{ + cg2 := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "ipBlockGrp2", UID: "UID2"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "172.60.2.0/24"}, }, }, } - cg2Parent := &crdv1alpha3.ClusterGroup{ + cg2Parent := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "ipBlockParentGrp", UID: "UID3"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{ + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{ "ipBlockGrp2", }, }, diff --git a/pkg/controller/networkpolicy/clusternetworkpolicy_test.go b/pkg/controller/networkpolicy/clusternetworkpolicy_test.go index 8fcabbac8b0..0c57733922a 100644 --- a/pkg/controller/networkpolicy/clusternetworkpolicy_test.go +++ b/pkg/controller/networkpolicy/clusternetworkpolicy_test.go @@ -29,7 +29,6 @@ import ( "antrea.io/antrea/multicluster/controllers/multicluster/common" "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" "antrea.io/antrea/pkg/util/k8s" @@ -93,9 +92,9 @@ func TestProcessClusterNetworkPolicy(t *testing.T) { selectorD := metav1.LabelSelector{MatchLabels: map[string]string{"internal.antrea.io/service-account": saA.Name}} queryAddr := "224.0.0.1" reportAddr := "225.1.2.3" - cgA := crdv1alpha3.ClusterGroup{ + cgA := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -1792,16 +1791,16 @@ func TestProcessRefGroupOrClusterGroup(t *testing.T) { cidr := "10.0.0.0/24" cidrIPNet, _ := cidrStrToIPNet(cidr) // cgA with selector present in cache - cgA := crdv1alpha3.ClusterGroup{ + cgA := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } // cgB with IPBlock present in cache - cgB := crdv1alpha3.ClusterGroup{ + cgB := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -1810,35 +1809,35 @@ func TestProcessRefGroupOrClusterGroup(t *testing.T) { }, } // cgC not found in cache - cgC := crdv1alpha3.ClusterGroup{ + cgC := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } - cgNested1 := crdv1alpha3.ClusterGroup{ + cgNested1 := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgB"}, }, } - cgNested2 := crdv1alpha3.ClusterGroup{ + cgNested2 := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgE", UID: "uidE"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA", "cgB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA", "cgB"}, }, } // gA with selector present in cache - gA := crdv1alpha3.Group{ + gA := crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidGA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } // gB with IPBlock present in cache - gB := crdv1alpha3.Group{ + gB := crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsB", Name: "gB", UID: "uidGB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -2003,9 +2002,9 @@ func getCNP() *crdv1alpha1.ClusterNetworkPolicy { } func TestFilterPerNamespaceRuleACNPsByNSLabels(t *testing.T) { - group := &crdv1alpha3.ClusterGroup{ + group := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "group1"}, - Spec: crdv1alpha3.GroupSpec{NamespaceSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}}}, + Spec: crdv1beta1.GroupSpec{NamespaceSelector: &metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}}}, } cnpWithSpecAppliedTo := &crdv1alpha1.ClusterNetworkPolicy{ ObjectMeta: metav1.ObjectMeta{Name: "cnp-with-spec-appliedTo"}, diff --git a/pkg/controller/networkpolicy/convert.go b/pkg/controller/networkpolicy/convert.go index b1d960227d5..50ca307d7f6 100644 --- a/pkg/controller/networkpolicy/convert.go +++ b/pkg/controller/networkpolicy/convert.go @@ -39,7 +39,7 @@ func ConvertClusterGroupCRD(Object *unstructured.Unstructured, toVersion string) switch Object.GetAPIVersion() { case "crd.antrea.io/v1alpha2": switch toVersion { - case "crd.antrea.io/v1alpha3": + case "crd.antrea.io/v1alpha3", "crd.antrea.io/v1beta1": ipb, found, err := unstructured.NestedMap(convertedObject.Object, "spec", "ipBlock") if err == nil && found && len(ipb) > 0 { unstructured.RemoveNestedField(convertedObject.Object, "spec", "ipBlock") @@ -51,9 +51,9 @@ func ConvertClusterGroupCRD(Object *unstructured.Unstructured, toVersion string) default: return nil, statusErrorWithMessage("unexpected conversion version %q", toVersion) } - case "crd.antrea.io/v1alpha3": + case "crd.antrea.io/v1alpha3", "crd.antrea.io/v1beta1": switch toVersion { - case "crd.antrea.io/v1alpha2": + case "crd.antrea.io/v1alpha2", "crd.antrea.io/v1alpha3", "crd.antrea.io/v1beta1": return convertedObject, metav1.Status{ Status: metav1.StatusSuccess, } diff --git a/pkg/controller/networkpolicy/crd_utils.go b/pkg/controller/networkpolicy/crd_utils.go index 5a240436a6c..788d111ac5f 100644 --- a/pkg/controller/networkpolicy/crd_utils.go +++ b/pkg/controller/networkpolicy/crd_utils.go @@ -28,7 +28,7 @@ import ( "antrea.io/antrea/multicluster/controllers/multicluster/common" "antrea.io/antrea/pkg/apis/controlplane" "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" "antrea.io/antrea/pkg/util/k8s" ) @@ -61,9 +61,9 @@ func NetworkPolicyStatusEqual(oldStatus, newStatus v1alpha1.NetworkPolicyStatus) // groupMembersComputedConditionEqual checks whether the condition status for GroupMembersComputed condition // is same. Returns true if equal, otherwise returns false. It disregards the lastTransitionTime field. -func groupMembersComputedConditionEqual(conds []crdv1alpha3.GroupCondition, condition crdv1alpha3.GroupCondition) bool { +func groupMembersComputedConditionEqual(conds []crdv1beta1.GroupCondition, condition crdv1beta1.GroupCondition) bool { for _, c := range conds { - if c.Type == crdv1alpha3.GroupMembersComputed { + if c.Type == crdv1beta1.GroupMembersComputed { if c.Status == condition.Status { return true } diff --git a/pkg/controller/networkpolicy/crd_utils_test.go b/pkg/controller/networkpolicy/crd_utils_test.go index 73714175ada..1379b498f99 100644 --- a/pkg/controller/networkpolicy/crd_utils_test.go +++ b/pkg/controller/networkpolicy/crd_utils_test.go @@ -26,7 +26,7 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" "antrea.io/antrea/pkg/features" ) @@ -297,9 +297,9 @@ func TestToAntreaPeerForCRD(t *testing.T) { matchAllPodsPeer := matchAllPeer matchAllPodsPeer.AddressGroups = []string{getNormalizedUID(antreatypes.NewGroupSelector("", nil, &selectorAll, nil, nil).NormalizedName)} // cgA with selector present in cache - cgA := crdv1alpha3.ClusterGroup{ + cgA := crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -506,23 +506,23 @@ func TestCreateAppliedToGroupsForGroup(t *testing.T) { selector := metav1.LabelSelector{MatchLabels: map[string]string{"foo": "bar"}} cidr := "10.0.0.0/24" // cgA with selector present in cache - clusterGroupWithSelector := &crdv1alpha3.ClusterGroup{ + clusterGroupWithSelector := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{NamespaceSelector: &selector}, + Spec: crdv1beta1.GroupSpec{NamespaceSelector: &selector}, } // cgB with IPBlock present in cache - clusterGroupWithIPBlock := &crdv1alpha3.ClusterGroup{ + clusterGroupWithIPBlock := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{IPBlocks: []crdv1alpha1.IPBlock{{CIDR: cidr}}}, + Spec: crdv1beta1.GroupSpec{IPBlocks: []crdv1alpha1.IPBlock{{CIDR: cidr}}}, } - groupWithSelector := &crdv1alpha3.Group{ + groupWithSelector := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{PodSelector: &selector}, + Spec: crdv1beta1.GroupSpec{PodSelector: &selector}, } // gB with IPBlock present in cache - groupWithIPBlock := &crdv1alpha3.Group{ + groupWithIPBlock := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsB", Name: "gB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{IPBlocks: []crdv1alpha1.IPBlock{{CIDR: cidr}}}, + Spec: crdv1beta1.GroupSpec{IPBlocks: []crdv1alpha1.IPBlock{{CIDR: cidr}}}, } _, npc := newController(nil, nil) npc.addClusterGroup(clusterGroupWithSelector) diff --git a/pkg/controller/networkpolicy/group.go b/pkg/controller/networkpolicy/group.go index 251805a8abe..74349b24e66 100644 --- a/pkg/controller/networkpolicy/group.go +++ b/pkg/controller/networkpolicy/group.go @@ -26,13 +26,13 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" ) // addGroup is responsible for processing the ADD event of a Group resource. func (n *NetworkPolicyController) addGroup(curObj interface{}) { - g := curObj.(*crdv1alpha3.Group) + g := curObj.(*crdv1beta1.Group) key := internalGroupKeyFunc(g) klog.V(2).InfoS("Processing ADD event for Group", "Group", key) newGroup := n.processGroup(g) @@ -43,8 +43,8 @@ func (n *NetworkPolicyController) addGroup(curObj interface{}) { // updateGroup is responsible for processing the UPDATE event of a Group resource. func (n *NetworkPolicyController) updateGroup(oldObj, curObj interface{}) { - cg := curObj.(*crdv1alpha3.Group) - og := oldObj.(*crdv1alpha3.Group) + cg := curObj.(*crdv1beta1.Group) + og := oldObj.(*crdv1beta1.Group) key := internalGroupKeyFunc(cg) klog.V(2).InfoS("Processing UPDATE event for Group", "Group", key) newGroup := n.processGroup(cg) @@ -92,7 +92,7 @@ func (n *NetworkPolicyController) updateGroup(oldObj, curObj interface{}) { // deleteGroup is responsible for processing the DELETE event of a Group resource. func (n *NetworkPolicyController) deleteGroup(oldObj interface{}) { - og, ok := oldObj.(*crdv1alpha3.Group) + og, ok := oldObj.(*crdv1beta1.Group) klog.V(2).InfoS("Processing DELETE event for Group", "Group", internalGroupKeyFunc(og)) if !ok { tombstone, ok := oldObj.(cache.DeletedFinalStateUnknown) @@ -100,7 +100,7 @@ func (n *NetworkPolicyController) deleteGroup(oldObj interface{}) { klog.Errorf("Error decoding object when deleting Group, invalid type: %v", oldObj) return } - og, ok = tombstone.Obj.(*crdv1alpha3.Group) + og, ok = tombstone.Obj.(*crdv1beta1.Group) if !ok { klog.Errorf("Error decoding object tombstone when deleting Group, invalid type: %v", tombstone.Obj) return @@ -115,7 +115,7 @@ func (n *NetworkPolicyController) deleteGroup(oldObj interface{}) { n.enqueueInternalGroup(key) } -func (n *NetworkPolicyController) processGroup(g *crdv1alpha3.Group) *antreatypes.Group { +func (n *NetworkPolicyController) processGroup(g *crdv1beta1.Group) *antreatypes.Group { internalGroup := antreatypes.Group{ SourceReference: getGroupSourceRef(g), UID: g.UID, @@ -150,7 +150,7 @@ func (n *NetworkPolicyController) processGroup(g *crdv1alpha3.Group) *antreatype return &internalGroup } -func getGroupSourceRef(g *crdv1alpha3.Group) *controlplane.GroupReference { +func getGroupSourceRef(g *crdv1beta1.Group) *controlplane.GroupReference { return &controlplane.GroupReference{ Name: g.GetName(), Namespace: g.GetNamespace(), @@ -226,22 +226,22 @@ func (n *NetworkPolicyController) triggerANNPUpdates(g string) { } // updateGroupStatus updates the Status subresource for a Group. -func (n *NetworkPolicyController) updateGroupStatus(g *crdv1alpha3.Group, cStatus v1.ConditionStatus) error { - condStatus := crdv1alpha3.GroupCondition{ +func (n *NetworkPolicyController) updateGroupStatus(g *crdv1beta1.Group, cStatus v1.ConditionStatus) error { + condStatus := crdv1beta1.GroupCondition{ Status: cStatus, - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, } if groupMembersComputedConditionEqual(g.Status.Conditions, condStatus) { // There is no change in conditions. return nil } condStatus.LastTransitionTime = metav1.Now() - status := crdv1alpha3.GroupStatus{ - Conditions: []crdv1alpha3.GroupCondition{condStatus}, + status := crdv1beta1.GroupStatus{ + Conditions: []crdv1beta1.GroupCondition{condStatus}, } klog.V(4).InfoS("Updating Group status", "Group", internalGroupKeyFunc(g), "status", condStatus) toUpdate := g.DeepCopy() toUpdate.Status = status - _, err := n.crdClient.CrdV1alpha3().Groups(g.GetNamespace()).UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) + _, err := n.crdClient.CrdV1beta1().Groups(g.GetNamespace()).UpdateStatus(context.TODO(), toUpdate, metav1.UpdateOptions{}) return err } diff --git a/pkg/controller/networkpolicy/group_test.go b/pkg/controller/networkpolicy/group_test.go index 4f252d4b0bc..69fa9027542 100644 --- a/pkg/controller/networkpolicy/group_test.go +++ b/pkg/controller/networkpolicy/group_test.go @@ -25,7 +25,7 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" antreatypes "antrea.io/antrea/pkg/controller/types" ) @@ -39,14 +39,14 @@ func TestProcessGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - inputGroup *crdv1alpha3.Group + inputGroup *crdv1beta1.Group expectedGroup *antreatypes.Group }{ { name: "g-with-ns-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -62,9 +62,9 @@ func TestProcessGroup(t *testing.T) { }, { name: "g-with-pod-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsB", Name: "gB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorB, }, }, @@ -80,9 +80,9 @@ func TestProcessGroup(t *testing.T) { }, { name: "g-with-pod-ns-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsC", Name: "gC", UID: "uidC"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -99,9 +99,9 @@ func TestProcessGroup(t *testing.T) { }, { name: "g-with-ip-block", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsD", Name: "gD", UID: "uidD"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -127,9 +127,9 @@ func TestProcessGroup(t *testing.T) { }, { name: "g-with-svc-reference", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsE", Name: "gE", UID: "uidE"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc", Namespace: "nsE", @@ -151,10 +151,10 @@ func TestProcessGroup(t *testing.T) { }, { name: "g-with-child-groups", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsF", Name: "gF", UID: "uidF"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"gA", "gB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"gA", "gB"}, }, }, expectedGroup: &antreatypes.Group{ @@ -187,14 +187,14 @@ func TestAddGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - inputGroup *crdv1alpha3.Group + inputGroup *crdv1beta1.Group expectedGroup *antreatypes.Group }{ { name: "g-with-ns-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, }, @@ -210,9 +210,9 @@ func TestAddGroup(t *testing.T) { }, { name: "g-with-pod-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsB", Name: "gB", UID: "uidB"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorB, }, }, @@ -228,9 +228,9 @@ func TestAddGroup(t *testing.T) { }, { name: "g-with-pod-ns-selector", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsC", Name: "gC", UID: "uidC"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -247,9 +247,9 @@ func TestAddGroup(t *testing.T) { }, { name: "g-with-ip-block", - inputGroup: &crdv1alpha3.Group{ + inputGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsD", Name: "gD", UID: "uidD"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -291,9 +291,9 @@ func TestUpdateGroup(t *testing.T) { selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} selectorD := metav1.LabelSelector{MatchLabels: map[string]string{"foo4": "bar4"}} - testG := crdv1alpha3.Group{ + testG := crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -302,14 +302,14 @@ func TestUpdateGroup(t *testing.T) { _, ipNet, _ := net.ParseCIDR(cidr) tests := []struct { name string - updatedGroup *crdv1alpha3.Group + updatedGroup *crdv1beta1.Group expectedGroup *antreatypes.Group }{ { name: "g-update-ns-selector", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorB, }, }, @@ -325,9 +325,9 @@ func TestUpdateGroup(t *testing.T) { }, { name: "g-update-pod-selector", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &selectorC, }, }, @@ -343,9 +343,9 @@ func TestUpdateGroup(t *testing.T) { }, { name: "g-update-pod-ns-selector", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorD, PodSelector: &selectorC, }, @@ -362,9 +362,9 @@ func TestUpdateGroup(t *testing.T) { }, { name: "g-update-ip-block", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ { CIDR: cidr, @@ -390,9 +390,9 @@ func TestUpdateGroup(t *testing.T) { }, { name: "g-update-svc-reference", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc", Namespace: "nsA", @@ -414,10 +414,10 @@ func TestUpdateGroup(t *testing.T) { }, { name: "g-update-child-groups", - updatedGroup: &crdv1alpha3.Group{ + updatedGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"gB", "gC"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"gB", "gC"}, }, }, expectedGroup: &antreatypes.Group{ @@ -446,9 +446,9 @@ func TestUpdateGroup(t *testing.T) { func TestDeleteG(t *testing.T) { selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - testG := crdv1alpha3.Group{ + testG := crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -463,15 +463,15 @@ func TestDeleteG(t *testing.T) { func TestGroupMembersComputedConditionEqual(t *testing.T) { tests := []struct { name string - existingConds []crdv1alpha3.GroupCondition + existingConds []crdv1beta1.GroupCondition checkStatus corev1.ConditionStatus expValue bool }{ { name: "groupmem-cond-exists-not-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, Status: corev1.ConditionFalse, }, }, @@ -480,9 +480,9 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-exists-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { - Type: crdv1alpha3.GroupMembersComputed, + Type: crdv1beta1.GroupMembersComputed, Status: corev1.ConditionTrue, }, }, @@ -491,7 +491,7 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { }, { name: "groupmem-cond-not-exists-not-equal", - existingConds: []crdv1alpha3.GroupCondition{ + existingConds: []crdv1beta1.GroupCondition{ { Status: corev1.ConditionFalse, }, @@ -502,8 +502,8 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - inCond := crdv1alpha3.GroupCondition{ - Type: crdv1alpha3.GroupMembersComputed, + inCond := crdv1beta1.GroupCondition{ + Type: crdv1beta1.GroupMembersComputed, Status: tt.checkStatus, } actualValue := groupMembersComputedConditionEqual(tt.existingConds, inCond) @@ -515,12 +515,12 @@ func TestGroupMembersComputedConditionEqual(t *testing.T) { func TestGetGroupSourceRef(t *testing.T) { tests := []struct { name string - group *crdv1alpha3.Group + group *crdv1beta1.Group expectedRef *controlplane.GroupReference }{ { name: "cg-ref", - group: &crdv1alpha3.Group{ + group: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uidA"}, }, expectedRef: &controlplane.GroupReference{ diff --git a/pkg/controller/networkpolicy/networkpolicy_controller.go b/pkg/controller/networkpolicy/networkpolicy_controller.go index 041c2c2762d..5d1373cfebe 100644 --- a/pkg/controller/networkpolicy/networkpolicy_controller.go +++ b/pkg/controller/networkpolicy/networkpolicy_controller.go @@ -51,10 +51,8 @@ import ( "antrea.io/antrea/pkg/apiserver/storage" "antrea.io/antrea/pkg/client/clientset/versioned" secinformers "antrea.io/antrea/pkg/client/informers/externalversions/crd/v1alpha1" - crdv1a3informers "antrea.io/antrea/pkg/client/informers/externalversions/crd/v1alpha3" crdv1b1informers "antrea.io/antrea/pkg/client/informers/externalversions/crd/v1beta1" seclisters "antrea.io/antrea/pkg/client/listers/crd/v1alpha1" - crdv1a3listers "antrea.io/antrea/pkg/client/listers/crd/v1alpha3" crdv1b1listers "antrea.io/antrea/pkg/client/listers/crd/v1beta1" "antrea.io/antrea/pkg/controller/grouping" "antrea.io/antrea/pkg/controller/labelidentity" @@ -188,10 +186,10 @@ type NetworkPolicyController struct { // tierListerSynced is a function which returns true if the Tiers shared informer has been synced at least once. tierListerSynced cache.InformerSynced - cgInformer crdv1a3informers.ClusterGroupInformer + cgInformer crdv1b1informers.ClusterGroupInformer // cgLister is able to list/get ClusterGroups and is populated by the shared informer passed to // NewClusterGroupController. - cgLister crdv1a3listers.ClusterGroupLister + cgLister crdv1b1listers.ClusterGroupLister // cgListerSynced is a function which returns true if the ClusterGroup shared informer has been synced at least // once. cgListerSynced cache.InformerSynced @@ -203,10 +201,10 @@ type NetworkPolicyController struct { // nodeListerSynced is a function which returns true if the Node shared informer has been synced at least once. nodeListerSynced cache.InformerSynced - grpInformer crdv1a3informers.GroupInformer + grpInformer crdv1b1informers.GroupInformer // grpLister is able to list/get Groups and is populated by the shared informer passed to // NewGroupController. - grpLister crdv1a3listers.GroupLister + grpLister crdv1b1listers.GroupLister // grpListerSynced is a function which returns true if the Group shared informer has been synced at least // once. grpListerSynced cache.InformerSynced @@ -388,8 +386,8 @@ func NewNetworkPolicyController(kubeClient clientset.Interface, acnpInformer secinformers.ClusterNetworkPolicyInformer, annpInformer secinformers.NetworkPolicyInformer, tierInformer crdv1b1informers.TierInformer, - cgInformer crdv1a3informers.ClusterGroupInformer, - grpInformer crdv1a3informers.GroupInformer, + cgInformer crdv1b1informers.ClusterGroupInformer, + grpInformer crdv1b1informers.GroupInformer, addressGroupStore storage.Interface, appliedToGroupStore storage.Interface, internalNetworkPolicyStore storage.Interface, diff --git a/pkg/controller/networkpolicy/networkpolicy_controller_test.go b/pkg/controller/networkpolicy/networkpolicy_controller_test.go index aa3021778e4..0125cc4315b 100644 --- a/pkg/controller/networkpolicy/networkpolicy_controller_test.go +++ b/pkg/controller/networkpolicy/networkpolicy_controller_test.go @@ -47,7 +47,7 @@ import ( "antrea.io/antrea/pkg/apis/controlplane" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" "antrea.io/antrea/pkg/apis/crd/v1alpha2" - "antrea.io/antrea/pkg/apis/crd/v1alpha3" + "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/pkg/apiserver/storage" fakeversioned "antrea.io/antrea/pkg/client/clientset/versioned/fake" crdinformers "antrea.io/antrea/pkg/client/informers/externalversions" @@ -113,8 +113,8 @@ func newController(k8sObjects, crdObjects []runtime.Object) (*fake.Clientset, *n addressGroupStore := store.NewAddressGroupStore() internalNetworkPolicyStore := store.NewNetworkPolicyStore() internalGroupStore := store.NewGroupStore() - cgInformer := crdInformerFactory.Crd().V1alpha3().ClusterGroups() - gInformer := crdInformerFactory.Crd().V1alpha3().Groups() + cgInformer := crdInformerFactory.Crd().V1beta1().ClusterGroups() + gInformer := crdInformerFactory.Crd().V1beta1().Groups() groupEntityIndex := grouping.NewGroupEntityIndex() groupingController := grouping.NewGroupEntityController(groupEntityIndex, informerFactory.Core().V1().Pods(), @@ -161,8 +161,8 @@ func newController(k8sObjects, crdObjects []runtime.Object) (*fake.Clientset, *n crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies().Informer().GetStore(), crdInformerFactory.Crd().V1alpha1().NetworkPolicies().Informer().GetStore(), crdInformerFactory.Crd().V1beta1().Tiers().Informer().GetStore(), - crdInformerFactory.Crd().V1alpha3().ClusterGroups().Informer().GetStore(), - crdInformerFactory.Crd().V1alpha3().Groups().Informer().GetStore(), + crdInformerFactory.Crd().V1beta1().ClusterGroups().Informer().GetStore(), + crdInformerFactory.Crd().V1beta1().Groups().Informer().GetStore(), appliedToGroupStore, addressGroupStore, internalNetworkPolicyStore, @@ -189,8 +189,8 @@ func newControllerWithoutEventHandler(k8sObjects, crdObjects []runtime.Object) ( tierInformer := crdInformerFactory.Crd().V1beta1().Tiers() acnpInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() annpInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() - cgInformer := crdInformerFactory.Crd().V1alpha3().ClusterGroups() - groupInformer := crdInformerFactory.Crd().V1alpha3().Groups() + cgInformer := crdInformerFactory.Crd().V1beta1().ClusterGroups() + groupInformer := crdInformerFactory.Crd().V1beta1().Groups() groupEntityIndex := grouping.NewGroupEntityIndex() npController := &NetworkPolicyController{ kubeClient: client, @@ -316,11 +316,11 @@ func TestAddPod(t *testing.T) { selectorGroup := metav1.LabelSelector{ MatchLabels: map[string]string{"clustergroup": "yes"}, } - testCG := &v1alpha3.ClusterGroup{ + testCG := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgA", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorGroup, }, } @@ -794,11 +794,11 @@ func TestDeletePod(t *testing.T) { selectorGroup := metav1.LabelSelector{ MatchLabels: ruleLabels, } - testCG := &v1alpha3.ClusterGroup{ + testCG := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgA", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorGroup, }, } @@ -856,11 +856,11 @@ func TestAddNamespace(t *testing.T) { selectorGroup := metav1.LabelSelector{ MatchLabels: map[string]string{"clustergroup": "yes"}, } - testCG := &v1alpha3.ClusterGroup{ + testCG := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgA", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ NamespaceSelector: &selectorGroup, }, } @@ -1015,11 +1015,11 @@ func TestDeleteNamespace(t *testing.T) { selectorGroup := metav1.LabelSelector{ MatchLabels: map[string]string{"clustergroup": "yes"}, } - testCG := &v1alpha3.ClusterGroup{ + testCG := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgA", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ NamespaceSelector: &selectorGroup, }, } @@ -1207,22 +1207,22 @@ func TestAddAndUpdateService(t *testing.T) { }, }, } - testCG1 := &v1alpha3.ClusterGroup{ + testCG1 := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-1", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc-1", Namespace: "test-ns", }, }, } - testCG2 := &v1alpha3.ClusterGroup{ + testCG2 := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-2", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc-2", Namespace: "test-ns", @@ -1313,11 +1313,11 @@ func TestDeleteService(t *testing.T) { }, }, } - testCG := &v1alpha3.ClusterGroup{ + testCG := &v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "test-cg", }, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ ServiceReference: &crdv1alpha1.NamespacedName{ Name: "test-svc", Namespace: "test-ns", @@ -2481,9 +2481,9 @@ func TestDeleteFinalStateUnknownNetworkPolicy(t *testing.T) { func TestInternalGroupKeyFunc(t *testing.T) { expValue := "cgA" - cg := v1alpha3.ClusterGroup{ + cg := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uid-a"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -2491,9 +2491,9 @@ func TestInternalGroupKeyFunc(t *testing.T) { assert.Equal(t, expValue, actualValue) expValue = "nsA/gA" - g := v1alpha3.Group{ + g := v1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "gA", UID: "uid-a"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ NamespaceSelector: &selectorA, }, } @@ -2505,48 +2505,48 @@ func TestGetAppliedToWorkloads(t *testing.T) { var emptyEEs []*v1alpha2.ExternalEntity var emptyPods []*corev1.Pod selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - cgA := v1alpha3.ClusterGroup{ + cgA := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorA, }, } selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} - cgB := v1alpha3.ClusterGroup{ + cgB := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorB, }, } selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} - cgC := v1alpha3.ClusterGroup{ + cgC := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorC, }, } - cgD := v1alpha3.ClusterGroup{ + cgD := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorC, }, } - nestedCG1 := v1alpha3.ClusterGroup{ + nestedCG1 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-B", UID: "uidE"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgB"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgB"}, }, } - nestedCG2 := v1alpha3.ClusterGroup{ + nestedCG2 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-C", UID: "uidF"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgC"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgC"}, }, } - nestedCG3 := v1alpha3.ClusterGroup{ + nestedCG3 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-C", UID: "uidG"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgC", "cgD"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgC", "cgD"}, }, } podA := getPod("podA", "nsA", "nodeA", "10.0.0.1", false) @@ -2608,7 +2608,7 @@ func TestGetAppliedToWorkloads(t *testing.T) { _, c := newController(nil, nil) c.groupingInterface.AddPod(podA) c.groupingInterface.AddPod(podB) - clusterGroups := []v1alpha3.ClusterGroup{cgA, cgB, cgC, cgD, nestedCG1, nestedCG2} + clusterGroups := []v1beta1.ClusterGroup{cgA, cgB, cgC, cgD, nestedCG1, nestedCG2} for i, cg := range clusterGroups { c.cgStore.Add(&clusterGroups[i]) c.addClusterGroup(&clusterGroups[i]) @@ -2626,48 +2626,48 @@ func TestGetAppliedToWorkloads(t *testing.T) { func TestGetAddressGroupMemberSet(t *testing.T) { selectorA := metav1.LabelSelector{MatchLabels: map[string]string{"foo1": "bar1"}} - cgA := v1alpha3.ClusterGroup{ + cgA := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgA", UID: "uidA"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorA, }, } selectorB := metav1.LabelSelector{MatchLabels: map[string]string{"foo2": "bar2"}} - cgB := v1alpha3.ClusterGroup{ + cgB := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgB", UID: "uidB"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorB, }, } selectorC := metav1.LabelSelector{MatchLabels: map[string]string{"foo3": "bar3"}} - cgC := v1alpha3.ClusterGroup{ + cgC := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgC", UID: "uidC"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorC, }, } - cgD := v1alpha3.ClusterGroup{ + cgD := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "cgD", UID: "uidD"}, - Spec: v1alpha3.GroupSpec{ + Spec: v1beta1.GroupSpec{ PodSelector: &selectorC, }, } - nestedCG1 := v1alpha3.ClusterGroup{ + nestedCG1 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-B", UID: "uidE"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgB"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgB"}, }, } - nestedCG2 := v1alpha3.ClusterGroup{ + nestedCG2 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-C", UID: "uidF"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgC"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgC"}, }, } - nestedCG3 := v1alpha3.ClusterGroup{ + nestedCG3 := v1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "nested-cg-A-C", UID: "uidG"}, - Spec: v1alpha3.GroupSpec{ - ChildGroups: []v1alpha3.ClusterGroupReference{"cgA", "cgC", "cgD"}, + Spec: v1beta1.GroupSpec{ + ChildGroups: []v1beta1.ClusterGroupReference{"cgA", "cgC", "cgD"}, }, } podA := getPod("podA", "nsA", "nodeA", "10.0.0.1", false) @@ -2729,7 +2729,7 @@ func TestGetAddressGroupMemberSet(t *testing.T) { _, c := newController(nil, nil) c.groupingInterface.AddPod(podA) c.groupingInterface.AddPod(podB) - clusterGroups := []v1alpha3.ClusterGroup{cgA, cgB, cgC, cgD, nestedCG1, nestedCG2} + clusterGroups := []v1beta1.ClusterGroup{cgA, cgB, cgC, cgD, nestedCG1, nestedCG2} for i, cg := range clusterGroups { c.cgStore.Add(&clusterGroups[i]) c.addClusterGroup(&clusterGroups[i]) @@ -3253,16 +3253,16 @@ func TestSyncInternalNetworkPolicyWithGroups(t *testing.T) { tests := []struct { name string - groups []*v1alpha3.Group + groups []*v1beta1.Group inputPolicy *crdv1alpha1.NetworkPolicy expectedPolicy *antreatypes.NetworkPolicy }{ { name: "annp with valid group", - groups: []*v1alpha3.Group{ + groups: []*v1beta1.Group{ { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "groupA"}, - Spec: v1alpha3.GroupSpec{PodSelector: &selectorA}, + Spec: v1beta1.GroupSpec{PodSelector: &selectorA}, }, }, inputPolicy: &crdv1alpha1.NetworkPolicy{ @@ -3304,14 +3304,14 @@ func TestSyncInternalNetworkPolicyWithGroups(t *testing.T) { }, { name: "annp with valid parent group", - groups: []*v1alpha3.Group{ + groups: []*v1beta1.Group{ { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "parentGroup"}, - Spec: v1alpha3.GroupSpec{ChildGroups: []v1alpha3.ClusterGroupReference{"groupA"}}, + Spec: v1beta1.GroupSpec{ChildGroups: []v1beta1.ClusterGroupReference{"groupA"}}, }, { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "groupA"}, - Spec: v1alpha3.GroupSpec{PodSelector: &selectorA}, + Spec: v1beta1.GroupSpec{PodSelector: &selectorA}, }, }, inputPolicy: &crdv1alpha1.NetworkPolicy{ @@ -3353,10 +3353,10 @@ func TestSyncInternalNetworkPolicyWithGroups(t *testing.T) { }, { name: "annp with invalid group selecting pods in multiple Namespaces", - groups: []*v1alpha3.Group{ + groups: []*v1beta1.Group{ { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "groupA"}, - Spec: v1alpha3.GroupSpec{NamespaceSelector: &metav1.LabelSelector{}, PodSelector: &selectorA}, + Spec: v1beta1.GroupSpec{NamespaceSelector: &metav1.LabelSelector{}, PodSelector: &selectorA}, }, }, inputPolicy: &crdv1alpha1.NetworkPolicy{ @@ -3398,14 +3398,14 @@ func TestSyncInternalNetworkPolicyWithGroups(t *testing.T) { }, { name: "annp with invalid parent group selecting pods in multiple Namespaces", - groups: []*v1alpha3.Group{ + groups: []*v1beta1.Group{ { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "parentGroup"}, - Spec: v1alpha3.GroupSpec{ChildGroups: []v1alpha3.ClusterGroupReference{"groupA"}}, + Spec: v1beta1.GroupSpec{ChildGroups: []v1beta1.ClusterGroupReference{"groupA"}}, }, { ObjectMeta: metav1.ObjectMeta{Namespace: "nsA", Name: "groupA"}, - Spec: v1alpha3.GroupSpec{NamespaceSelector: &metav1.LabelSelector{}, PodSelector: &selectorA}, + Spec: v1beta1.GroupSpec{NamespaceSelector: &metav1.LabelSelector{}, PodSelector: &selectorA}, }, }, inputPolicy: &crdv1alpha1.NetworkPolicy{ @@ -3460,7 +3460,7 @@ func TestSyncInternalNetworkPolicyWithGroups(t *testing.T) { go c.Run(stopCh) for _, group := range tt.groups { - c.crdClient.CrdV1alpha3().Groups(group.Namespace).Create(context.TODO(), group, metav1.CreateOptions{}) + c.crdClient.CrdV1beta1().Groups(group.Namespace).Create(context.TODO(), group, metav1.CreateOptions{}) } c.crdClient.CrdV1alpha1().NetworkPolicies(tt.inputPolicy.Namespace).Create(context.TODO(), tt.inputPolicy, metav1.CreateOptions{}) diff --git a/pkg/controller/networkpolicy/validate.go b/pkg/controller/networkpolicy/validate.go index 1a2e19da2dd..c085ab2782f 100644 --- a/pkg/controller/networkpolicy/validate.go +++ b/pkg/controller/networkpolicy/validate.go @@ -34,8 +34,6 @@ import ( "k8s.io/klog/v2" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/pkg/controller/networkpolicy/store" "antrea.io/antrea/pkg/features" @@ -159,6 +157,9 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi switch ar.Request.Kind.Kind { case "Tier": klog.V(2).Info("Validating Tier CRD") + // Current serving versions of Tier are v1alpha1 and v1beta1. They have the same + // schema and the same validating logic, and we only store v1beta1 in the etcd. So + // we unmarshal both of them into a v1beta1 object to do validation. var curTier, oldTier crdv1beta1.Tier if curRaw != nil { if err := json.Unmarshal(curRaw, &curTier); err != nil { @@ -175,7 +176,10 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi msg, allowed = v.validateTier(&curTier, &oldTier, op, ui) case "ClusterGroup": klog.V(2).Info("Validating ClusterGroup CRD") - var curCG, oldCG crdv1alpha2.ClusterGroup + // Current serving versions of ClusterGroup are v1alpha3 and v1beta1. They have + // the same schema and the same validating logic, and we only store v1beta1 in + // the etcd. So we unmarshal both of them into a v1beta1 object to do validation. + var curCG, oldCG crdv1beta1.ClusterGroup if curRaw != nil { if err := json.Unmarshal(curRaw, &curCG); err != nil { klog.Errorf("Error de-serializing current ClusterGroup") @@ -191,7 +195,10 @@ func (v *NetworkPolicyValidator) Validate(ar *admv1.AdmissionReview) *admv1.Admi msg, allowed = v.validateAntreaGroup(&curCG, &oldCG, op, ui) case "Group": klog.V(2).Info("Validating Group CRD") - var curG, oldG crdv1alpha3.Group + // Current serving versions of Group are v1alpha3 and v1beta1. They have the same + // schema and the same validating logic, and we only store v1beta1 in the etcd. So + // we unmarshal both of them into a v1beta1 object to do validation. + var curG, oldG crdv1beta1.Group if curRaw != nil { if err := json.Unmarshal(curRaw, &curG); err != nil { klog.Errorf("Error de-serializing current Group") @@ -893,7 +900,7 @@ func (t *tierValidator) deleteValidate(oldObj interface{}, userInfo authenticati // validateAntreaClusterGroupSpec ensures that an IPBlock is not set along with namespaceSelector and/or a // podSelector. Similarly, ExternalEntitySelector cannot be set with PodSelector. -func validateAntreaClusterGroupSpec(s crdv1alpha2.GroupSpec) (string, bool) { +func validateAntreaClusterGroupSpec(s crdv1beta1.GroupSpec) (string, bool) { errMsg := "At most one of podSelector, externalEntitySelector, serviceReference, ipBlock, ipBlocks or childGroups can be set for a ClusterGroup" setFieldNum := numFieldsSetInStruct(s) if setFieldNum > 2 { @@ -928,7 +935,7 @@ func validateAntreaClusterGroupSpec(s crdv1alpha2.GroupSpec) (string, bool) { return "", true } -func validateAntreaGroupSpec(s crdv1alpha3.GroupSpec) (string, bool) { +func validateAntreaGroupSpec(s crdv1beta1.GroupSpec) (string, bool) { errMsg := "At most one of podSelector, externalEntitySelector, serviceReference, ipBlocks or childGroups can be set for a Group" setFieldNum := numFieldsSetInStruct(s) if setFieldNum > 2 { @@ -947,7 +954,7 @@ func validateAntreaGroupSpec(s crdv1alpha3.GroupSpec) (string, bool) { return "", true } -func (g *groupValidator) validateChildClusterGroup(s *crdv1alpha2.ClusterGroup) (string, bool) { +func (g *groupValidator) validateChildClusterGroup(s *crdv1beta1.ClusterGroup) (string, bool) { if len(s.Spec.ChildGroups) > 0 { parentGrps, err := g.networkPolicyController.internalGroupStore.GetByIndex(store.ChildGroupIndex, s.Name) if err != nil { @@ -972,7 +979,7 @@ func (g *groupValidator) validateChildClusterGroup(s *crdv1alpha2.ClusterGroup) return "", true } -func (g *groupValidator) validateChildGroup(s *crdv1alpha3.Group) (string, bool) { +func (g *groupValidator) validateChildGroup(s *crdv1beta1.Group) (string, bool) { if len(s.Spec.ChildGroups) > 0 { parentGrps, err := g.networkPolicyController.internalGroupStore.GetByIndex(store.ChildGroupIndex, s.Namespace+"/"+s.Name) if err != nil { @@ -997,7 +1004,7 @@ func (g *groupValidator) validateChildGroup(s *crdv1alpha3.Group) (string, bool) return "", true } -func (g *groupValidator) validateCG(cg *crdv1alpha2.ClusterGroup) (string, bool) { +func (g *groupValidator) validateCG(cg *crdv1beta1.ClusterGroup) (string, bool) { reason, allowed := validateAntreaClusterGroupSpec(cg.Spec) if !allowed { return reason, allowed @@ -1005,7 +1012,7 @@ func (g *groupValidator) validateCG(cg *crdv1alpha2.ClusterGroup) (string, bool) return g.validateChildClusterGroup(cg) } -func (g *groupValidator) validateG(grp *crdv1alpha3.Group) (string, bool) { +func (g *groupValidator) validateG(grp *crdv1beta1.Group) (string, bool) { reason, allowed := validateAntreaGroupSpec(grp.Spec) if !allowed { return reason, allowed @@ -1025,16 +1032,16 @@ func (g *groupValidator) updateValidate(curObj, oldObj interface{}, userInfo aut // validateGroup validates the CREATE and UPDATE events of Group, ClusterGroup resources. func (g *groupValidator) validateGroup(curObj interface{}) (string, bool) { - var curCG *crdv1alpha2.ClusterGroup - var curG *crdv1alpha3.Group + var curCG *crdv1beta1.ClusterGroup + var curG *crdv1beta1.Group var reason string var allowed bool switch curObj.(type) { - case *crdv1alpha2.ClusterGroup: - curCG = curObj.(*crdv1alpha2.ClusterGroup) + case *crdv1beta1.ClusterGroup: + curCG = curObj.(*crdv1beta1.ClusterGroup) reason, allowed = g.validateCG(curCG) - case *crdv1alpha3.Group: - curG = curObj.(*crdv1alpha3.Group) + case *crdv1beta1.Group: + curG = curObj.(*crdv1beta1.Group) reason, allowed = g.validateG(curG) } return reason, allowed diff --git a/pkg/controller/networkpolicy/validate_test.go b/pkg/controller/networkpolicy/validate_test.go index 79c5eaf0d2c..5bcd58a42c7 100644 --- a/pkg/controller/networkpolicy/validate_test.go +++ b/pkg/controller/networkpolicy/validate_test.go @@ -26,8 +26,6 @@ import ( featuregatetesting "k8s.io/component-base/featuregate/testing" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha2 "antrea.io/antrea/pkg/apis/crd/v1alpha2" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/pkg/features" ) @@ -1757,19 +1755,19 @@ func TestValidateAntreaNetworkPolicy(t *testing.T) { func TestValidateAntreaClusterGroup(t *testing.T) { tests := []struct { name string - curCG *crdv1alpha2.ClusterGroup - oldCG *crdv1alpha2.ClusterGroup - existGroup *crdv1alpha3.ClusterGroup + curCG *crdv1beta1.ClusterGroup + oldCG *crdv1beta1.ClusterGroup + existGroup *crdv1beta1.ClusterGroup operation admv1.Operation expectedReason string }{ { name: "cg-invalid-label-key", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-invalid-label-key", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo=": "bar"}, }, @@ -1780,11 +1778,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-invalid-label-value", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-invalid-label-value", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar="}, }, @@ -1795,11 +1793,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-three-fields-set", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-three-fields-set", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -1816,11 +1814,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-psel-and-nssel", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-podselector-and-namespaceselector", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -1833,11 +1831,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-nssel-and-eesel", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-podselector-and-namespaceselector", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -1850,11 +1848,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-psel-and-eesel", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-podselector-and-namespaceselector", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -1868,11 +1866,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-podselector-and-ipblock", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-podselector-and-ipblock", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -1886,11 +1884,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-ipblock", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-ipblock", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "10.0.0.10/32"}, }, @@ -1900,11 +1898,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-multicast", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-ipblock", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "224.0.0.0/24"}, }, @@ -1914,11 +1912,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-set-with-multicast-and-unicast", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-set-with-ipblock", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "224.0.0.0/24"}, {CIDR: "10.0.0.10/32"}, @@ -1930,32 +1928,32 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-with-childGroup", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-with-childGroup", }, - Spec: crdv1alpha2.GroupSpec{ - ChildGroups: []crdv1alpha2.ClusterGroupReference{"cgA", "cgB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA", "cgB"}, }, }, operation: admv1.Create, }, { name: "already-child-to-be-parent", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "already-child-to-be-parent", }, - Spec: crdv1alpha2.GroupSpec{ - ChildGroups: []crdv1alpha2.ClusterGroupReference{"cgA"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA"}, }, }, - existGroup: &crdv1alpha3.ClusterGroup{ + existGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgParent", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"already-child-to-be-parent"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"already-child-to-be-parent"}, }, }, operation: admv1.Create, @@ -1963,20 +1961,20 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "to-be-parent-of-parent", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "to-be-parent-of-parent", }, - Spec: crdv1alpha2.GroupSpec{ - ChildGroups: []crdv1alpha2.ClusterGroupReference{"cgParent"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgParent"}, }, }, - existGroup: &crdv1alpha3.ClusterGroup{ + existGroup: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cgParent", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA"}, }, }, operation: admv1.Create, @@ -1985,21 +1983,21 @@ func TestValidateAntreaClusterGroup(t *testing.T) { // Update using the same func as creation. Only put one case here. { name: "cg-update", - curCG: &crdv1alpha2.ClusterGroup{ + curCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-update", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "10.0.0.10/32"}, }, }, }, - oldCG: &crdv1alpha2.ClusterGroup{ + oldCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-update", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2009,11 +2007,11 @@ func TestValidateAntreaClusterGroup(t *testing.T) { }, { name: "cg-to-delete", - oldCG: &crdv1alpha2.ClusterGroup{ + oldCG: &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "cg-to-delete", }, - Spec: crdv1alpha2.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2044,20 +2042,20 @@ func TestValidateAntreaClusterGroup(t *testing.T) { func TestValidateAntreaGroup(t *testing.T) { tests := []struct { name string - curGroup *crdv1alpha3.Group - oldGroup *crdv1alpha3.Group - existGroup *crdv1alpha3.Group + curGroup *crdv1beta1.Group + oldGroup *crdv1beta1.Group + existGroup *crdv1beta1.Group operation admv1.Operation expectedReason string }{ { name: "annp-group-three-fields-set", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-three-fields-set", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2074,12 +2072,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-psel-and-nssel", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-podselector-and-namespaceselector", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2092,12 +2090,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-nssel-and-eesel", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-podselector-and-namespaceselector", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2110,12 +2108,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-psel-and-eesel", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-podselector-and-namespaceselector", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2129,12 +2127,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-podselector-and-ipblock", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-podselector-and-ipblock", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2148,12 +2146,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-ipblock", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-ipblock", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "10.0.0.10/32"}, }, @@ -2163,12 +2161,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-set-with-invalid-psel", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-set-with-invalid-psel", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo=": "bar"}, }, @@ -2179,35 +2177,35 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-with-childGroup", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-with-childGroup", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA", "cgB"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA", "cgB"}, }, }, operation: admv1.Create, }, { name: "already-child-to-be-parent", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "already-child-to-be-parent", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA"}, }, }, - existGroup: &crdv1alpha3.Group{ + existGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "cgParent", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"already-child-to-be-parent"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"already-child-to-be-parent"}, }, }, operation: admv1.Create, @@ -2215,22 +2213,22 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "to-be-parent-of-parent", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "to-be-parent-of-parent", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgParent"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgParent"}, }, }, - existGroup: &crdv1alpha3.Group{ + existGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "cgParent", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{"cgA"}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{"cgA"}, }, }, operation: admv1.Create, @@ -2239,23 +2237,23 @@ func TestValidateAntreaGroup(t *testing.T) { // Update using the same func as creation. Only put one case here. { name: "annp-group-update", - curGroup: &crdv1alpha3.Group{ + curGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-update", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "10.0.0.10/32"}, }, }, }, - oldGroup: &crdv1alpha3.Group{ + oldGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-update", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, @@ -2265,12 +2263,12 @@ func TestValidateAntreaGroup(t *testing.T) { }, { name: "annp-group-to-delete", - oldGroup: &crdv1alpha3.Group{ + oldGroup: &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: "annp-group-to-delete", Namespace: "x", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{ MatchLabels: map[string]string{"foo": "bar"}, }, diff --git a/pkg/monitor/controller_test.go b/pkg/monitor/controller_test.go index 3b6e6523613..a808a541b8d 100644 --- a/pkg/monitor/controller_test.go +++ b/pkg/monitor/controller_test.go @@ -64,8 +64,8 @@ func newControllerMonitor(crdClient *fakeclientset.Clientset) *fakeController { acnpInformer := crdInformerFactory.Crd().V1alpha1().ClusterNetworkPolicies() annpInformer := crdInformerFactory.Crd().V1alpha1().NetworkPolicies() tierInformer := crdInformerFactory.Crd().V1beta1().Tiers() - cgInformer := crdInformerFactory.Crd().V1alpha3().ClusterGroups() - grpInformer := crdInformerFactory.Crd().V1alpha3().Groups() + cgInformer := crdInformerFactory.Crd().V1beta1().ClusterGroups() + grpInformer := crdInformerFactory.Crd().V1beta1().Groups() externalNodeInformer := crdInformerFactory.Crd().V1alpha1().ExternalNodes() addressGroupStore := store.NewAddressGroupStore() diff --git a/test/e2e/antreapolicy_test.go b/test/e2e/antreapolicy_test.go index 797eaad72b3..f6215892aee 100644 --- a/test/e2e/antreapolicy_test.go +++ b/test/e2e/antreapolicy_test.go @@ -38,7 +38,6 @@ import ( "antrea.io/antrea/pkg/agent/apiserver/handlers/podinterface" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/pkg/controller/networkpolicy" "antrea.io/antrea/pkg/features" @@ -341,12 +340,12 @@ func testCreateValidationInvalidTier(t *testing.T) { func testCreateValidationInvalidCG(t *testing.T) { invalidErr := fmt.Errorf("ClusterGroup using podSelecter and serviceReference together created") - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName("cg-mix-peer"). SetPodSelector(map[string]string{"pod": "a"}, nil). SetServiceReference("svc", namespaces["x"]) cg := cgBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of ClusterGroup must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -354,20 +353,20 @@ func testCreateValidationInvalidCG(t *testing.T) { func testUpdateValidationInvalidCG(t *testing.T) { invalidErr := fmt.Errorf("ClusterGroup using podSelecter and serviceReference together updated") - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName("cg-mix-peer-update"). SetPodSelector(map[string]string{"pod": "a"}, nil) cg := cgBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err != nil { failOnError(fmt.Errorf("create ClusterGroup %s failed: %v", cg.Name, err), t) } cgBuilder.SetServiceReference("svc", namespaces["x"]) cg = cgBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above update of ClusterGroup must fail as it is an invalid spec. failOnError(invalidErr, t) } - failOnError(k8sUtils.DeleteV1Alpha3CG(cg.Name), t) + failOnError(k8sUtils.DeleteCG(cg.Name), t) } func testCreateValidationInvalidGroup(t *testing.T) { @@ -377,7 +376,7 @@ func testCreateValidationInvalidGroup(t *testing.T) { SetPodSelector(map[string]string{"pod": "a"}, nil). SetServiceReference("svc", namespaces["x"]) g := gBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -389,16 +388,16 @@ func testUpdateValidationInvalidGroup(t *testing.T) { gBuilder = gBuilder.SetName("g-mix-peer").SetNamespace(namespaces["x"]). SetPodSelector(map[string]string{"pod": "a"}, nil) g := gBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err != nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err != nil { failOnError(fmt.Errorf("create Group %s/%s failed: %v", g.Namespace, g.Name, err), t) } gBuilder.SetServiceReference("svc", namespaces["x"]) g = gBuilder.Get() - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above update of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } - failOnError(k8sUtils.DeleteV1Alpha3Group(g.Namespace, g.Name), t) + failOnError(k8sUtils.DeleteGroup(g.Namespace, g.Name), t) } // testACNPAllowXBtoA tests traffic from X/B to pods with label A, after applying the default deny @@ -741,7 +740,7 @@ func testACNPNoEffectOnOtherProtocols(t *testing.T) { // testACNPAppliedToDenyXBtoCGWithYA tests traffic from X/B to ClusterGroup Y/A on named port 81 is dropped. func testACNPAppliedToDenyXBtoCGWithYA(t *testing.T) { cgName := "cg-pods-ya" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName). SetNamespaceSelector(map[string]string{"ns": namespaces["y"]}, nil). SetPodSelector(map[string]string{"pod": "a"}, nil) @@ -778,7 +777,7 @@ func testACNPAppliedToDenyXBtoCGWithYA(t *testing.T) { // testACNPIngressRuleDenyCGWithXBtoYA tests traffic from ClusterGroup with X/B to Y/A on named port 81 is dropped. func testACNPIngressRuleDenyCGWithXBtoYA(t *testing.T) { cgName := "cg-pods-xb" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName). SetNamespaceSelector(map[string]string{"ns": namespaces["x"]}, nil). SetPodSelector(map[string]string{"pod": "b"}, nil) @@ -814,7 +813,7 @@ func testACNPIngressRuleDenyCGWithXBtoYA(t *testing.T) { // testACNPAppliedToRuleCGWithPodsAToNsZ tests that an ACNP is able to drop egress traffic from CG with pods labelled A namespace Z. func testACNPAppliedToRuleCGWithPodsAToNsZ(t *testing.T) { cgName := "cg-pods-a" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName).SetPodSelector(map[string]string{"pod": "a"}, nil) builder := &ClusterNetworkPolicySpecBuilder{} builder = builder.SetName("acnp-deny-cg-with-a-to-z"). @@ -848,7 +847,7 @@ func testACNPAppliedToRuleCGWithPodsAToNsZ(t *testing.T) { // testACNPEgressRulePodsAToCGWithNsZ tests that an ACNP is able to drop egress traffic from pods labelled A to a CG with namespace Z. func testACNPEgressRulePodsAToCGWithNsZ(t *testing.T) { cgName := "cg-ns-z" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName).SetNamespaceSelector(map[string]string{"ns": namespaces["z"]}, nil) builder := &ClusterNetworkPolicySpecBuilder{} builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). @@ -882,10 +881,10 @@ func testACNPEgressRulePodsAToCGWithNsZ(t *testing.T) { func testACNPClusterGroupUpdateAppliedTo(t *testing.T) { cgName := "cg-pods-a-then-c" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName).SetPodSelector(map[string]string{"pod": "a"}, nil) // Update CG Pod selector to group Pods C - updatedCgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + updatedCgBuilder := &ClusterGroupSpecBuilder{} updatedCgBuilder = updatedCgBuilder.SetName(cgName).SetPodSelector(map[string]string{"pod": "c"}, nil) builder := &ClusterNetworkPolicySpecBuilder{} builder = builder.SetName("acnp-deny-cg-with-a-to-z-egress"). @@ -933,10 +932,10 @@ func testACNPClusterGroupUpdateAppliedTo(t *testing.T) { func testACNPClusterGroupUpdate(t *testing.T) { cgName := "cg-ns-z-then-y" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName).SetNamespaceSelector(map[string]string{"ns": namespaces["z"]}, nil) // Update CG NS selector to group Pods from Namespace Y - updatedCgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + updatedCgBuilder := &ClusterGroupSpecBuilder{} updatedCgBuilder = updatedCgBuilder.SetName(cgName).SetNamespaceSelector(map[string]string{"ns": namespaces["y"]}, nil) builder := &ClusterNetworkPolicySpecBuilder{} builder = builder.SetName("acnp-deny-a-to-cg-with-z-egress"). @@ -984,7 +983,7 @@ func testACNPClusterGroupUpdate(t *testing.T) { func testACNPClusterGroupAppliedToPodAdd(t *testing.T, data *TestData) { cgName := "cg-pod-custom-pod-zj" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName). SetNamespaceSelector(map[string]string{"ns": namespaces["z"]}, nil). SetPodSelector(map[string]string{"pod": "j"}, nil) @@ -1027,7 +1026,7 @@ func testACNPClusterGroupAppliedToPodAdd(t *testing.T, data *TestData) { func testACNPClusterGroupRefRulePodAdd(t *testing.T, data *TestData) { cgName := "cg-pod-custom-pod-zk" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName). SetNamespaceSelector(map[string]string{"ns": namespaces["z"]}, nil). SetPodSelector(map[string]string{"pod": "k"}, nil) @@ -1099,11 +1098,11 @@ func testACNPClusterGroupRefRuleIPBlocks(t *testing.T) { } cgName := "cg-ipblocks-pod-in-ns-x" - cgBuilder := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder := &ClusterGroupSpecBuilder{} cgBuilder = cgBuilder.SetName(cgName). SetIPBlocks(ipBlock1) cgName2 := "cg-ipblock-pod-za" - cgBuilder2 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder2 := &ClusterGroupSpecBuilder{} cgBuilder2 = cgBuilder2.SetName(cgName2). SetIPBlocks(ipBlock2) @@ -1471,10 +1470,10 @@ func testANNPGroupServiceRefDelete(t *testing.T) { grpBuilder2 := &GroupSpecBuilder{} grpBuilder2 = grpBuilder2.SetName(grp2Name).SetNamespace(namespaces["x"]).SetServiceReference(namespaces["x"], "svc2") grp1 := grpBuilder1.Get() - k8sUtils.CreateOrUpdateV1Alpha3Group(grp1) + k8sUtils.CreateOrUpdateGroup(grp1) failOnError(waitForResourceReady(t, timeout, grp1), t) grp2 := grpBuilder2.Get() - k8sUtils.CreateOrUpdateV1Alpha3Group(grp2) + k8sUtils.CreateOrUpdateGroup(grp2) failOnError(waitForResourceReady(t, timeout, grp2), t) builder := &AntreaNetworkPolicySpecBuilder{} @@ -2814,9 +2813,9 @@ func testACNPClusterGroupServiceRefCreateAndUpdate(t *testing.T, data *TestData) svc2 := k8sUtils.BuildService("svc2", namespaces["y"], 80, 80, map[string]string{"app": "b"}, nil) cg1Name, cg2Name := "cg-svc1", "cg-svc2" - cgBuilder1 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder1 := &ClusterGroupSpecBuilder{} cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference(namespaces["x"], "svc1") - cgBuilder2 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder2 := &ClusterGroupSpecBuilder{} cgBuilder2 = cgBuilder2.SetName(cg2Name).SetServiceReference(namespaces["y"], "svc2") builder := &ClusterNetworkPolicySpecBuilder{} @@ -2899,18 +2898,18 @@ func testACNPNestedClusterGroupCreateAndUpdate(t *testing.T, data *TestData) { svc1 := k8sUtils.BuildService("svc1", namespaces["x"], 80, 80, map[string]string{"app": "a"}, nil) svc1PodName := randName("test-pod-svc1-") cg1Name, cg2Name, cg3Name := "cg-svc-x-a", "cg-select-y-b", "cg-select-y-c" - cgBuilder1 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder1 := &ClusterGroupSpecBuilder{} cgBuilder1 = cgBuilder1.SetName(cg1Name).SetServiceReference(namespaces["x"], "svc1") - cgBuilder2 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder2 := &ClusterGroupSpecBuilder{} cgBuilder2 = cgBuilder2.SetName(cg2Name). SetNamespaceSelector(map[string]string{"ns": namespaces["y"]}, nil). SetPodSelector(map[string]string{"pod": "b"}, nil) - cgBuilder3 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder3 := &ClusterGroupSpecBuilder{} cgBuilder3 = cgBuilder3.SetName(cg3Name). SetNamespaceSelector(map[string]string{"ns": namespaces["y"]}, nil). SetPodSelector(map[string]string{"pod": "c"}, nil) cgNestedName := "cg-nested" - cgBuilderNested := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilderNested := &ClusterGroupSpecBuilder{} cgBuilderNested = cgBuilderNested.SetName(cgNestedName).SetChildGroups([]string{cg1Name, cg3Name}) builder := &ClusterNetworkPolicySpecBuilder{} @@ -3010,11 +3009,11 @@ func testACNPNestedIPBlockClusterGroupCreateAndUpdate(t *testing.T) { ipBlockXA = append(ipBlockXA, crdv1alpha1.IPBlock{CIDR: genCIDR(podXAIP[i])}) ipBlockXB = append(ipBlockXB, crdv1alpha1.IPBlock{CIDR: genCIDR(podXBIP[i])}) } - cgBuilder1 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder1 := &ClusterGroupSpecBuilder{} cgBuilder1 = cgBuilder1.SetName(cg1Name).SetIPBlocks(ipBlockXA) - cgBuilder2 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder2 := &ClusterGroupSpecBuilder{} cgBuilder2 = cgBuilder2.SetName(cg2Name).SetIPBlocks(ipBlockXB) - cgParent := &ClusterGroupV1Alpha3SpecBuilder{} + cgParent := &ClusterGroupSpecBuilder{} cgParent = cgParent.SetName(cgParentName).SetChildGroups([]string{cg1Name, cg2Name}) builder := &ClusterNetworkPolicySpecBuilder{} @@ -3042,11 +3041,11 @@ func testACNPNestedIPBlockClusterGroupCreateAndUpdate(t *testing.T) { nil, } - cgBuilder3 := &ClusterGroupV1Alpha3SpecBuilder{} + cgBuilder3 := &ClusterGroupSpecBuilder{} cgBuilder3 = cgBuilder3.SetName(cg3Name). SetNamespaceSelector(map[string]string{"ns": namespaces["x"]}, nil). SetPodSelector(map[string]string{"pod": "c"}, nil) - updatedCGParent := &ClusterGroupV1Alpha3SpecBuilder{} + updatedCGParent := &ClusterGroupSpecBuilder{} updatedCGParent = updatedCGParent.SetName(cgParentName).SetChildGroups([]string{cg1Name, cg3Name}) reachability2 := NewReachability(allPods, Connected) @@ -4137,11 +4136,11 @@ func applyTestStepResources(t *testing.T, step *TestStep) { case *v1net.NetworkPolicy: _, err := k8sUtils.CreateOrUpdateNetworkPolicy(o) failOnError(err, t) - case *crdv1alpha3.ClusterGroup: - _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(o) + case *crdv1beta1.ClusterGroup: + _, err := k8sUtils.CreateOrUpdateCG(o) failOnError(err, t) - case *crdv1alpha3.Group: - _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(o) + case *crdv1beta1.Group: + _, err := k8sUtils.CreateOrUpdateGroup(o) failOnError(err, t) case *v1.Service: _, err := k8sUtils.CreateOrUpdateService(o) @@ -4166,9 +4165,9 @@ func cleanupTestCaseResources(t *testing.T, c *TestCase) { annpsToDelete.Insert(o.Namespace + "/" + o.Name) case *v1net.NetworkPolicy: npsToDelete.Insert(o.Namespace + "/" + o.Name) - case *crdv1alpha3.ClusterGroup: + case *crdv1beta1.ClusterGroup: v1a3ClusterGroupsToDelete.Insert(o.Name) - case *crdv1alpha3.Group: + case *crdv1beta1.Group: v1a3GroupsToDelete.Insert(o.Namespace + "/" + o.Name) case *v1.Service: svcsToDelete.Insert(o.Namespace + "/" + o.Name) @@ -4189,12 +4188,12 @@ func cleanupTestCaseResources(t *testing.T, c *TestCase) { failOnError(k8sUtils.DeleteNetworkPolicy(namespace, name), t) } for cg := range v1a3ClusterGroupsToDelete { - failOnError(k8sUtils.DeleteV1Alpha3CG(cg), t) + failOnError(k8sUtils.DeleteCG(cg), t) } for grp := range v1a3GroupsToDelete { namespace := strings.Split(grp, "/")[0] name := strings.Split(grp, "/")[1] - failOnError(k8sUtils.DeleteV1Alpha3Group(namespace, name), t) + failOnError(k8sUtils.DeleteGroup(namespace, name), t) } for svc := range svcsToDelete { namespace := strings.Split(svc, "/")[0] @@ -4248,8 +4247,8 @@ func waitForResourceReady(t *testing.T, timeout time.Duration, obj metav1.Object // The minInterval of AntreaProxy's BoundedFrequencyRunner is 1s, which means a Service may be handled after 1s. time.Sleep(1 * time.Second) case *crdv1beta1.Tier: - case *crdv1alpha3.ClusterGroup: - case *crdv1alpha3.Group: + case *crdv1beta1.ClusterGroup: + case *crdv1beta1.Group: } return nil } @@ -4552,14 +4551,14 @@ func TestAntreaPolicyStatusWithAppliedToUnsupportedGroup(t *testing.T) { grpBuilder = grpBuilder.SetName(grpName).SetNamespace(testNamespace). SetPodSelector(map[string]string{"pod": "b"}, nil). SetNamespaceSelector(map[string]string{"ns": namespaces["y"]}, nil) - grp, err := k8sUtils.CreateOrUpdateV1Alpha3Group(grpBuilder.Get()) + grp, err := k8sUtils.CreateOrUpdateGroup(grpBuilder.Get()) failOnError(err, t) failOnError(waitForResourceReady(t, timeout, grp), t) // Build a Group with the unsupported Group as child Group. grpNestedName := "grp-nested" grpBuilderNested := &GroupSpecBuilder{} grpBuilderNested = grpBuilderNested.SetName(grpNestedName).SetNamespace(testNamespace).SetChildGroups([]string{grpName}) - grp, err = k8sUtils.CreateOrUpdateV1Alpha3Group(grpBuilderNested.Get()) + grp, err = k8sUtils.CreateOrUpdateGroup(grpBuilderNested.Get()) failOnError(err, t) failOnError(waitForResourceReady(t, timeout, grp), t) @@ -4597,8 +4596,8 @@ func TestAntreaPolicyStatusWithAppliedToUnsupportedGroup(t *testing.T) { failOnError(k8sUtils.DeleteANNP(annp.Namespace, annp.Name), t) failOnError(k8sUtils.DeleteANNP(annp2.Namespace, annp2.Name), t) - failOnError(k8sUtils.DeleteV1Alpha3Group(testNamespace, grpName), t) - failOnError(k8sUtils.DeleteV1Alpha3Group(testNamespace, grpNestedName), t) + failOnError(k8sUtils.DeleteGroup(testNamespace, grpName), t) + failOnError(k8sUtils.DeleteGroup(testNamespace, grpNestedName), t) k8sUtils.Cleanup(namespaces) } diff --git a/test/e2e/clustergroup_test.go b/test/e2e/clustergroup_test.go index 7c9afbb4fc1..cca0f0b6e9b 100644 --- a/test/e2e/clustergroup_test.go +++ b/test/e2e/clustergroup_test.go @@ -23,7 +23,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" ) func testInvalidCGIPBlockWithPodSelector(t *testing.T) { @@ -32,16 +32,16 @@ func testInvalidCGIPBlockWithPodSelector(t *testing.T) { pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} cidr := "10.0.0.10/32" ipb := []crdv1alpha1.IPBlock{{CIDR: cidr}} - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -53,16 +53,16 @@ func testInvalidCGIPBlockWithNSSelector(t *testing.T) { nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": namespaces["y"]}} cidr := "10.0.0.10/32" ipb := []crdv1alpha1.IPBlock{{CIDR: cidr}} - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: nSel, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -76,16 +76,16 @@ func testInvalidCGServiceRefWithPodSelector(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, ServiceReference: svcRef, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -99,16 +99,16 @@ func testInvalidCGServiceRefWithNSSelector(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: nSel, ServiceReference: svcRef, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -123,16 +123,16 @@ func testInvalidCGServiceRefWithIPBlock(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: svcRef, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -141,21 +141,21 @@ func testInvalidCGServiceRefWithIPBlock(t *testing.T) { var testChildCGName = "test-child-cg" func createChildCGForTest(t *testing.T) { - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: testChildCGName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err != nil { failOnError(err, t) } } func cleanupChildCGForTest(t *testing.T) { - if err := k8sUtils.DeleteV1Alpha3CG(testChildCGName); err != nil { + if err := k8sUtils.DeleteCG(testChildCGName); err != nil { failOnError(err, t) } } @@ -164,16 +164,16 @@ func testInvalidCGChildGroupWithPodSelector(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with childGroups and podSelector") cgName := "child-group-pod-selector" pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildCGName)}, + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildCGName)}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -186,16 +186,16 @@ func testInvalidCGChildGroupWithServiceReference(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - cg := &crdv1alpha3.ClusterGroup{ + cg := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: cgName, }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: svcRef, - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildCGName)}, + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildCGName)}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg); err == nil { // Above creation of CG must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -204,52 +204,52 @@ func testInvalidCGChildGroupWithServiceReference(t *testing.T) { func testInvalidCGMaxNestedLevel(t *testing.T) { invalidErr := fmt.Errorf("clustergroup created with childGroup which has childGroups itself") cgName1, cgName2 := "cg-nested-1", "cg-nested-2" - cg1 := &crdv1alpha3.ClusterGroup{ + cg1 := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: cgName1}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildCGName)}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildCGName)}, }, } - cg2 := &crdv1alpha3.ClusterGroup{ + cg2 := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: cgName2}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(cgName1)}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(cgName1)}, }, } // Try to create cg-nested-1 first and then cg-nested-2. // The creation of cg-nested-2 should fail as it breaks the max nested level - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg1); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg1); err != nil { // Above creation of CG must succeed as it is a valid spec. failOnError(err, t) } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg2); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg2); err == nil { // Above creation of CG must fail as cg-nested-2 cannot have cg-nested-1 as childGroup. failOnError(invalidErr, t) } // cleanup cg-nested-1 - if err := k8sUtils.DeleteV1Alpha3CG(cgName1); err != nil { + if err := k8sUtils.DeleteCG(cgName1); err != nil { failOnError(err, t) } // Try to create cg-nested-2 first and then cg-nested-1. // The creation of cg-nested-1 should fail as it breaks the max nested level - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg2); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg2); err != nil { // Above creation of CG must succeed as it is a valid spec. failOnError(err, t) } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cg1); err == nil { + if _, err := k8sUtils.CreateOrUpdateCG(cg1); err == nil { // Above creation of CG must fail as cg-nested-2 cannot have cg-nested-1 as childGroup. failOnError(invalidErr, t) } // cleanup cg-nested-2 - if err := k8sUtils.DeleteV1Alpha3CG(cgName2); err != nil { + if err := k8sUtils.DeleteCG(cgName2); err != nil { failOnError(err, t) } } -func getRealizationStatus(cg *crdv1alpha3.ClusterGroup) v1.ConditionStatus { +func getRealizationStatus(cg *crdv1beta1.ClusterGroup) v1.ConditionStatus { conds := cg.Status.Conditions for _, cond := range conds { - if cond.Type == crdv1alpha3.GroupMembersComputed && cond.Status == v1.ConditionTrue { + if cond.Type == crdv1beta1.GroupMembersComputed && cond.Status == v1.ConditionTrue { return v1.ConditionTrue } } @@ -259,51 +259,51 @@ func getRealizationStatus(cg *crdv1alpha3.ClusterGroup) v1.ConditionStatus { func testClusterGroupRealizationStatus(t *testing.T) { invalidErr1 := fmt.Errorf("clustergroup with child groups should only be considered realized when all its child groups are realized") invalidErr2 := fmt.Errorf("clustergroup with selectors or serviceRef should be realized once processed") - childCG1Returned, _ := k8sUtils.GetV1Alpha3CG(testChildCGName) + childCG1Returned, _ := k8sUtils.GetCG(testChildCGName) // test-child-cg should be considered realized as soon as its synced. if getRealizationStatus(childCG1Returned) != v1.ConditionTrue { failOnError(invalidErr2, t) } - cgParent := &crdv1alpha3.ClusterGroup{ + cgParent := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{Name: "parent-cg"}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{ - crdv1alpha3.ClusterGroupReference(testChildCGName), - crdv1alpha3.ClusterGroupReference("child-cg-2"), + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{ + crdv1beta1.ClusterGroupReference(testChildCGName), + crdv1beta1.ClusterGroupReference("child-cg-2"), }, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cgParent); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cgParent); err != nil { // Above creation of CG must succeed as it is a valid spec. failOnError(err, t) } time.Sleep(networkPolicyDelay / 2) - cgParentReturned, _ := k8sUtils.GetV1Alpha3CG("parent-cg") + cgParentReturned, _ := k8sUtils.GetCG("parent-cg") // cgParent should not be considered realized yet since child-cg-2 is not yet created. if getRealizationStatus(cgParentReturned) != v1.ConditionFalse { failOnError(invalidErr1, t) } - cgChild2 := &crdv1alpha3.ClusterGroup{ + cgChild2 := &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: "child-cg-2", }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ IPBlocks: []crdv1alpha1.IPBlock{ {CIDR: "192.168.2.0/24"}, }, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3CG(cgChild2); err != nil { + if _, err := k8sUtils.CreateOrUpdateCG(cgChild2); err != nil { // Above creation of CG must succeed as it is a valid spec. failOnError(err, t) } time.Sleep(networkPolicyDelay / 2) - childCG2Returned, _ := k8sUtils.GetV1Alpha3CG("child-cg-2") + childCG2Returned, _ := k8sUtils.GetCG("child-cg-2") // child-cg-2 should be considered realized as soon as its synced. if getRealizationStatus(childCG2Returned) != v1.ConditionTrue { failOnError(invalidErr2, t) } - cgParentReturned, _ = k8sUtils.GetV1Alpha3CG("parent-cg") + cgParentReturned, _ = k8sUtils.GetCG("parent-cg") // cgParent should now be considered realized. if getRealizationStatus(cgParentReturned) != v1.ConditionTrue { failOnError(invalidErr1, t) diff --git a/test/e2e/group_test.go b/test/e2e/group_test.go index f92cf903bc9..3ff30784dd1 100644 --- a/test/e2e/group_test.go +++ b/test/e2e/group_test.go @@ -21,7 +21,7 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" ) func testInvalidGroupIPBlockWithPodSelector(t *testing.T) { @@ -30,17 +30,17 @@ func testInvalidGroupIPBlockWithPodSelector(t *testing.T) { pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} cidr := "10.0.0.10/32" ipb := []crdv1alpha1.IPBlock{{CIDR: cidr}} - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces["x"], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -52,17 +52,17 @@ func testInvalidGroupIPBlockWithNSSelector(t *testing.T) { nSel := &metav1.LabelSelector{MatchLabels: map[string]string{"ns": namespaces["y"]}} cidr := "10.0.0.10/32" ipb := []crdv1alpha1.IPBlock{{CIDR: cidr}} - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces["x"], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: nSel, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -76,17 +76,17 @@ func testInvalidGroupServiceRefWithPodSelector(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces["y"], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, ServiceReference: svcRef, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -100,17 +100,17 @@ func testInvalidGroupServiceRefWithNSSelector(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces["y"], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ NamespaceSelector: nSel, ServiceReference: svcRef, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -125,17 +125,17 @@ func testInvalidGroupServiceRefWithIPBlock(t *testing.T) { Namespace: namespaces["y"], Name: "test-svc", } - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces["y"], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: svcRef, IPBlocks: ipb, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -147,22 +147,22 @@ var ( ) func createChildGroupForTest(t *testing.T) { - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: testChildGroupName, Namespace: namespaces[testChildGroupNamespace], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: &metav1.LabelSelector{}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err != nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err != nil { failOnError(err, t) } } func cleanupChildGroupForTest(t *testing.T) { - if err := k8sUtils.DeleteV1Alpha3Group(namespaces[testChildGroupNamespace], testChildGroupName); err != nil { + if err := k8sUtils.DeleteGroup(namespaces[testChildGroupNamespace], testChildGroupName); err != nil { failOnError(err, t) } } @@ -171,17 +171,17 @@ func testInvalidGroupChildGroupWithPodSelector(t *testing.T) { invalidErr := fmt.Errorf("group created with childGroups and podSelector") gName := "child-group-pod-selector" pSel := &metav1.LabelSelector{MatchLabels: map[string]string{"pod": "x"}} - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces[testChildGroupNamespace], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ PodSelector: pSel, - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildGroupName)}, + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildGroupName)}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -194,17 +194,17 @@ func testInvalidGroupChildGroupWithServiceReference(t *testing.T) { Name: "test-svc", Namespace: namespaces[testChildGroupNamespace], } - g := &crdv1alpha3.Group{ + g := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: gName, Namespace: namespaces[testChildGroupNamespace], }, - Spec: crdv1alpha3.GroupSpec{ + Spec: crdv1beta1.GroupSpec{ ServiceReference: svcRef, - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildGroupName)}, + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildGroupName)}, }, } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g); err == nil { // Above creation of Group must fail as it is an invalid spec. failOnError(invalidErr, t) } @@ -213,44 +213,44 @@ func testInvalidGroupChildGroupWithServiceReference(t *testing.T) { func testInvalidGroupMaxNestedLevel(t *testing.T) { invalidErr := fmt.Errorf("group created with childGroup which has childGroups itself") gName1, gName2 := "g-nested-1", "g-nested-2" - g1 := &crdv1alpha3.Group{ + g1 := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: namespaces[testChildGroupNamespace], Name: gName1}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(testChildGroupName)}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(testChildGroupName)}, }, } - g2 := &crdv1alpha3.Group{ + g2 := &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{Namespace: namespaces[testChildGroupNamespace], Name: gName2}, - Spec: crdv1alpha3.GroupSpec{ - ChildGroups: []crdv1alpha3.ClusterGroupReference{crdv1alpha3.ClusterGroupReference(gName1)}, + Spec: crdv1beta1.GroupSpec{ + ChildGroups: []crdv1beta1.ClusterGroupReference{crdv1beta1.ClusterGroupReference(gName1)}, }, } // Try to create g-nested-1 first and then g-nested-2. // The creation of g-nested-2 should fail as it breaks the max nested level - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g1); err != nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g1); err != nil { // Above creation of Group must succeed as it is a valid spec. failOnError(err, t) } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g2); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g2); err == nil { // Above creation of Group must fail as g-nested-2 cannot have g-nested-1 as childGroup. failOnError(invalidErr, t) } // cleanup g-nested-1 - if err := k8sUtils.DeleteV1Alpha3Group(namespaces[testChildGroupNamespace], gName1); err != nil { + if err := k8sUtils.DeleteGroup(namespaces[testChildGroupNamespace], gName1); err != nil { failOnError(err, t) } // Try to create g-nested-2 first and then g-nested-1. // The creation of g-nested-1 should fail as it breaks the max nested level - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g2); err != nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g2); err != nil { // Above creation of Group must succeed as it is a valid spec. failOnError(err, t) } - if _, err := k8sUtils.CreateOrUpdateV1Alpha3Group(g1); err == nil { + if _, err := k8sUtils.CreateOrUpdateGroup(g1); err == nil { // Above creation of Group must fail as g-nested-2 cannot have g-nested-1 as childGroup. failOnError(invalidErr, t) } // cleanup g-nested-2 - if err := k8sUtils.DeleteV1Alpha3Group(namespaces[testChildGroupNamespace], gName2); err != nil { + if err := k8sUtils.DeleteGroup(namespaces[testChildGroupNamespace], gName2); err != nil { failOnError(err, t) } } diff --git a/test/e2e/k8s_util.go b/test/e2e/k8s_util.go index 896fd44e587..da7cfd7d582 100644 --- a/test/e2e/k8s_util.go +++ b/test/e2e/k8s_util.go @@ -33,7 +33,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" "antrea.io/antrea/test/e2e/utils" ) @@ -787,12 +786,12 @@ func (data *TestData) DeleteTier(name string) error { return nil } -// CreateOrUpdateV1Alpha3CG is a convenience function for idempotent setup of crd/v1alpha3 ClusterGroups -func (data *TestData) CreateOrUpdateV1Alpha3CG(cg *crdv1alpha3.ClusterGroup) (*crdv1alpha3.ClusterGroup, error) { +// CreateOrUpdateCG is a convenience function for idempotent setup of crd/v1beta1 ClusterGroups +func (data *TestData) CreateOrUpdateCG(cg *crdv1beta1.ClusterGroup) (*crdv1beta1.ClusterGroup, error) { log.Infof("Creating/updating ClusterGroup %s", cg.Name) - cgReturned, err := data.crdClient.CrdV1alpha3().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) + cgReturned, err := data.crdClient.CrdV1beta1().ClusterGroups().Get(context.TODO(), cg.Name, metav1.GetOptions{}) if err != nil { - cgr, err := data.crdClient.CrdV1alpha3().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) + cgr, err := data.crdClient.CrdV1beta1().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) if err != nil { log.Infof("Unable to create cluster group %s: %v", cg.Name, err) return nil, err @@ -801,18 +800,18 @@ func (data *TestData) CreateOrUpdateV1Alpha3CG(cg *crdv1alpha3.ClusterGroup) (*c } else if cgReturned.Name != "" { log.Debugf("ClusterGroup with name %s already exists, updating", cg.Name) cgReturned.Spec = cg.Spec - cgr, err := data.crdClient.CrdV1alpha3().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) + cgr, err := data.crdClient.CrdV1beta1().ClusterGroups().Update(context.TODO(), cgReturned, metav1.UpdateOptions{}) return cgr, err } return nil, fmt.Errorf("error occurred in creating/updating ClusterGroup %s", cg.Name) } -// CreateOrUpdateV1Alpha3Group is a convenience function for idempotent setup of crd/v1alpha3 Groups -func (k *KubernetesUtils) CreateOrUpdateV1Alpha3Group(g *crdv1alpha3.Group) (*crdv1alpha3.Group, error) { +// CreateOrUpdateGroup is a convenience function for idempotent setup of crd/v1beta1 Groups +func (k *KubernetesUtils) CreateOrUpdateGroup(g *crdv1beta1.Group) (*crdv1beta1.Group, error) { log.Infof("Creating/updating Group %s/%s", g.Namespace, g.Name) - gReturned, err := k.crdClient.CrdV1alpha3().Groups(g.Namespace).Get(context.TODO(), g.Name, metav1.GetOptions{}) + gReturned, err := k.crdClient.CrdV1beta1().Groups(g.Namespace).Get(context.TODO(), g.Name, metav1.GetOptions{}) if err != nil { - gr, err := k.crdClient.CrdV1alpha3().Groups(g.Namespace).Create(context.TODO(), g, metav1.CreateOptions{}) + gr, err := k.crdClient.CrdV1beta1().Groups(g.Namespace).Create(context.TODO(), g, metav1.CreateOptions{}) if err != nil { log.Infof("Unable to create group %s/%s: %v", g.Namespace, g.Name, err) return nil, err @@ -821,105 +820,44 @@ func (k *KubernetesUtils) CreateOrUpdateV1Alpha3Group(g *crdv1alpha3.Group) (*cr } else if gReturned.Name != "" { log.Debugf("Group %s/%s already exists, updating", g.Namespace, g.Name) gReturned.Spec = g.Spec - gr, err := k.crdClient.CrdV1alpha3().Groups(g.Namespace).Update(context.TODO(), gReturned, metav1.UpdateOptions{}) + gr, err := k.crdClient.CrdV1beta1().Groups(g.Namespace).Update(context.TODO(), gReturned, metav1.UpdateOptions{}) return gr, err } return nil, fmt.Errorf("error occurred in creating/updating Group %s/%s", g.Namespace, g.Name) } -func (data *TestData) GetV1Alpha3CG(cgName string) (*crdv1alpha3.ClusterGroup, error) { - return data.crdClient.CrdV1alpha3().ClusterGroups().Get(context.TODO(), cgName, metav1.GetOptions{}) -} - -// CreateCG is a convenience function for creating an Antrea ClusterGroup by name and selector. -func (data *TestData) CreateCG(name string, pSelector, nSelector *metav1.LabelSelector, ipBlocks []crdv1alpha1.IPBlock) (*crdv1alpha3.ClusterGroup, error) { - log.Infof("Creating clustergroup %s", name) - _, err := data.crdClient.CrdV1alpha3().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - cg := &crdv1alpha3.ClusterGroup{ - ObjectMeta: metav1.ObjectMeta{ - Name: name, - }, - } - if pSelector != nil { - cg.Spec.PodSelector = pSelector - } - if nSelector != nil { - cg.Spec.NamespaceSelector = nSelector - } - if len(ipBlocks) > 0 { - cg.Spec.IPBlocks = ipBlocks - } - cg, err = data.crdClient.CrdV1alpha3().ClusterGroups().Create(context.TODO(), cg, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create clustergroup %s: %s", name, err) - } - return cg, err - } - return nil, fmt.Errorf("clustergroup with name %s already exists", name) -} - // GetCG is a convenience function for getting ClusterGroups -func (k *KubernetesUtils) GetCG(name string) (*crdv1alpha3.ClusterGroup, error) { - res, err := k.crdClient.CrdV1alpha3().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) +func (k *KubernetesUtils) GetCG(name string) (*crdv1beta1.ClusterGroup, error) { + res, err := k.crdClient.CrdV1beta1().ClusterGroups().Get(context.TODO(), name, metav1.GetOptions{}) if err != nil { return nil, err } return res, nil } -// CreateGroup is a convenience function for creating an Antrea Group by namespace, name and selector. -func (k *KubernetesUtils) CreateGroup(namespace, name string, pSelector, nSelector *metav1.LabelSelector, ipBlocks []crdv1alpha1.IPBlock) (*crdv1alpha3.Group, error) { - log.Infof("Creating group %s/%s", namespace, name) - _, err := k.crdClient.CrdV1alpha3().Groups(namespace).Get(context.TODO(), name, metav1.GetOptions{}) - if err != nil { - g := &crdv1alpha3.Group{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: namespace, - Name: name, - }, - } - if pSelector != nil { - g.Spec.PodSelector = pSelector - } - if nSelector != nil { - g.Spec.NamespaceSelector = nSelector - } - if len(ipBlocks) > 0 { - g.Spec.IPBlocks = ipBlocks - } - g, err = k.crdClient.CrdV1alpha3().Groups(namespace).Create(context.TODO(), g, metav1.CreateOptions{}) - if err != nil { - log.Debugf("Unable to create group %s/%s: %s", namespace, name, err) - } - return g, err - } - return nil, fmt.Errorf("group with name %s/%s already exists", namespace, name) -} - // GetGroup is a convenience function for getting Groups -func (k *KubernetesUtils) GetGroup(namespace, name string) (*crdv1alpha3.Group, error) { - res, err := k.crdClient.CrdV1alpha3().Groups(namespace).Get(context.TODO(), name, metav1.GetOptions{}) +func (k *KubernetesUtils) GetGroup(namespace, name string) (*crdv1beta1.Group, error) { + res, err := k.crdClient.CrdV1beta1().Groups(namespace).Get(context.TODO(), name, metav1.GetOptions{}) if err != nil { return nil, err } return res, nil } -// DeleteV1Alpha3CG is a convenience function for deleting core/v1alpha3 ClusterGroup by name. -func (data *TestData) DeleteV1Alpha3CG(name string) error { +// DeleteCG is a convenience function for deleting core/v1beta1 ClusterGroup by name. +func (data *TestData) DeleteCG(name string) error { log.Infof("deleting ClusterGroup %s", name) - err := data.crdClient.CrdV1alpha3().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) + err := data.crdClient.CrdV1beta1().ClusterGroups().Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete ClusterGroup %s", name) } return nil } -// DeleteV1Alpha3Group is a convenience function for deleting core/v1alpha3 Group by namespace and name. -func (k *KubernetesUtils) DeleteV1Alpha3Group(namespace, name string) error { +// DeleteGroup is a convenience function for deleting core/v1beta1 Group by namespace and name. +func (k *KubernetesUtils) DeleteGroup(namespace, name string) error { log.Infof("deleting Group %s/%s", namespace, name) - err := k.crdClient.CrdV1alpha3().Groups(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) + err := k.crdClient.CrdV1beta1().Groups(namespace).Delete(context.TODO(), name, metav1.DeleteOptions{}) if err != nil { return errors.Wrapf(err, "unable to delete Group %s/%s", namespace, name) } @@ -928,12 +866,12 @@ func (k *KubernetesUtils) DeleteV1Alpha3Group(namespace, name string) error { // CleanCGs is a convenience function for deleting all ClusterGroups in the cluster. func (data *TestData) CleanCGs() error { - l, err := data.crdClient.CrdV1alpha3().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) + l, err := data.crdClient.CrdV1beta1().ClusterGroups().List(context.TODO(), metav1.ListOptions{}) if err != nil { - return errors.Wrapf(err, "unable to list ClusterGroups in v1alpha3") + return errors.Wrapf(err, "unable to list ClusterGroups in v1beta1") } for _, cg := range l.Items { - if err := data.DeleteV1Alpha3CG(cg.Name); err != nil { + if err := data.DeleteCG(cg.Name); err != nil { return err } } @@ -942,12 +880,12 @@ func (data *TestData) CleanCGs() error { // CleanGroups is a convenience function for deleting all Groups in the namespace. func (k *KubernetesUtils) CleanGroups(namespace string) error { - l, err := k.crdClient.CrdV1alpha3().Groups(namespace).List(context.TODO(), metav1.ListOptions{}) + l, err := k.crdClient.CrdV1beta1().Groups(namespace).List(context.TODO(), metav1.ListOptions{}) if err != nil { - return errors.Wrapf(err, "unable to list Groups in v1alpha3") + return errors.Wrapf(err, "unable to list Groups in v1beta1") } for _, g := range l.Items { - if err := k.DeleteV1Alpha3Group(namespace, g.Name); err != nil { + if err := k.DeleteGroup(namespace, g.Name); err != nil { return err } } diff --git a/test/e2e/utils/cg_spec_builder.go b/test/e2e/utils/cg_spec_builder.go index df965c89c95..a8cf41dad1d 100644 --- a/test/e2e/utils/cg_spec_builder.go +++ b/test/e2e/utils/cg_spec_builder.go @@ -18,17 +18,17 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" ) -// ClusterGroupV1Alpha3SpecBuilder builds a core/v1alpha3 ClusterGroup object. -type ClusterGroupV1Alpha3SpecBuilder struct { - Spec crdv1alpha3.GroupSpec +// ClusterGroupSpecBuilder builds a core/v1beta1 ClusterGroup object. +type ClusterGroupSpecBuilder struct { + Spec crdv1beta1.GroupSpec Name string } -func (b *ClusterGroupV1Alpha3SpecBuilder) Get() *crdv1alpha3.ClusterGroup { - return &crdv1alpha3.ClusterGroup{ +func (b *ClusterGroupSpecBuilder) Get() *crdv1beta1.ClusterGroup { + return &crdv1beta1.ClusterGroup{ ObjectMeta: metav1.ObjectMeta{ Name: b.Name, }, @@ -36,12 +36,12 @@ func (b *ClusterGroupV1Alpha3SpecBuilder) Get() *crdv1alpha3.ClusterGroup { } } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetName(name string) *ClusterGroupV1Alpha3SpecBuilder { +func (b *ClusterGroupSpecBuilder) SetName(name string) *ClusterGroupSpecBuilder { b.Name = name return b } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetPodSelector(podSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupV1Alpha3SpecBuilder { +func (b *ClusterGroupSpecBuilder) SetPodSelector(podSelector map[string]string, podSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupSpecBuilder { var ps *metav1.LabelSelector if podSelector != nil { ps = &metav1.LabelSelector{ @@ -55,7 +55,7 @@ func (b *ClusterGroupV1Alpha3SpecBuilder) SetPodSelector(podSelector map[string] return b } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetNamespaceSelector(nsSelector map[string]string, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupV1Alpha3SpecBuilder { +func (b *ClusterGroupSpecBuilder) SetNamespaceSelector(nsSelector map[string]string, nsSelectorMatchExp []metav1.LabelSelectorRequirement) *ClusterGroupSpecBuilder { var ns *metav1.LabelSelector if nsSelector != nil { ns = &metav1.LabelSelector{ @@ -69,12 +69,12 @@ func (b *ClusterGroupV1Alpha3SpecBuilder) SetNamespaceSelector(nsSelector map[st return b } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetIPBlocks(ipBlocks []crdv1alpha1.IPBlock) *ClusterGroupV1Alpha3SpecBuilder { +func (b *ClusterGroupSpecBuilder) SetIPBlocks(ipBlocks []crdv1alpha1.IPBlock) *ClusterGroupSpecBuilder { b.Spec.IPBlocks = ipBlocks return b } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetServiceReference(svcNS, svcName string) *ClusterGroupV1Alpha3SpecBuilder { +func (b *ClusterGroupSpecBuilder) SetServiceReference(svcNS, svcName string) *ClusterGroupSpecBuilder { svcRef := &crdv1alpha1.NamespacedName{ Namespace: svcNS, Name: svcName, @@ -83,10 +83,10 @@ func (b *ClusterGroupV1Alpha3SpecBuilder) SetServiceReference(svcNS, svcName str return b } -func (b *ClusterGroupV1Alpha3SpecBuilder) SetChildGroups(cgs []string) *ClusterGroupV1Alpha3SpecBuilder { - var childGroups []crdv1alpha3.ClusterGroupReference +func (b *ClusterGroupSpecBuilder) SetChildGroups(cgs []string) *ClusterGroupSpecBuilder { + var childGroups []crdv1beta1.ClusterGroupReference for _, c := range cgs { - childGroups = append(childGroups, crdv1alpha3.ClusterGroupReference(c)) + childGroups = append(childGroups, crdv1beta1.ClusterGroupReference(c)) } b.Spec.ChildGroups = childGroups return b diff --git a/test/e2e/utils/grp_spec_builder.go b/test/e2e/utils/grp_spec_builder.go index 1ba6be36683..5f5c04e45e5 100644 --- a/test/e2e/utils/grp_spec_builder.go +++ b/test/e2e/utils/grp_spec_builder.go @@ -18,18 +18,18 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" crdv1alpha1 "antrea.io/antrea/pkg/apis/crd/v1alpha1" - crdv1alpha3 "antrea.io/antrea/pkg/apis/crd/v1alpha3" + crdv1beta1 "antrea.io/antrea/pkg/apis/crd/v1beta1" ) // GroupSpecBuilder builds a Group object. type GroupSpecBuilder struct { - Spec crdv1alpha3.GroupSpec + Spec crdv1beta1.GroupSpec Name string Namespace string } -func (b *GroupSpecBuilder) Get() *crdv1alpha3.Group { - return &crdv1alpha3.Group{ +func (b *GroupSpecBuilder) Get() *crdv1beta1.Group { + return &crdv1beta1.Group{ ObjectMeta: metav1.ObjectMeta{ Name: b.Name, Namespace: b.Namespace, @@ -91,9 +91,9 @@ func (b *GroupSpecBuilder) SetServiceReference(svcNS, svcName string) *GroupSpec } func (b *GroupSpecBuilder) SetChildGroups(cgs []string) *GroupSpecBuilder { - var childGroups []crdv1alpha3.ClusterGroupReference + var childGroups []crdv1beta1.ClusterGroupReference for _, c := range cgs { - childGroups = append(childGroups, crdv1alpha3.ClusterGroupReference(c)) + childGroups = append(childGroups, crdv1beta1.ClusterGroupReference(c)) } b.Spec.ChildGroups = childGroups return b