diff --git a/.github/workflows/makefile.yml b/.github/workflows/makefile.yml index ad30f6ef3c..29eacacbde 100644 --- a/.github/workflows/makefile.yml +++ b/.github/workflows/makefile.yml @@ -12,18 +12,21 @@ jobs: - name: Set up Go 1.x uses: actions/setup-go@v2 with: - go-version: '1.20' + go-version: '1.21' id: go - name: Check out code into the Go module directory uses: actions/checkout@v2 - + - name: Install dependencies + run: | + go mod download - name: Run Unit Tests run: | go test -covermode=count -coverprofile=profile.cov ./pkg/... + - name: Install goveralls + run: go install github.com/mattn/goveralls@latest - name: Send coverage env: COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - GO111MODULE=off go get github.com/mattn/goveralls - $(go env GOPATH)/bin/goveralls -coverprofile=profile.cov -service=github + goveralls -coverprofile=profile.cov -service=github diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 56591c42cb..3e569eaf20 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -26,7 +26,7 @@ jobs: run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${GITHUB_ACTOR,,} --password-stdin - name: Build Image - run: OSS_REGISTRY="ghcr.io/oracle" VERSION="${{ github.ref_name }}" make image + run: OSS_REGISTRY="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}" VERSION="${{ github.ref_name }}" make image - name: Push Image - run: OSS_REGISTRY="ghcr.io/oracle" VERSION="${{ github.ref_name }}" make docker-push-all + run: OSS_REGISTRY="ghcr.io/${GITHUB_REPOSITORY_OWNER,,}" VERSION="${{ github.ref_name }}" make docker-push-all diff --git a/Dockerfile b/Dockerfile index 22522e500d..50649c3bfe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ WORKDIR $SRC RUN COMPONENT=${COMPONENT} make clean build -FROM oraclelinux:8-slim +FROM ghcr.io/oracle/oraclelinux:8-slim-fips COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/dist/* /usr/local/bin/ COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/image/* /usr/local/bin/ @@ -45,4 +45,4 @@ RUN chmod 755 /sbin/encrypt-umount RUN chmod 755 /sbin/rpm-host RUN chmod 755 /sbin/chroot-bash -COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/dist/* /usr/local/bin/ \ No newline at end of file +COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/dist/* /usr/local/bin/ diff --git a/Dockerfile_arm_all b/Dockerfile_arm_all index 1bdf8f9cf8..3739e3a2b0 100644 --- a/Dockerfile_arm_all +++ b/Dockerfile_arm_all @@ -14,7 +14,7 @@ WORKDIR $SRC RUN ARCH=arm make clean build-arm-all -FROM arm64v8/oraclelinux:8-slim +FROM ghcr.io/oracle/oraclelinux:8-slim-fips-arm64v8 RUN microdnf -y install util-linux e2fsprogs xfsprogs python2 && \ microdnf update && \ @@ -29,4 +29,4 @@ RUN chmod 755 /sbin/encrypt-umount RUN chmod 755 /sbin/rpm-host RUN chmod 755 /sbin/chroot-bash -COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/dist/arm/* /usr/local/bin/ \ No newline at end of file +COPY --from=0 /go/src/github.com/oracle/oci-cloud-controller-manager/dist/arm/* /usr/local/bin/ diff --git a/Makefile b/Makefile index 676b96c54f..dc786498c9 100644 --- a/Makefile +++ b/Makefile @@ -38,7 +38,7 @@ else VERSION ?= ${VERSION} endif -RELEASE = v1.29.0 +RELEASE = v1.29.1 GOOS ?= linux ARCH ?= amd64 diff --git a/README.md b/README.md index 75586cebf2..9babc62253 100644 --- a/README.md +++ b/README.md @@ -33,13 +33,13 @@ cloud-provider specific code out of the Kubernetes codebase. | v1.25.2 | v1.25 | - | | v1.26.4 | v1.26 | - | | v1.27.3 | v1.27 | - | -| v1.28.1 | v1.28 | - | -| v1.29.0 | v1.29 | - | - +| v1.28.2 | v1.28 | - | +| v1.29.1 | v1.29 | - | +| v1.30.0 | v1.30 | - | Note: -Versions older than v1.27.3 are no longer supported, new features / bug fixes will be available in v1.27.3 and later. +Versions older than v1.28.2 are no longer supported, new features / bug fixes will be available in v1.28.2 and later. ## Implementation Currently `oci-cloud-controller-manager` implements: diff --git a/THIRD_PARTY_LICENSES.txt b/THIRD_PARTY_LICENSES.txt index e38c13036a..d7acf0d183 100644 --- a/THIRD_PARTY_LICENSES.txt +++ b/THIRD_PARTY_LICENSES.txt @@ -1179,7 +1179,6 @@ SPDX:MIT == Copyright Copyright (c) 2013-2014 Onsi Fakhouri -Copyright (c) 2014 Amit Kumar Gupta --------------------------------- (separator) ---------------------------------- @@ -1312,16 +1311,12 @@ END OF TERMS AND CONDITIONS == Copyright -Copyright (c) 2012-2020 Mat Ryer, Tyler Bunnell and contributors. -Copyright (c) 2013 The Go Authors. All rights reserved. Copyright (c) 2016, 2018, 2020, Oracle and/or its affiliates. Copyright (c) 2016, 2018, 2020, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2016, 2018, Oracle and/or its affiliates. All rights reserved. Copyright (c) 2016, 2023 Oracle and/or its affiliates. Copyright (c) 2016, 2023, Oracle and/or its affiliates. All rights reserved. -Copyright © 2012-2020 Mat Ryer, Tyler Bunnell and contributors. -Copyright © 2013 The Go Authors. All rights reserved. == Notices Copyright (c) 2016, 2018, 2020, Oracle and/or its affiliates. @@ -2027,7 +2022,6 @@ go.uber.org/zap SPDX:MIT == Copyright -Copyright (c) "*" Uber Technologies, Inc.") Copyright (c) 2016 Uber Technologies, Inc. Copyright (c) 2016, 2017 Uber Technologies, Inc. Copyright (c) 2016-2017 Uber Technologies, Inc. @@ -2170,6 +2164,7 @@ Copyright 2020 The Go Authors. All rights reserved. Copyright 2021 The Go Authors. All rights reserved. Copyright 2022 The Go Authors. All rights reserved. Copyright 2023 The Go Authors. All rights reserved. +Copyright 2024 The Go Authors. All rights reserved. == Patents Additional IP Rights Grant (Patents) @@ -3067,6 +3062,7 @@ Copyright 2020 The Kubernetes Authors. Copyright 2021 The Kubernetes Authors. Copyright 2022 The Kubernetes Authors. Copyright 2023 The Kubernetes Authors. +Copyright 2024 The Kubernetes Authors. --------------------------------- (separator) ---------------------------------- @@ -4324,5 +4320,5 @@ the Mozilla Public License, v. 2.0. === ATTRIBUTION-HELPER-GENERATED: -=== Attribution helper version: {Major:0 Minor:11 GitVersion: GitCommit: GitTreeState:dirty BuildDate:1970-01-01T00:00:00Z GoVersion:go1.19.3 Compiler:gc Platform:darwin/arm64} -=== License file based on go.mod with md5 sum: 5ba4389f9d7406b21218d714f3f79d86 +=== Attribution helper version: {Major:0 Minor:11 GitVersion:0.10.0-114-g3747dab9 GitCommit:3747dab92eb29c0dbe6409ffbb824b9ae3a04b87 GitTreeState:dirty BuildDate:2024-02-28T16:52:52Z GoVersion:go1.21.0 Compiler:gc Platform:darwin/amd64} +=== License file based on go.mod with md5 sum: ea9bd465882b674ff1025b18349e102f diff --git a/cmd/oci-csi-controller-driver/csi-controller-driver/oci-csi-controller-driver.go b/cmd/oci-csi-controller-driver/csi-controller-driver/oci-csi-controller-driver.go index 356b240381..51f6041be7 100644 --- a/cmd/oci-csi-controller-driver/csi-controller-driver/oci-csi-controller-driver.go +++ b/cmd/oci-csi-controller-driver/csi-controller-driver/oci-csi-controller-driver.go @@ -15,6 +15,8 @@ package csicontrollerdriver import ( + "os" + "github.com/oracle/oci-cloud-controller-manager/cmd/oci-csi-controller-driver/csioptions" "github.com/oracle/oci-cloud-controller-manager/pkg/csi/driver" "github.com/oracle/oci-cloud-controller-manager/pkg/logging" @@ -25,7 +27,7 @@ const ( bvCsiDriver = "BV" ) -//StartControllerDriver main function to start CSI Controller Driver +// StartControllerDriver main function to start CSI Controller Driver func StartControllerDriver(csioptions csioptions.CSIOptions, csiDriver driver.CSIDriver) { logger := logging.Logger().Sugar() @@ -35,11 +37,16 @@ func StartControllerDriver(csioptions csioptions.CSIOptions, csiDriver driver.CS var drv *driver.Driver var err error + clusterIpFamily := os.Getenv("CLUSTER_IP_FAMILY") + if clusterIpFamily != "" { + logger.Infof("Using cluster ip family : %s", clusterIpFamily) + } + if csiDriver == bvCsiDriver { - controllerDriverConfig := &driver.ControllerDriverConfig{CsiEndpoint: csioptions.Endpoint, CsiKubeConfig: csioptions.Kubeconfig, CsiMaster: csioptions.Master, EnableControllerServer: true, DriverName: driver.BlockVolumeDriverName, DriverVersion: driver.BlockVolumeDriverVersion} + controllerDriverConfig := &driver.ControllerDriverConfig{CsiEndpoint: csioptions.Endpoint, CsiKubeConfig: csioptions.Kubeconfig, CsiMaster: csioptions.Master, EnableControllerServer: true, DriverName: driver.BlockVolumeDriverName, DriverVersion: driver.BlockVolumeDriverVersion, ClusterIpFamily: clusterIpFamily} drv, err = driver.NewControllerDriver(logger, *controllerDriverConfig) } else { - controllerDriverConfig := &driver.ControllerDriverConfig{CsiEndpoint: csioptions.FssEndpoint, CsiKubeConfig: csioptions.Kubeconfig, CsiMaster: csioptions.Master, EnableControllerServer: true, DriverName: driver.FSSDriverName, DriverVersion: driver.FSSDriverVersion} + controllerDriverConfig := &driver.ControllerDriverConfig{CsiEndpoint: csioptions.FssEndpoint, CsiKubeConfig: csioptions.Kubeconfig, CsiMaster: csioptions.Master, EnableControllerServer: true, DriverName: driver.FSSDriverName, DriverVersion: driver.FSSDriverVersion, ClusterIpFamily: clusterIpFamily} drv, err = driver.NewControllerDriver(logger, *controllerDriverConfig) } if err != nil { diff --git a/cmd/oci-csi-controller-driver/csioptions/csioptions.go b/cmd/oci-csi-controller-driver/csioptions/csioptions.go index 81fea2246a..6e478a19c1 100644 --- a/cmd/oci-csi-controller-driver/csioptions/csioptions.go +++ b/cmd/oci-csi-controller-driver/csioptions/csioptions.go @@ -29,7 +29,7 @@ const ( VolumeAttributesClass = "VolumeAttributesClass" ) -//CSIOptions structure which contains flag values +// CSIOptions structure which contains flag values type CSIOptions struct { Master string Kubeconfig string @@ -63,7 +63,7 @@ type CSIOptions struct { } -//NewCSIOptions initializes the flag +// NewCSIOptions initializes the flag func NewCSIOptions() *CSIOptions { csioptions := CSIOptions{ Master: *flag.String("master", "", "kube master"), diff --git a/cmd/oci-csi-node-driver/main.go b/cmd/oci-csi-node-driver/main.go index 73fe15631e..93ff853983 100644 --- a/cmd/oci-csi-node-driver/main.go +++ b/cmd/oci-csi-node-driver/main.go @@ -37,6 +37,10 @@ func main() { flag.StringVar(&nodecsioptions.Kubeconfig, "kubeconfig", "", "cluster kubeconfig") flag.StringVar(&nodecsioptions.FssEndpoint, "fss-endpoint", "unix://tmp/fss/csi.sock", "FSS CSI endpoint") flag.BoolVar(&nodecsioptions.EnableFssDriver, "fss-csi-driver-enabled", true, "Handle flag to enable FSS CSI driver") + flag.StringVar(&nodecsioptions.LustreEndpoint, "lustre-endpoint", "unix:///var/lib/kubelet/plugins/lustre.csi.oraclecloud.com/csi.sock", "Lustre CSI endpoint") + flag.StringVar(&nodecsioptions.LustreCsiAddress, "lustre-csi-address", "/var/lib/kubelet/plugins/lustre.csi.oraclecloud.com/csi.sock", "Path of the Lustre CSI driver socket that the node-driver-registrar will connect to.") + flag.StringVar(&nodecsioptions.LustreKubeletRegistrationPath, "lustre-kubelet-registration-path", "/var/lib/kubelet/plugins/lustre.csi.oraclecloud.com/csi.sock", "Path of the Lustre CSI driver socket on the Kubernetes host machine.") + flag.BoolVar(&nodecsioptions.OnlyEnableLustreDriver, "only-lustre-csi-driver-enabled", false, "Handle flag to enable Lustre CSI driver") klog.InitFlags(nil) flag.Set("logtostderr", "true") @@ -65,10 +69,26 @@ func main() { EnableControllerServer: false, } + lustreNodeOptions := nodedriveroptions.NodeOptions{ + Name: "Lustre", + Endpoint: nodecsioptions.LustreEndpoint, + NodeID: nodecsioptions.NodeID, + Kubeconfig: nodecsioptions.Kubeconfig, + Master: nodecsioptions.Master, + DriverName: driver.LustreDriverName, + DriverVersion: driver.LustreDriverVersion, + EnableControllerServer: false, + } + stopCh := signals.SetupSignalHandler() - go nodedriver.RunNodeDriver(blockvolumeNodeOptions, stopCh) - if nodecsioptions.EnableFssDriver { - go nodedriver.RunNodeDriver(fssNodeOptions, stopCh) + + if nodecsioptions.OnlyEnableLustreDriver { + go nodedriver.RunNodeDriver(lustreNodeOptions, stopCh) + } else { + go nodedriver.RunNodeDriver(blockvolumeNodeOptions, stopCh) + if nodecsioptions.EnableFssDriver { + go nodedriver.RunNodeDriver(fssNodeOptions, stopCh) + } } <-stopCh } diff --git a/cmd/oci-csi-node-driver/nodedriveroptions/nodecsioptions.go b/cmd/oci-csi-node-driver/nodedriveroptions/nodecsioptions.go index 144900f7eb..12839fde13 100644 --- a/cmd/oci-csi-node-driver/nodedriveroptions/nodecsioptions.go +++ b/cmd/oci-csi-node-driver/nodedriveroptions/nodecsioptions.go @@ -24,6 +24,10 @@ type NodeCSIOptions struct { EnableFssDriver bool FssEndpoint string + OnlyEnableLustreDriver bool + LustreCsiAddress string + LustreKubeletRegistrationPath string + LustreEndpoint string } type NodeOptions struct { diff --git a/docs/load-balancer-annotations.md b/docs/load-balancer-annotations.md index 8b66d97592..690a66c0b0 100644 --- a/docs/load-balancer-annotations.md +++ b/docs/load-balancer-annotations.md @@ -31,29 +31,31 @@ spec: ## Load balancer Specific Annotations -| Name | Description | Default | Example | -|------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|:--------------------------------------------------------:| -| `service.beta.kubernetes.io/oci-load-balancer-internal` | Create an [internal load balancer][1]. Cannot be modified after load balancer creation. | `false` | `false` | -| `service.beta.kubernetes.io/oci-load-balancer-shape` | A template that determines the load balancer's total pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Available shapes include `100Mbps`, `400Mbps`, `8000Mbps` and `flexible`. Use `oci lb shape list` to get the list of shapes supported on your account | `"100Mbps"` | `"100Mbps"` | -| `service.beta.kubernetes.io/oci-load-balancer-shape-flex-min` | A template that determines the load balancer's minimum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible`. | `N/A` | `"100"` | -| `service.beta.kubernetes.io/oci-load-balancer-shape-flex-max` | A template that determines the load balancer's maximum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible`. | `N/A` | `"100"` | -| `service.beta.kubernetes.io/oci-load-balancer-subnet1` | The OCID of the one required regional subnet to attach the load balancer to OR The OCID of the first [subnet][2] of the two required Availability Domain specific subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file | `"ocid1..."` | -| `service.beta.kubernetes.io/oci-load-balancer-subnet2` | The OCID of the second [subnet][2] of the two required subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file | `"ocid1..."` | -| `service.beta.kubernetes.io/oci-load-balancer-health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3` | | -| `service.beta.kubernetes.io/oci-load-balancer-health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a [health check][6]. A [health check][6] is successful only if a reply returns within this timeout period. | `3000` | | -| `service.beta.kubernetes.io/oci-load-balancer-health-check-interval` | The interval between [health checks][6] requests, in milliseconds. | `10000` | | -| `service.beta.kubernetes.io/oci-load-balancer-connection-idle-timeout` | The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. | `300` for TCP listeners, `60` for HTTP listeners | | -| `service.beta.kubernetes.io/oci-load-balancer-security-list-management-mode` | Specifies the [security list mode](##security-list-management-modes) (`"All"`, `"Frontend"`,`"None"`) to configure how security lists are managed by the CCM. | `"All"` | | -| `service.beta.kubernetes.io/oci-load-balancer-backend-protocol` | Specifies protocol on which the listener accepts connection requests. To get a list of valid protocols, use the [`ListProtocols`][5] operation. | `"TCP"` | | -| `service.beta.kubernetes.io/oci-load-balancer-ssl-ports` | The ports to enable SSL termination on the corresponding load balancer listener | `443` | | -| `service.beta.kubernetes.io/oci-load-balancer-tls-secret` | The TLS secret to install on the load balancer listeners which have SSL enabled. | `N/A` | | -| `oci.oraclecloud.com/oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the loadbalancer. Please refer [here][8] for NSG details. Example NSG OCID: `ocid1.networksecuritygroup.oc1.iad.aaa` | `N/A` | `"ocid1...aaa, ocid1...bbb"` | -| `oci.oraclecloud.com/loadbalancer-policy` | Specifies loadbalancer traffic policy for the loadbalancer. To get a list of valid policies, use the [`ListPolicies`][7] operation. | `"ROUND_ROBIN"` | | -| `oci.oraclecloud.com/initial-defined-tags-override` | Specifies one or more Defined tags to apply to the OCI Load Balancer. | `N/A` | `'{"namespace1": {"tag1": "value1", "tag2": "value2"}}'` | -| `oci.oraclecloud.com/initial-freeform-tags-override` | Specifies one or more Freeform tags to apply to the OCI Load Balancer. | `N/A` | `'{"tag1": "value1", "tag2": "value2"}'` | -| `oci.oraclecloud.com/node-label-selector` | Specifies which nodes to add as a backend to the OCI Load Balancer. | `N/A` | | -| `oci.oraclecloud.com/security-rule-management-mode` | Specifies the security rule management mode ("SL-All", "SL-Frontend", "NSG", "None") that configures how security lists are managed by the CCM | `N/A` | `"NSG"` | -| `oci.oraclecloud.com/oci-backend-network-security-group` | Specifies backend Network Security Group(s)' OCID(s) for management of ingress / egress security rules for the LB/NLB by the CCM. Example NSG OCID: `ocid1.networksecuritygroup.oc1.iad.aaa` | `N/A` | `"ocid1...aaa, ocid1...bbb"` | +| Name | Description | Default | Example | +|------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|:----------------------------------------------------------------------------------------:| +| `service.beta.kubernetes.io/oci-load-balancer-internal` | Create an [internal load balancer][1]. Cannot be modified after load balancer creation. | `false` | `false` | +| `service.beta.kubernetes.io/oci-load-balancer-shape` | A template that determines the load balancer's total pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Available shapes include `100Mbps`, `400Mbps`, `8000Mbps` and `flexible`. Use `oci lb shape list` to get the list of shapes supported on your account | `"100Mbps"` | `"100Mbps"` | +| `service.beta.kubernetes.io/oci-load-balancer-shape-flex-min` | A template that determines the load balancer's minimum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible`. | `N/A` | `"100"` | +| `service.beta.kubernetes.io/oci-load-balancer-shape-flex-max` | A template that determines the load balancer's maximum pre-provisioned capacity (bandwidth) for ingress plus egress traffic. Only used when `oci-load-balancer-shape` is set to `flexible`. | `N/A` | `"100"` | +| `service.beta.kubernetes.io/oci-load-balancer-subnet1` | The OCID of the one required regional subnet to attach the load balancer to OR The OCID of the first [subnet][2] of the two required Availability Domain specific subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file | `"ocid1..."` | +| `service.beta.kubernetes.io/oci-load-balancer-subnet2` | The OCID of the second [subnet][2] of the two required subnets to attach the load balancer to. Must be in separate Availability Domains. | Value provided in config file | `"ocid1..."` | +| `service.beta.kubernetes.io/oci-load-balancer-health-check-retries` | The number of retries to attempt before a backend server is considered "unhealthy". | `3` | | +| `service.beta.kubernetes.io/oci-load-balancer-health-check-timeout` | The maximum time, in milliseconds, to wait for a reply to a [health check][6]. A [health check][6] is successful only if a reply returns within this timeout period. | `3000` | | +| `service.beta.kubernetes.io/oci-load-balancer-health-check-interval` | The interval between [health checks][6] requests, in milliseconds. | `10000` | | +| `service.beta.kubernetes.io/oci-load-balancer-connection-idle-timeout` | The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. | `300` for TCP listeners, `60` for HTTP listeners | | +| `service.beta.kubernetes.io/oci-load-balancer-security-list-management-mode` | Specifies the [security list mode](##security-list-management-modes) (`"All"`, `"Frontend"`,`"None"`) to configure how security lists are managed by the CCM. | `"All"` | | +| `service.beta.kubernetes.io/oci-load-balancer-backend-protocol` | Specifies protocol on which the listener accepts connection requests. To get a list of valid protocols, use the [`ListProtocols`][5] operation. | `"TCP"` | | +| `service.beta.kubernetes.io/oci-load-balancer-ssl-ports` | The ports to enable SSL termination on the corresponding load balancer listener | `443` | | +| `service.beta.kubernetes.io/oci-load-balancer-tls-secret` | The TLS secret to install on the load balancer listeners which have SSL enabled. | `N/A` | | +| `oci.oraclecloud.com/oci-network-security-groups` | Specifies Network Security Groups' OCIDs to be associated with the loadbalancer. Please refer [here][8] for NSG details. Example NSG OCID: `ocid1.networksecuritygroup.oc1.iad.aaa` | `N/A` | `"ocid1...aaa, ocid1...bbb"` | +| `oci.oraclecloud.com/loadbalancer-policy` | Specifies loadbalancer traffic policy for the loadbalancer. To get a list of valid policies, use the [`ListPolicies`][7] operation. | `"ROUND_ROBIN"` | | +| `oci.oraclecloud.com/initial-defined-tags-override` | Specifies one or more Defined tags to apply to the OCI Load Balancer. | `N/A` | `'{"namespace1": {"tag1": "value1", "tag2": "value2"}}'` | +| `oci.oraclecloud.com/initial-freeform-tags-override` | Specifies one or more Freeform tags to apply to the OCI Load Balancer. | `N/A` | `'{"tag1": "value1", "tag2": "value2"}'` | +| `oci.oraclecloud.com/node-label-selector` | Specifies which nodes to add as a backend to the OCI Load Balancer. | `N/A` | | +| `oci.oraclecloud.com/security-rule-management-mode` | Specifies the security rule management mode ("SL-All", "SL-Frontend", "NSG", "None") that configures how security lists are managed by the CCM | `N/A` | `"NSG"` | +| `oci.oraclecloud.com/oci-backend-network-security-group` | Specifies backend Network Security Group(s)' OCID(s) for management of ingress / egress security rules for the LB/NLB by the CCM. Example NSG OCID: `ocid1.networksecuritygroup.oc1.iad.aaa` | `N/A` | `"ocid1...aaa, ocid1...bbb"` | +| `oci.oraclecloud.com/oci-load-balancer-listener-ssl-config` | Specifies the cipher suite on the listener of the LB managed by CCM. | `N/A` | `'{"CipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "Protocols":["TLSv1.2"]}'` | +| `oci.oraclecloud.com/oci-load-balancer-backendset-ssl-config"` | Specifies the cipher suite on the backendsets of the LB managed by CCM. | `N/A` | `'{"CipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "Protocols":["TLSv1.2"]}'` | Note: @@ -96,6 +98,7 @@ Note: | `oci-network-load-balancer.oraclecloud.com/is-preserve-source` | Enable or disable the network load balancer to preserve source address of incoming traffic. Can be set only when externalTrafficPolicy is set to Local. | `"true" (if externalTrafficPolicy=Local)` | | `oci.oraclecloud.com/security-rule-management-mode` | Specifies the security rule management mode ("SL-All", "SL-Frontend", "NSG", "None") that configures how security lists are managed by the CCM | `N/A` | | `oci.oraclecloud.com/oci-backend-network-security-group` | Specifies backend Network Security Group(s)' OCID(s) for management of ingress / egress security rules for the LB/NLB by the CCM. Example NSG OCID: `ocid1.networksecuritygroup.oc1.iad.aaa` | `N/A` | +| `oci-network-load-balancer.oraclecloud.com/is-ppv2-enabled` | To enable/disable PPv2 feature for the listeners of your NLB managed by the CCM. | `false` | Note: - The only security list management mode allowed when backend protocol is UDP is "None" @@ -139,3 +142,4 @@ Note: [8]: https://docs.oracle.com/en-us/iaas/Content/Network/Concepts/networksecuritygroups.htm [9]: https://docs.oracle.com/en-us/iaas/Content/NetworkLoadBalancer/introducton.htm#Overview [10]: https://docs.oracle.com/en-us/iaas/Content/Balance/Concepts/balanceoverview.htm +[11]: https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengconfiguringloadbalancersnetworkloadbalancers-subtopic.htm#contengcreatingloadbalancer_topic_Specifying_IPMode diff --git a/go.mod b/go.mod index dbe19e7f91..cf24bb9ccc 100644 --- a/go.mod +++ b/go.mod @@ -6,35 +6,27 @@ replace ( github.com/docker/docker => github.com/docker/engine v0.0.0-20181106193140-f5749085e9cb github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.16.0 google.golang.org/grpc => google.golang.org/grpc v1.60.1 - k8s.io/api => k8s.io/api v0.29.1 - k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.1 - k8s.io/apimachinery => k8s.io/apimachinery v0.29.1 - k8s.io/apiserver => k8s.io/apiserver v0.29.1 - k8s.io/cli-runtime => k8s.io/cli-runtime v0.29.1 - k8s.io/client-go => k8s.io/client-go v0.29.1 - k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.1 - k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.29.1 - k8s.io/code-generator => k8s.io/code-generator v0.29.1 - k8s.io/component-base => k8s.io/component-base v0.29.1 - k8s.io/component-helpers => k8s.io/component-helpers v0.29.1 - k8s.io/controller-manager => k8s.io/controller-manager v0.29.1 - k8s.io/cri-api => k8s.io/cri-api v0.29.1 - k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.1 - k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.29.1 + k8s.io/api => k8s.io/api v0.29.11 + k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.11 + k8s.io/apimachinery => k8s.io/apimachinery v0.29.11 + k8s.io/apiserver => k8s.io/apiserver v0.29.11 + k8s.io/client-go => k8s.io/client-go v0.29.11 + k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.11 + k8s.io/component-base => k8s.io/component-base v0.29.11 + k8s.io/component-helpers => k8s.io/component-helpers v0.29.11 + k8s.io/controller-manager => k8s.io/controller-manager v0.29.11 + k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.11 + k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.29.11 k8s.io/endpointslice => k8s.io/kubernetes/staging/src/k8s.io/endpointslice v0.0.0-20230810203337-add7e14df11e - k8s.io/kms => k8s.io/kms v0.29.1 - k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.1 - k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.1 - k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.1 - k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.1 - k8s.io/kubectl => k8s.io/kubectl v0.29.1 - k8s.io/kubelet => k8s.io/kubelet v0.29.1 - k8s.io/kubernetes => k8s.io/kubernetes v1.29.1 - k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.29.1 - k8s.io/metrics => k8s.io/metrics v0.29.1 - k8s.io/mount-utils => k8s.io/mount-utils v0.29.1 - k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.29.1 - k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.29.1 + k8s.io/kms => k8s.io/kms v0.29.11 + k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.11 + k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.11 + k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.11 + k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.11 + k8s.io/kubectl => k8s.io/kubectl v0.29.11 + k8s.io/kubelet => k8s.io/kubelet v0.29.11 + k8s.io/kubernetes => k8s.io/kubernetes v1.29.11 + k8s.io/mount-utils => k8s.io/mount-utils v0.29.11 ) require ( @@ -45,40 +37,42 @@ require ( github.com/kubernetes-csi/external-snapshotter/client/v6 v6.3.0 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.30.0 - github.com/oracle/oci-go-sdk/v65 v65.56.0 + github.com/oracle/oci-go-sdk/v65 v65.79.0 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.17.0 github.com/spf13/cobra v1.8.0 // indirect github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.8.1 go.uber.org/zap v1.26.0 - golang.org/x/net v0.21.0 + golang.org/x/net v0.23.0 golang.org/x/sys v0.18.0 // indirect google.golang.org/grpc v1.60.1 gopkg.in/natefinch/lumberjack.v2 v2.2.1 gopkg.in/yaml.v2 v2.4.0 - k8s.io/api v0.29.1 - k8s.io/apimachinery v0.29.1 - k8s.io/apiserver v0.29.1 // indirect + k8s.io/api v0.29.11 + k8s.io/apimachinery v0.29.11 + k8s.io/apiserver v0.29.11 // indirect k8s.io/client-go v1.5.2 - k8s.io/cloud-provider v0.29.1 - k8s.io/component-base v0.29.1 - k8s.io/component-helpers v0.29.1 - k8s.io/controller-manager v0.29.1 // indirect - k8s.io/csi-translation-lib v0.29.1 // indirect + k8s.io/cloud-provider v0.29.11 + k8s.io/component-base v0.29.11 + k8s.io/component-helpers v0.29.11 + k8s.io/controller-manager v0.29.11 // indirect + k8s.io/csi-translation-lib v0.29.11 // indirect k8s.io/klog v1.0.0 k8s.io/klog/v2 v2.110.1 - k8s.io/kubelet v0.29.1 // indirect - k8s.io/kubernetes v1.29.1 - k8s.io/mount-utils v0.29.1 + k8s.io/kubelet v0.29.11 // indirect + k8s.io/kubernetes v1.29.11 + k8s.io/mount-utils v0.29.11 k8s.io/utils v0.0.0-20230726121419-3b25d923346b sigs.k8s.io/sig-storage-lib-external-provisioner/v9 v9.1.0-rc.0 ) require ( + github.com/stretchr/testify v1.9.0 golang.org/x/sync v0.5.0 google.golang.org/protobuf v1.33.0 - k8s.io/apiextensions-apiserver v0.29.1 + gopkg.in/yaml.v3 v3.0.1 + k8s.io/apiextensions-apiserver v0.29.11 ) require ( @@ -140,6 +134,7 @@ require ( github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/selinux v1.11.0 // indirect github.com/pelletier/go-toml v1.9.3 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.5.0 // indirect github.com/prometheus/common v0.45.0 // indirect github.com/prometheus/procfs v0.12.0 // indirect @@ -177,12 +172,11 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.62.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/kms v0.29.1 // indirect + k8s.io/kms v0.29.11 // indirect k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect k8s.io/kube-scheduler v0.0.0 // indirect - k8s.io/kubectl v0.29.1 // indirect - sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.3 // indirect + k8s.io/kubectl v0.29.11 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect sigs.k8s.io/yaml v1.4.0 // indirect diff --git a/go.sum b/go.sum index c03cbba494..6c6f6097d8 100644 --- a/go.sum +++ b/go.sum @@ -1205,8 +1205,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/oracle/oci-go-sdk/v65 v65.56.0 h1:o5na2VTSoH6LDLDrIB81XAjgtok6utLrixNO1TySN7c= -github.com/oracle/oci-go-sdk/v65 v65.56.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= +github.com/oracle/oci-go-sdk/v65 v65.79.0 h1:Tv9L1XTKWkdXtSViMbP+dA93WunquvW++/2s5pOvOgU= +github.com/oracle/oci-go-sdk/v65 v65.79.0/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0= github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pelletier/go-toml v1.9.3 h1:zeC5b1GviRUyKYd6OJPvBU/mcVDVoL1OhT17FCt5dSQ= github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= @@ -1276,8 +1276,9 @@ github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AV github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= @@ -1289,8 +1290,9 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/subosito/gotenv v1.2.0 h1:Slr1R9HxAlEKefgq5jn9U+DnETlIUa6HfgEzj0g5d7s= github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw= github.com/tmc/grpc-websocket-proxy v0.0.0-20220101234140-673ab2c3ae75 h1:6fotK7otjonDflCTK0BCfls4SPy3NcCVb5dqqmbRknE= @@ -1509,8 +1511,8 @@ golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ= golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4= -golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= +golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= +golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2079,44 +2081,44 @@ honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.1.3/go.mod h1:NgwopIslSNH47DimFoV78dnkksY2EFtX0ajyb3K/las= -k8s.io/api v0.29.1 h1:DAjwWX/9YT7NQD4INu49ROJuZAAAP/Ijki48GUPzxqw= -k8s.io/api v0.29.1/go.mod h1:7Kl10vBRUXhnQQI8YR/R327zXC8eJ7887/+Ybta+RoQ= -k8s.io/apiextensions-apiserver v0.29.1 h1:S9xOtyk9M3Sk1tIpQMu9wXHm5O2MX6Y1kIpPMimZBZw= -k8s.io/apiextensions-apiserver v0.29.1/go.mod h1:zZECpujY5yTW58co8V2EQR4BD6A9pktVgHhvc0uLfeU= -k8s.io/apimachinery v0.29.1 h1:KY4/E6km/wLBguvCZv8cKTeOwwOBqFNjwJIdMkMbbRc= -k8s.io/apimachinery v0.29.1/go.mod h1:6HVkd1FwxIagpYrHSwJlQqZI3G9LfYWRPAkUvLnXTKU= -k8s.io/apiserver v0.29.1 h1:e2wwHUfEmMsa8+cuft8MT56+16EONIEK8A/gpBSco+g= -k8s.io/apiserver v0.29.1/go.mod h1:V0EpkTRrJymyVT3M49we8uh2RvXf7fWC5XLB0P3SwRw= -k8s.io/client-go v0.29.1 h1:19B/+2NGEwnFLzt0uB5kNJnfTsbV8w6TgQRz9l7ti7A= -k8s.io/client-go v0.29.1/go.mod h1:TDG/psL9hdet0TI9mGyHJSgRkW3H9JZk2dNEUS7bRks= -k8s.io/cloud-provider v0.29.1 h1:bDLpOSpysWrtU2PCkvyP2sUTwRBa6MGCmxt68CRRW/8= -k8s.io/cloud-provider v0.29.1/go.mod h1:u50Drm6AbuoKpsVbAstNiFHGgbSVHuJV4TWN5imdM2w= -k8s.io/component-base v0.29.1 h1:MUimqJPCRnnHsskTTjKD+IC1EHBbRCVyi37IoFBrkYw= -k8s.io/component-base v0.29.1/go.mod h1:fP9GFjxYrLERq1GcWWZAE3bqbNcDKDytn2srWuHTtKc= -k8s.io/component-helpers v0.29.1 h1:54MMEDu6xeJmMtAKztsPwu0kJKr4+jCUzaEIn2UXRoc= -k8s.io/component-helpers v0.29.1/go.mod h1:+I7xz4kfUgxWAPJIVKrqe4ml4rb9UGpazlOmhXYo+cY= -k8s.io/controller-manager v0.29.1 h1:bTnJFF/OWooRVeJ4QLA1ApuPH+fjHSmcVMMeL7qvI2E= -k8s.io/controller-manager v0.29.1/go.mod h1:fVhGGuBiB0B2yT2+OHXZaA88owVn5zkv18A+G9E9Qlw= -k8s.io/csi-translation-lib v0.29.1 h1:b2tYZnnHyrQVHG6GYel7egmVvKeIlX/xbTNm9ynBSUg= -k8s.io/csi-translation-lib v0.29.1/go.mod h1:Zglui6PgFSew8ux50djwZ3PFK6eNrWktid66D7pHDDo= +k8s.io/api v0.29.11 h1:6FwDo33f1WX5Yu0RQTX9YAd3wth8Ik0B4SXQKsoQfbk= +k8s.io/api v0.29.11/go.mod h1:3TDAW1OpFbz/Yx5r0W06b6eiAfHEwtH61VYDzpTU4Ng= +k8s.io/apiextensions-apiserver v0.29.11 h1:ytJJQ8EK0GzPa80tnPkfDoBGoNPMwqfaSWwg4FKmbEU= +k8s.io/apiextensions-apiserver v0.29.11/go.mod h1:eqKsza/nErdFNltXoVZmRt9vX99ooDLDMTcIcOG0ueg= +k8s.io/apimachinery v0.29.11 h1:55+6ue9advpA7T0sX2ZJDHCLKuiFfrAAR/39VQN9KEQ= +k8s.io/apimachinery v0.29.11/go.mod h1:i3FJVwhvSp/6n8Fl4K97PJEP8C+MM+aoDq4+ZJBf70Y= +k8s.io/apiserver v0.29.11 h1:EXcv4/3iIKWG5tWI2ywdMY86jpxYw6WDAdMrBKUMkSc= +k8s.io/apiserver v0.29.11/go.mod h1:lnoWXh0J75ei1h4/F5ZbOEd7byiAVasherLB6Snzl/I= +k8s.io/client-go v0.29.11 h1:mBX7Ub0uqpLMwWz3J/AGS/xKOZsjr349qZ1vxVoL1l8= +k8s.io/client-go v0.29.11/go.mod h1:WOEoi/eLg2YEg3/yEd7YK3CNScYkM8AEScQadxUnaTE= +k8s.io/cloud-provider v0.29.11 h1:TrpRhwL1zJupJDi9mXRxUNvqkHm03U7RoQpFA7SLwc4= +k8s.io/cloud-provider v0.29.11/go.mod h1:MTGplcJnpST/nGFbhb5zGhdI23wGjEEaEi9G+17qgPk= +k8s.io/component-base v0.29.11 h1:H3GJIyDNPrscvXGP6wx+9gApcwwmrUd0YtCGp5BcHBA= +k8s.io/component-base v0.29.11/go.mod h1:0qu1WStER4wu5o8RMRndZUWPVcPH1XBy/QQiDcD6lew= +k8s.io/component-helpers v0.29.11 h1:GdZaSLBLlCa+EzjAnpZ4fGB75rA3qqPLLZKk+CsqNyo= +k8s.io/component-helpers v0.29.11/go.mod h1:gloyih9IiE4Qy/7iLUXqAmxYSUduuIpMCiNYuHfYvD4= +k8s.io/controller-manager v0.29.11 h1:gJkqYKh56fKnZz6lYXByPdMvxYynBukePXm1vpMsVLg= +k8s.io/controller-manager v0.29.11/go.mod h1:K45e2ADRO3o4RD5LaefDS/h/VwwG6uJkTa3mEiChe/4= +k8s.io/csi-translation-lib v0.29.11 h1:G2tMJmh0VgDs93wS3sBKm1+igP/9A2asUs+VKF+lfNg= +k8s.io/csi-translation-lib v0.29.11/go.mod h1:lJX2ZB89tPHQV2ITLxpkYWyfrHv5oRQf+xzjwkBNwxU= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog/v2 v2.110.1 h1:U/Af64HJf7FcwMcXyKm2RPM22WZzyR7OSpYj5tg3cL0= k8s.io/klog/v2 v2.110.1/go.mod h1:YGtd1984u+GgbuZ7e08/yBuAfKLSO0+uR1Fhi6ExXjo= -k8s.io/kms v0.29.1 h1:6dMOaxllwiAZ8p3Hys65b78MDG+hONpBBpk1rQsaEtk= -k8s.io/kms v0.29.1/go.mod h1:Hqkx3zEGWThUTbcSkK508DUv4c1HOJOB5qihSoLBWgU= +k8s.io/kms v0.29.11 h1:pylaiDJhgfqczvcjMDPI89+VH0OVoGQhscPH1VbBzQE= +k8s.io/kms v0.29.11/go.mod h1:vWVImKkJd+1BQY4tBwdfSwjQBiLrnbNtHADcDEDQFtk= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/AuzbMm96cd3YHRTU83I780= k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= -k8s.io/kube-scheduler v0.29.1 h1:EKhEBriMl5t/NVjPjUr4he11ghe5BZocur49NOXIrWk= -k8s.io/kube-scheduler v0.29.1/go.mod h1:MQhjK51HUNq0WQ2z+qRWgEnDwD7/XQm3y9XfvrNSmek= -k8s.io/kubectl v0.29.1 h1:rWnW3hi/rEUvvg7jp4iYB68qW5un/urKbv7fu3Vj0/s= -k8s.io/kubectl v0.29.1/go.mod h1:SZzvLqtuOJYSvZzPZR9weSuP0wDQ+N37CENJf0FhDF4= -k8s.io/kubelet v0.29.1 h1:cso8Dk8dymkj8q+EvW/aCbIYU2aOkH27gho48tYza/8= -k8s.io/kubelet v0.29.1/go.mod h1:hTl/naFcCVG1Ku17fMgj/krbheBwBkf3gnFhaboMx7E= -k8s.io/kubernetes v1.29.1 h1:fxJFVb8uqbYZDYHpwIsAndBQs360cQGb0xa1gYFh3fo= -k8s.io/kubernetes v1.29.1/go.mod h1:xZPKU0yO0CBbLTnbd+XGyRmmtmaVuJykDb8gNCkeeUE= -k8s.io/mount-utils v0.29.1 h1:veXlIm52Y4tm3H0pG03cOdkw0KOJxYDa0fQqhJCoqvQ= -k8s.io/mount-utils v0.29.1/go.mod h1:9IWJTMe8tG0MYMLEp60xK9GYVeCdA3g4LowmnVi+t9Y= +k8s.io/kube-scheduler v0.29.11 h1:smH2FQSEj5tEJgOX6RSuKZZHEC+6Lmruhr/ipEBCgRU= +k8s.io/kube-scheduler v0.29.11/go.mod h1:ALv5HFRjvFwIvsLejKfJXDYyWxYn6d5C2xYzVRKHMSc= +k8s.io/kubectl v0.29.11 h1:rxflwYQ1kmeEUVPWNevKLTtWjNfLrFSzLRZJoPolguU= +k8s.io/kubectl v0.29.11/go.mod h1:b6IhZyA/zp7q6kbiYfm5B3xwVPodVUvpfN6VG0LwA30= +k8s.io/kubelet v0.29.11 h1:V06Kr+CO5m6t4fdK+ZUfGBGB+9n5EE4DyMVflaRV34Q= +k8s.io/kubelet v0.29.11/go.mod h1:PCUTi0GGtVmewNoFeUiM5IGv3BKSNcuFogaMxiKEWmg= +k8s.io/kubernetes v1.29.11 h1:8JR33gU38Zq1FS7GvOOxDEgwR+OfjI5umSitd7aAqak= +k8s.io/kubernetes v1.29.11/go.mod h1:L6/pfKQZ6Tv2O8gyT4OxhGZp+nNsjV54xtNodRoup9k= +k8s.io/mount-utils v0.29.11 h1:8CG16bFCo7uhHj1HrQAzGCUzdVrLiWdZKQAxAUDMteQ= +k8s.io/mount-utils v0.29.11/go.mod h1:SHUMR9n3b6tLgEmlyT36cL6fV6Sjwa5CJhc0guCXvb0= k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI= k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk= @@ -2174,8 +2176,8 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.3 h1:IYXtJZpv6oAlx8Als8uIkxq2P3BlvqQfS8dt65obcco= -sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.3/go.mod h1:z7+wmGM2dfIiLRfrC6jb5kV2Mq/sK1ZP303cxzkV5Y4= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 h1:TgtAeesdhpm2SGwkQasmbeqDo8th5wOBA5h/AjTKA4I= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0/go.mod h1:VHVDI/KrK4fjnV61bE2g3sA7tiETLn8sooImelsCx3Y= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/sig-storage-lib-external-provisioner/v9 v9.1.0-rc.0 h1:0aLQSafwBXlXTPiA9wJK5wEDsgYUh5uJlKHpBw9dwCk= diff --git a/hack/existing-standalone-cluster-env-template.sh b/hack/existing-standalone-cluster-env-template.sh index 82ed014cec..2b3bdf47a7 100755 --- a/hack/existing-standalone-cluster-env-template.sh +++ b/hack/existing-standalone-cluster-env-template.sh @@ -16,6 +16,9 @@ # The test suites to run (can replace or add tags) export FOCUS="\[cloudprovider\]" +# The test suites to skip (can replace or add tags) +export FOCUS_SKIP="" + # Scope can be ARM / AMD / BOTH # Mandatory export SCOPE="BOTH" diff --git a/hack/run_e2e_test.sh b/hack/run_e2e_test.sh index 4e59d3926d..b6e8859a3c 100755 --- a/hack/run_e2e_test.sh +++ b/hack/run_e2e_test.sh @@ -48,7 +48,7 @@ function run_e2e_tests_existing_cluster() { fi if [ "$ENABLE_PARALLEL_RUN" == "true" ] || [ "$ENABLE_PARALLEL_RUN" == "TRUE" ]; then - ginkgo -v -p -progress --trace "${FOCUS_OPT}" "${FOCUS_FP_OPT}" \ + ginkgo -v -p -progress --trace "${FOCUS_OPT}" "${FOCUS_SKIP_OPT}" "${FOCUS_FP_OPT}" \ test/e2e/cloud-provider-oci -- \ --cluster-kubeconfig=${CLUSTER_KUBECONFIG} \ --cloud-config=${CLOUD_CONFIG} \ @@ -64,12 +64,13 @@ function run_e2e_tests_existing_cluster() { --reserved-ip=${RESERVED_IP} \ --architecture=${ARCHITECTURE} \ --volume-handle=${FSS_VOLUME_HANDLE} \ + --lustre-volume-handle=${LUSTRE_VOLUME_HANDLE} \ --static-snapshot-compartment-id=${STATIC_SNAPSHOT_COMPARTMENT_ID} \ --enable-parallel-run=${ENABLE_PARALLEL_RUN} \ --run-uhp-e2e=${RUN_UHP_E2E} \ --add-oke-system-tags="false" else - ginkgo -v -progress --trace -nodes=${E2E_NODE_COUNT} "${FOCUS_OPT}" "${FOCUS_FP_OPT}" \ + ginkgo -v -progress --trace -nodes=${E2E_NODE_COUNT} "${FOCUS_OPT}" "${FOCUS_SKIP_OPT}" "${FOCUS_FP_OPT}" \ ginkgo -v -p -progress --trace "${FOCUS_OPT}" "${FOCUS_FP_OPT}" \ test/e2e/cloud-provider-oci -- \ --cluster-kubeconfig=${CLUSTER_KUBECONFIG} \ @@ -86,6 +87,7 @@ function run_e2e_tests_existing_cluster() { --reserved-ip=${RESERVED_IP} \ --architecture=${ARCHITECTURE} \ --volume-handle=${FSS_VOLUME_HANDLE} \ + --lustre-volume-handle=${LUSTRE_VOLUME_HANDLE} \ --static-snapshot-compartment-id=${STATIC_SNAPSHOT_COMPARTMENT_ID} \ --enable-parallel-run=${ENABLE_PARALLEL_RUN} \ --run-uhp-e2e=${RUN_UHP_E2E} \ @@ -98,8 +100,11 @@ function run_e2e_tests_existing_cluster() { function set_focus () { # The FOCUS environment variable can be set with a regex to tun selected tests # e.g. export FOCUS="\[cloudprovider\]" + # e.g. export FILES="true" && export FOCUS="\[fss_\]" would run E2Es from both fss_dynamic.go and fss_static.go (FOCUS used for file regex instead) + # e.g. export FOCUS="\[cloudprovider\]" && export FOCUS_SKIP="\[node-update\]" would run all E2Es except ones that have "\[node-update\]" FOCUS. export FOCUS_OPT="" export FOCUS_FP_OPT="" + export FOCUS_SKIP_OPT="" if [ ! -z "${FOCUS}" ]; then # Because we tag our test descriptions with tags that are surrounded # by square brackets, we have to escape the brackets when we set the @@ -121,9 +126,24 @@ function set_focus () { # e.g. export FILES="true" if [[ ! -z "${FILES}" && "${FILES}" == "true" ]]; then echo "Running focused test regex as filepath expression." - FOCUS_FP_OPT="-regexScansFilePath=${FILES}" + FOCUS_FP_OPT="-regexScansFilePath=${FOCUS}" fi fi + + # e.g. export FOCUS_SKIP="\[node-update\]" would run all E2Es except ones that have "\[node-update\]" FOCUS. + # If FOCUS is set as well, all E2Es with FOCUS will run except ones that are covered by SKIP_FOCUS + if [ ! -z "${FOCUS_SKIP}" ]; then + # Same for skipping tests with certain FOCUS. + re1='^\[.+\]$' # [ccm] + if [[ "${FOCUS_SKIP}" =~ $re1 ]]; then + echo -E "Escaping square brackes in ${FOCUS_SKIP} to work as a regex match." + FOCUS_SKIP=$(echo $FOCUS_SKIP|sed -e 's/\[/\\[/g' -e 's/\]/\\]/g') + echo -E "Modified FOCUS_SKIP value to: ${FOCUS_SKIP}" + fi + + echo "Skipping focused tests: ${FOCUS_SKIP}" + FOCUS_SKIP_OPT="-skip=${FOCUS_SKIP}" + fi } echo "CLUSTER_KUBECONFIG is ${CLUSTER_KUBECONFIG}" diff --git a/manifests/cloud-controller-manager/oci-cloud-controller-manager.yaml b/manifests/cloud-controller-manager/oci-cloud-controller-manager.yaml index 2fe6246b62..817dc97d19 100644 --- a/manifests/cloud-controller-manager/oci-cloud-controller-manager.yaml +++ b/manifests/cloud-controller-manager/oci-cloud-controller-manager.yaml @@ -42,7 +42,7 @@ spec: path: /etc/kubernetes containers: - name: oci-cloud-controller-manager - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 command: ["/usr/local/bin/oci-cloud-controller-manager"] args: - --cloud-config=/etc/oci/cloud-provider.yaml diff --git a/manifests/container-storage-interface/oci-csi-controller-driver.yaml b/manifests/container-storage-interface/oci-csi-controller-driver.yaml index fda4d5254b..0106bc9e02 100644 --- a/manifests/container-storage-interface/oci-csi-controller-driver.yaml +++ b/manifests/container-storage-interface/oci-csi-controller-driver.yaml @@ -74,7 +74,7 @@ spec: - mountPath: /var/run/shared-tmpfs name: shared-tmpfs - name: snapshot-controller - image: registry.k8s.io/sig-storage/snapshot-controller:v6.2.0 + image: registry.k8s.io/sig-storage/snapshot-controller:v6.3.0 args: - --leader-election imagePullPolicy: "IfNotPresent" @@ -82,7 +82,7 @@ spec: - mountPath: /var/run/shared-tmpfs name: shared-tmpfs - name: csi-snapshotter - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.2.0 + image: registry.k8s.io/sig-storage/csi-snapshotter:v6.3.0 args: - --csi-address=/var/run/shared-tmpfs/csi.sock - --leader-election @@ -96,7 +96,7 @@ spec: - --fss-csi-endpoint=unix://var/run/shared-tmpfs/csi-fss.sock command: - /usr/local/bin/oci-csi-controller-driver - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 imagePullPolicy: IfNotPresent volumeMounts: - name: config diff --git a/manifests/container-storage-interface/oci-csi-node-driver.yaml b/manifests/container-storage-interface/oci-csi-node-driver.yaml index 79c0342020..a57e879d43 100644 --- a/manifests/container-storage-interface/oci-csi-node-driver.yaml +++ b/manifests/container-storage-interface/oci-csi-node-driver.yaml @@ -117,7 +117,7 @@ spec: fieldPath: spec.nodeName - name: PATH value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/host/usr/bin:/host/sbin - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 securityContext: privileged: true volumeMounts: @@ -152,7 +152,7 @@ spec: args: - --csi-address=/csi/csi.sock - --kubelet-registration-path=/var/lib/kubelet/plugins/blockvolume.csi.oraclecloud.com/csi.sock - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 securityContext: privileged: true lifecycle: @@ -171,7 +171,7 @@ spec: args: - --csi-address=/fss/csi.sock - --kubelet-registration-path=/var/lib/kubelet/plugins/fss.csi.oraclecloud.com/csi.sock - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.0 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.12.0 securityContext: privileged: true lifecycle: diff --git a/manifests/container-storage-interface/oci-csi-node-rbac.yaml b/manifests/container-storage-interface/oci-csi-node-rbac.yaml index 36de8dcd7a..cc9ab5ef0f 100644 --- a/manifests/container-storage-interface/oci-csi-node-rbac.yaml +++ b/manifests/container-storage-interface/oci-csi-node-rbac.yaml @@ -56,6 +56,9 @@ rules: - apiGroups: [ "snapshot.storage.k8s.io" ] resources: [ "volumesnapshots/status" ] verbs: [ "update", "patch" ] + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "list", "watch", "create"] --- kind: ClusterRoleBinding diff --git a/manifests/flexvolume-driver/oci-flexvolume-driver.yaml b/manifests/flexvolume-driver/oci-flexvolume-driver.yaml index 46209b0a69..d7dcf41c5d 100644 --- a/manifests/flexvolume-driver/oci-flexvolume-driver.yaml +++ b/manifests/flexvolume-driver/oci-flexvolume-driver.yaml @@ -40,7 +40,7 @@ spec: secretName: oci-flexvolume-driver containers: - name: oci-flexvolume-driver - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 command: ["/usr/local/bin/install.py", "-c", "/tmp/config.yaml"] securityContext: privileged: true @@ -76,7 +76,7 @@ spec: type: DirectoryOrCreate containers: - name: oci-flexvolume-driver - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 command: ["/usr/local/bin/install.py"] securityContext: privileged: true diff --git a/manifests/volume-provisioner/oci-volume-provisioner-fss.yaml b/manifests/volume-provisioner/oci-volume-provisioner-fss.yaml index 613fbd2ce3..1c8d899700 100644 --- a/manifests/volume-provisioner/oci-volume-provisioner-fss.yaml +++ b/manifests/volume-provisioner/oci-volume-provisioner-fss.yaml @@ -35,7 +35,7 @@ spec: secretName: oci-volume-provisioner containers: - name: oci-volume-provisioner - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 command: ["/usr/local/bin/oci-volume-provisioner"] env: - name: NODE_NAME diff --git a/manifests/volume-provisioner/oci-volume-provisioner.yaml b/manifests/volume-provisioner/oci-volume-provisioner.yaml index 7c754a50f5..ff39b7e6ce 100644 --- a/manifests/volume-provisioner/oci-volume-provisioner.yaml +++ b/manifests/volume-provisioner/oci-volume-provisioner.yaml @@ -35,7 +35,7 @@ spec: secretName: oci-volume-provisioner containers: - name: oci-volume-provisioner - image: ghcr.io/oracle/cloud-provider-oci:v1.29.0 + image: ghcr.io/oracle/cloud-provider-oci:v1.29.1 command: ["/usr/local/bin/oci-volume-provisioner"] env: - name: NODE_NAME diff --git a/pkg/cloudprovider/providers/oci/ccm.go b/pkg/cloudprovider/providers/oci/ccm.go index 225c072e57..6af041abe3 100644 --- a/pkg/cloudprovider/providers/oci/ccm.go +++ b/pkg/cloudprovider/providers/oci/ccm.go @@ -100,7 +100,7 @@ func NewCloudProvider(config *providercfg.Config) (cloudprovider.Interface, erro rateLimiter := client.NewRateLimiter(logger.Sugar(), config.RateLimiter) - c, err := client.New(logger.Sugar(), cp, &rateLimiter) + c, err := client.New(logger.Sugar(), cp, &rateLimiter, config.Auth.TenancyID) if err != nil { return nil, err } @@ -116,7 +116,7 @@ func NewCloudProvider(config *providercfg.Config) (cloudprovider.Interface, erro if !config.LoadBalancer.Disabled && config.VCNID == "" { logger.Info("No VCN provided in cloud provider config. Falling back to looking up VCN via LB subnet.") - subnet, err := c.Networking().GetSubnet(context.Background(), config.LoadBalancer.Subnet1) + subnet, err := c.Networking(nil).GetSubnet(context.Background(), config.LoadBalancer.Subnet1) if err != nil { return nil, errors.Wrap(err, "get subnet for loadBalancer.subnet1") } @@ -165,6 +165,7 @@ func init() { // Initialize passes a Kubernetes clientBuilder interface to the cloud provider. func (cp *CloudProvider) Initialize(clientBuilder cloudprovider.ControllerClientBuilder, stop <-chan struct{}) { var err error + //var sbcStopChannel = make(chan struct{}) cp.kubeclient, err = clientBuilder.Client("cloud-controller-manager") if err != nil { utilruntime.HandleError(fmt.Errorf("failed to create kubeclient: %v", err)) @@ -199,6 +200,23 @@ func (cp *CloudProvider) Initialize(clientBuilder cloudprovider.ControllerClient cp.ServiceAccountLister = serviceAccountInformer.Lister() + /* StorageBackfillController not applicable for Open Source CCM + enableStorageBackfillController := GetIsFeatureEnabledFromEnv(cp.logger, resourceTrackingFeatureFlagName, false) + if enableStorageBackfillController { + cp.logger.Info("Starting storage backfill controller") + + storageBackfillController := NewStorageBackfillController( + cp.kubeclient, + cp.client, + cp.logger, + cp.metricPusher, + cp.config, + pvInformer.Lister(), + ) + go storageBackfillController.Run(sbcStopChannel) + } + */ + cp.securityListManagerFactory = func(mode string) securityListManager { if cp.config.LoadBalancer.Disabled { return newSecurityListManagerNOOP() diff --git a/pkg/cloudprovider/providers/oci/instances.go b/pkg/cloudprovider/providers/oci/instances.go index 106a8f26cf..e3540e9b97 100644 --- a/pkg/cloudprovider/providers/oci/instances.go +++ b/pkg/cloudprovider/providers/oci/instances.go @@ -18,17 +18,26 @@ import ( "context" "fmt" "net" - - "github.com/oracle/oci-go-sdk/v65/core" - "k8s.io/apimachinery/pkg/labels" + "strings" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" + "github.com/oracle/oci-go-sdk/v65/core" "github.com/pkg/errors" api "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/types" cloudprovider "k8s.io/cloud-provider" ) +const ( + VirtualNodePoolIdAnnotation = "oci.oraclecloud.com/virtual-node-pool-id" + IPv4NodeIPFamilyLabel = "oci.oraclecloud.com/ip-family-ipv4" + IPv6NodeIPFamilyLabel = "oci.oraclecloud.com/ip-family-ipv6" + OpenShiftTagNamesapcePrefix = "openshift-" + OpenShiftBootVolumeType = "boot-volume-type" + OpenShiftBootVolumeISCSI = "ISCSI" +) + var _ cloudprovider.Instances = &CloudProvider{} // mapNodeNameToInstanceName maps a kube NodeName to a OCI instance display @@ -66,7 +75,7 @@ func (cp *CloudProvider) getCompartmentIDByInstanceID(instanceID string) (string } func (cp *CloudProvider) extractNodeAddresses(ctx context.Context, instanceID string) ([]api.NodeAddress, error) { - addresses := []api.NodeAddress{} + var addresses []api.NodeAddress compartmentID, err := cp.getCompartmentIDByInstanceID(instanceID) if err != nil { return nil, err @@ -96,7 +105,82 @@ func (cp *CloudProvider) extractNodeAddresses(ctx context.Context, instanceID st } addresses = append(addresses, api.NodeAddress{Type: api.NodeExternalIP, Address: ip.String()}) } + nodeIpFamily, err := cp.getNodeIpFamily(instanceID) + if err != nil { + return nil, err + } + if contains(nodeIpFamily, IPv6) { + if vnic.Ipv6Addresses != nil { + for _, ipv6Addresses := range vnic.Ipv6Addresses { + if ipv6Addresses != "" { + ip := net.ParseIP(ipv6Addresses) + if ip == nil { + return nil, errors.Errorf("instance has invalid ipv6 address: %q", vnic.Ipv6Addresses[0]) + } + if ip.IsPrivate() { + addresses = append(addresses, api.NodeAddress{Type: api.NodeInternalIP, Address: ip.String()}) + } else { + addresses = append(addresses, api.NodeAddress{Type: api.NodeExternalIP, Address: ip.String()}) + } + } + } + } + } + + OpenShiftTagNamesapce := cp.getOpenShiftTagNamespaceByInstance(ctx, instanceID) + + if OpenShiftTagNamesapce != "" { + secondaryVnics, err := cp.client.Compute().GetSecondaryVNICsForInstance(ctx, compartmentID, instanceID) + if err != nil { + return nil, err + } + + if secondaryVnics == nil || len(secondaryVnics) == 0 { + return addresses, nil + } + for _, secondaryVnic := range secondaryVnics { + if cp.checkOpenShiftISCSIBootVolumeTagByVnic(ctx, secondaryVnic, OpenShiftTagNamesapce) { + if (secondaryVnic.IsPrimary == nil || !*secondaryVnic.IsPrimary) && secondaryVnic.PrivateIp != nil && *secondaryVnic.PrivateIp != "" { + ip := net.ParseIP(*secondaryVnic.PrivateIp) + if ip == nil { + return nil, fmt.Errorf("instance has invalid private address: %q", *secondaryVnic.PrivateIp) + } + addresses = append(addresses, api.NodeAddress{Type: api.NodeInternalIP, Address: ip.String()}) + } + + if (secondaryVnic.IsPrimary == nil || !*secondaryVnic.IsPrimary) && secondaryVnic.PublicIp != nil && *secondaryVnic.PublicIp != "" { + ip := net.ParseIP(*secondaryVnic.PublicIp) + if ip == nil { + return nil, errors.Errorf("instance has invalid public address: %q", *secondaryVnic.PublicIp) + } + addresses = append(addresses, api.NodeAddress{Type: api.NodeExternalIP, Address: ip.String()}) + } + } + } + nodeIpFamily, err := cp.getNodeIpFamily(instanceID) + if err != nil { + return nil, err + } + if contains(nodeIpFamily, IPv6) { + if vnic.Ipv6Addresses != nil { + for _, ipv6Addresses := range vnic.Ipv6Addresses { + if ipv6Addresses != "" { + ip := net.ParseIP(ipv6Addresses) + if ip == nil { + return nil, errors.Errorf("instance has invalid ipv6 address: %q", vnic.Ipv6Addresses[0]) + } + if ip.IsPrivate() { + addresses = append(addresses, api.NodeAddress{Type: api.NodeInternalIP, Address: ip.String()}) + } else { + addresses = append(addresses, api.NodeAddress{Type: api.NodeExternalIP, Address: ip.String()}) + } + } + } + } + } + } + // OKE does not support setting DNS since this changes the override hostname we setup to be the ip address. // Changing this can have wide reaching impact. // // if vnic.HostnameLabel != nil && *vnic.HostnameLabel != "" { @@ -120,6 +204,38 @@ func (cp *CloudProvider) extractNodeAddresses(ctx context.Context, instanceID st return addresses, nil } +// getNodeIpFamily checks if label exists in the Node +// oci.oraclecloud.com/ip-family-ipv4 +// oci.oraclecloud.com/ip-family-ipv6 +func (cp *CloudProvider) getNodeIpFamily(instanceId string) ([]string, error) { + nodeIpFamily := []string{} + nodeList, err := cp.NodeLister.List(labels.Everything()) + if err != nil { + return nodeIpFamily, errors.Wrap(err, "error listing nodes using node informer") + } + + // TODO: @prasrira Add a cache to determine nodes that already have label https://github.com/kubernetes/client-go/blob/master/tools/cache/expiration_cache.go + for _, node := range nodeList { + providerID, err := MapProviderIDToResourceID(node.Spec.ProviderID) + if err != nil { + return nodeIpFamily, errors.New("Failed to map providerID to instanceID") + } + if providerID == instanceId { + if _, ok := node.Labels[IPv4NodeIPFamilyLabel]; ok { + nodeIpFamily = append(nodeIpFamily, IPv4) + } + if _, ok := node.Labels[IPv6NodeIPFamilyLabel]; ok { + nodeIpFamily = append(nodeIpFamily, IPv6) + } + break + } + } + if len(nodeIpFamily) != 0 { + cp.logger.Debugf("NodeIpFamily is %s for instance id %s", strings.Join(nodeIpFamily, ","), instanceId) + } + return nodeIpFamily, nil +} + // NodeAddresses returns the addresses of the specified instance. // TODO(roberthbailey): This currently is only used in such a way that it // returns the address of the calling instance. We should do a rename to @@ -145,14 +261,14 @@ func (cp *CloudProvider) NodeAddresses(ctx context.Context, name types.NodeName) // nodeaddresses are being queried. i.e. local metadata services cannot be used // in this method to obtain nodeaddresses. func (cp *CloudProvider) NodeAddressesByProviderID(ctx context.Context, providerID string) ([]api.NodeAddress, error) { - cp.logger.With("instanceID", providerID).Debug("Getting node addresses by provider id") + cp.logger.With("resourceID", providerID).Debug("Getting node addresses by provider id") - instanceID, err := MapProviderIDToResourceID(providerID) + resourceID, err := MapProviderIDToResourceID(providerID) if err != nil { - return nil, errors.Wrap(err, "MapProviderIDToResourceID") + return nil, errors.Wrap(err, "MapProviderIDToResourceOCID") } - return cp.extractNodeAddresses(ctx, instanceID) + return cp.extractNodeAddresses(ctx, resourceID) } // InstanceID returns the cloud provider ID of the node with the specified NodeName. @@ -194,13 +310,14 @@ func (cp *CloudProvider) InstanceType(ctx context.Context, name types.NodeName) // InstanceTypeByProviderID returns the type of the specified instance. func (cp *CloudProvider) InstanceTypeByProviderID(ctx context.Context, providerID string) (string, error) { - cp.logger.With("instanceID", providerID).Debug("Getting instance type by provider id") + cp.logger.With("resourceID", providerID).Debug("Getting instance type by provider id") - instanceID, err := MapProviderIDToResourceID(providerID) + resourceID, err := MapProviderIDToResourceID(providerID) if err != nil { - return "", errors.Wrap(err, "MapProviderIDToResourceID") + return "", errors.Wrap(err, "MapProviderIDToResourceOCID") } - item, exists, err := cp.instanceCache.GetByKey(instanceID) + + item, exists, err := cp.instanceCache.GetByKey(resourceID) if err != nil { return "", errors.Wrap(err, "error fetching instance from instanceCache, will retry") } @@ -208,7 +325,7 @@ func (cp *CloudProvider) InstanceTypeByProviderID(ctx context.Context, providerI return *item.(*core.Instance).Shape, nil } cp.logger.Debug("Unable to find the instance information from instanceCache. Calling OCI API") - inst, err := cp.client.Compute().GetInstance(ctx, instanceID) + inst, err := cp.client.Compute().GetInstance(ctx, resourceID) if err != nil { return "", errors.Wrap(err, "GetInstance") } @@ -235,16 +352,15 @@ func (cp *CloudProvider) CurrentNodeName(ctx context.Context, hostname string) ( // provider id still is running. If false is returned with no error, the // instance will be immediately deleted by the cloud controller manager. func (cp *CloudProvider) InstanceExistsByProviderID(ctx context.Context, providerID string) (bool, error) { - //Please do not try to optimise it by using InstanceCache because we prefer correctness over efficiency here - cp.logger.With("instanceID", providerID).Debug("Checking instance exists by provider id") - instanceID, err := MapProviderIDToResourceID(providerID) + //Please do not try to optimise it by using Cache because we prefer correctness over efficiency here + cp.logger.With("resourceID", providerID).Debug("Checking instance exists by provider id") + resourceID, err := MapProviderIDToResourceID(providerID) if err != nil { return false, err } - instance, err := cp.client.Compute().GetInstance(ctx, instanceID) + instance, err := cp.client.Compute().GetInstance(ctx, resourceID) if client.IsNotFound(err) { return cp.checkForAuthorizationError(ctx, providerID) - } if err != nil { return false, err @@ -260,7 +376,7 @@ func (cp *CloudProvider) checkForAuthorizationError(ctx context.Context, instanc return false, err } // to eliminate AD specific issues, list all ADs and make AD specific requests - availabilityDomains, err := cp.client.Identity().ListAvailabilityDomains(ctx, compartmentId) + availabilityDomains, err := cp.client.Identity(nil).ListAvailabilityDomains(ctx, compartmentId) for _, availabilityDomain := range availabilityDomains { instances, err := cp.client.Compute().ListInstancesByCompartmentAndAD(ctx, compartmentId, *availabilityDomain.Name) // if we are getting errors for ListInstances the issue can be authorization or other issues @@ -284,13 +400,13 @@ func (cp *CloudProvider) checkForAuthorizationError(ctx context.Context, instanc // InstanceShutdownByProviderID returns true if the instance is shutdown in cloudprovider. func (cp *CloudProvider) InstanceShutdownByProviderID(ctx context.Context, providerID string) (bool, error) { //Please do not try to optimise it by using InstanceCache because we prefer correctness over efficiency here - cp.logger.With("instanceID", providerID).Debug("Checking instance is stopped by provider id") - instanceID, err := MapProviderIDToResourceID(providerID) + cp.logger.With("resourceID", providerID).Debug("Checking instance is stopped by provider id") + resourceID, err := MapProviderIDToResourceID(providerID) if err != nil { return false, err } - instance, err := cp.client.Compute().GetInstance(ctx, instanceID) + instance, err := cp.client.Compute().GetInstance(ctx, resourceID) if err != nil { return false, err } @@ -312,3 +428,35 @@ func (cp *CloudProvider) getCompartmentIDByNodeName(nodeName string) (string, er cp.logger.Debug("CompartmentID annotation is not present") return "", errors.New("compartmentID annotation missing in the node. Would retry") } + +func (cp *CloudProvider) getOpenShiftTagNamespaceByInstance(ctx context.Context, instanceID string) string { + instance, err := cp.client.Compute().GetInstance(ctx, instanceID) + if err != nil { + return "" + } + + if instance.DefinedTags == nil { + return "" + } + + for namespace := range instance.DefinedTags { + if strings.HasPrefix(namespace, OpenShiftTagNamesapcePrefix) { + return namespace + } + } + return "" +} + +func (cp *CloudProvider) checkOpenShiftISCSIBootVolumeTagByVnic(ctx context.Context, vnic *core.Vnic, namespace string) bool { + if vnic.DefinedTags == nil { + return false + } + + if tags, namespaceExists := vnic.DefinedTags[namespace]; namespaceExists { + // Check if the boot volume type key exists and its value is ISCSI + if bootVolume, keyExists := tags[OpenShiftBootVolumeType]; keyExists && bootVolume == OpenShiftBootVolumeISCSI { + return true + } + } + return false +} diff --git a/pkg/cloudprovider/providers/oci/instances_test.go b/pkg/cloudprovider/providers/oci/instances_test.go index 2e5f62fefa..510faf6a4c 100644 --- a/pkg/cloudprovider/providers/oci/instances_test.go +++ b/pkg/cloudprovider/providers/oci/instances_test.go @@ -17,110 +17,239 @@ package oci import ( "context" "errors" + "net/http" "reflect" "testing" - "go.uber.org/zap" - authv1 "k8s.io/api/authentication/v1" - v1 "k8s.io/api/core/v1" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" - "k8s.io/apimachinery/pkg/types" - providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-go-sdk/v65/common" "github.com/oracle/oci-go-sdk/v65/core" "github.com/oracle/oci-go-sdk/v65/filestorage" "github.com/oracle/oci-go-sdk/v65/identity" + + "go.uber.org/zap" + authv1 "k8s.io/api/authentication/v1" + v1 "k8s.io/api/core/v1" + v1discovery "k8s.io/api/discovery/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/types" + v1discoverylisters "k8s.io/client-go/listers/discovery/v1" ) var ( instanceVnics = map[string]*core.Vnic{ - "basic-complete": { + "ocid1.default": { + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("default"), + SubnetId: common.String("subnetwithdnslabel"), + }, + "ocid1.instance1": { + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("instance1"), + SubnetId: common.String("subnetwithdnslabel"), + }, + "ocid1.basic-complete": { PrivateIp: common.String("10.0.0.1"), PublicIp: common.String("0.0.0.1"), HostnameLabel: common.String("basic-complete"), SubnetId: common.String("subnetwithdnslabel"), }, - "no-external-ip": { + "ocid1.no-external-ip": { PrivateIp: common.String("10.0.0.1"), HostnameLabel: common.String("no-external-ip"), SubnetId: common.String("subnetwithdnslabel"), }, - "no-internal-ip": { + "ocid1.no-internal-ip": { PublicIp: common.String("0.0.0.1"), HostnameLabel: common.String("no-internal-ip"), SubnetId: common.String("subnetwithdnslabel"), }, - "invalid-internal-ip": { + "ocid1.invalid-internal-ip": { PrivateIp: common.String("10.0.0."), HostnameLabel: common.String("no-internal-ip"), SubnetId: common.String("subnetwithdnslabel"), }, - "invalid-external-ip": { + "ocid1.invalid-external-ip": { PublicIp: common.String("0.0.0."), HostnameLabel: common.String("invalid-external-ip"), SubnetId: common.String("subnetwithdnslabel"), }, - "no-hostname-label": { + "ocid1.no-hostname-label": { PrivateIp: common.String("10.0.0.1"), PublicIp: common.String("0.0.0.1"), SubnetId: common.String("subnetwithdnslabel"), }, - "no-subnet-dns-label": { + "ocid1.no-subnet-dns-label": { PrivateIp: common.String("10.0.0.1"), PublicIp: common.String("0.0.0.1"), HostnameLabel: common.String("no-subnet-dns-label"), SubnetId: common.String("subnetwithoutdnslabel"), }, - "no-vcn-dns-label": { + "ocid1.no-vcn-dns-label": { PrivateIp: common.String("10.0.0.1"), PublicIp: common.String("0.0.0.1"), HostnameLabel: common.String("no-vcn-dns-label"), SubnetId: common.String("subnetwithnovcndnslabel"), }, + "ocid1.ipv6-instance": { + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("IPv6-subnet"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, + "ocid1.ipv6-instance-ula": { + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("IPv6-subnet"), + Ipv6Addresses: []string{"fc00:0000:0000:0000:0000:0000:0000:0000"}, + }, + "ocid1.ipv6-instance-2": { + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("IPv6-subnet"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:idfe"}, + }, + "ocid1.instance-id-ipv4-ipv6": { + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("IPv4-IPv6-subnet"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, + "ocid1.instance-id-ipv6": { + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("ipv6-instance"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, + "ocid1.instance-id-ipv4": { + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("subnetwithnovcndnslabel"), + }, + "ocid1.ipv6-gua-ipv4-instance": { + PrivateIp: common.String("10.0.0.1"), + HostnameLabel: common.String("no-vcn-dns-label"), + SubnetId: common.String("ipv6-gua-ipv4-instance"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, + "ocid1.openshift-instance-ipv4": { + IsPrimary: common.Bool(false), + PrivateIp: common.String("10.0.0.1"), + PublicIp: common.String("0.0.0.1"), + HostnameLabel: common.String("openshift-instance"), + SubnetId: common.String("subnetwithdnslabel"), + }, + "ocid1.openshift-instance-invalid": { + PrivateIp: common.String("10.0.0."), + HostnameLabel: common.String("openshift-instance-invalid"), + SubnetId: common.String("subnetwithdnslabel"), + }, + "ocid1.openshift-instance-ipv6": { + IsPrimary: common.Bool(false), + HostnameLabel: common.String("openshift-instance"), + SubnetId: common.String("ipv6-instance"), + Ipv6Addresses: []string{"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, } instances = map[string]*core.Instance{ "basic-complete": { + Id: common.String("ocid1.basic-complete"), CompartmentId: common.String("default"), }, "no-external-ip": { + Id: common.String("ocid1.no-external-ip"), CompartmentId: common.String("default"), }, "no-internal-ip": { + Id: common.String("ocid1.no-internal-ip"), CompartmentId: common.String("default"), }, "invalid-internal-ip": { + Id: common.String("ocid1.invalid-internal-ip"), CompartmentId: common.String("default"), }, "invalid-external-ip": { + Id: common.String("ocid1.invalid-external-ip"), CompartmentId: common.String("default"), }, "no-hostname-label": { + Id: common.String("ocid1.no-hostname-label"), CompartmentId: common.String("default"), }, "no-subnet-dns-label": { + Id: common.String("ocid1.no-subnet-dns-label"), CompartmentId: common.String("default"), }, "no-vcn-dns-label": { + Id: common.String("ocid1.no-vcn-dns-label"), CompartmentId: common.String("default"), }, "instance1": { CompartmentId: common.String("compartment1"), - Id: common.String("instance1"), + Id: common.String("ocid1.instance1"), Shape: common.String("VM.Standard1.2"), DisplayName: common.String("instance1"), }, "instance_zone_test": { AvailabilityDomain: common.String("NWuj:PHX-AD-1"), CompartmentId: common.String("compartment1"), - Id: common.String("instance_zone_test"), + Id: common.String("ocid1.instance_zone_test"), Region: common.String("PHX"), Shape: common.String("VM.Standard1.2"), DisplayName: common.String("instance_zone_test"), }, + "ipv6-instance": { + Id: common.String("ocid1.ipv6-instance"), + CompartmentId: common.String("ipv6-instance"), + }, + "instance-id-ipv4-ipv6": { + Id: common.String("ocid1.instance-id-ipv4-ipv6"), + CompartmentId: common.String("instance-id-ipv4-ipv6"), + }, + "instance-id-ipv4": { + Id: common.String("ocid1.instance-id-ipv4"), + CompartmentId: common.String("instance-id-ipv4"), + }, + "instance-id-ipv6": { + Id: common.String("ocid1.instance-id-ipv6"), + CompartmentId: common.String("instance-id-ipv6"), + }, + "ipv6-gua-ipv4-instance": { + Id: common.String("ocid1.ipv6-gua-ipv4-instance"), + CompartmentId: common.String("ipv6-gua-ipv4-instance"), + }, + "openshift-instance-ipv4": { + Id: common.String("ocid1.openshift-instance-ipv4"), + CompartmentId: common.String("default"), + DefinedTags: map[string]map[string]interface{}{ + "openshift-namespace": { + "role": "compute", + }, + }, + }, + "openshift-instance-invalid": { + Id: common.String("ocid1.openshift-instance-invalid"), + CompartmentId: common.String("default"), + DefinedTags: map[string]map[string]interface{}{ + "openshift-namespace": { + "role": "compute", + }, + }, + }, + "openshift-instance-ipv6": { + Id: common.String("ocid1.openshift-instance-ipv6"), + CompartmentId: common.String("default"), + DefinedTags: map[string]map[string]interface{}{ + "openshift-namespace": { + "role": "compute", + }, + }, + }, } subnets = map[string]*core.Subnet{ "subnetwithdnslabel": { @@ -167,6 +296,37 @@ var ( VcnId: common.String("vcnwithoutdnslabel"), AvailabilityDomain: nil, }, + "IPv4-subnet": { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + }, + "IPv6-subnet": { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + }, + "IPv4-IPv6-subnet": { + Id: common.String("IPv4-IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlocks: []string{}, + }, + "ipv6-gua-ipv4-instance": { + Id: common.String("ipv6-gua-ipv4-instance"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlocks: []string{"2001:0db8:85a3::8a2e:0370:7334/64"}, + }, } vcns = map[string]*core.Vcn{ @@ -185,9 +345,10 @@ var ( Annotations: map[string]string{ CompartmentIDAnnotation: "default", }, + Name: "default", }, Spec: v1.NodeSpec{ - ProviderID: "default", + ProviderID: "ocid1.default", }, }, "instance1": { @@ -195,9 +356,436 @@ var ( Annotations: map[string]string{ CompartmentIDAnnotation: "compartment1", }, + Name: "instance1", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instance1", + }, + }, + "instanceWithAddress1": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compartment1", + }, + Name: "instanceWithAddress1", }, Spec: v1.NodeSpec{ - ProviderID: "instance1", + ProviderID: "ocid1.instanceWithAddress1", + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + }, + }, + "instanceWithAddress2": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compartment1", + }, + Name: "instanceWithAddress2", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instanceWithAddress2", + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.1", + Type: "InternalIP", + }, + }, + }, + }, + "instanceWithAddressIPv4IPv6": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compartment1", + }, + Name: "instanceWithAddressIPv4IPv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instanceWithAddressIPv4IPv6", + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.1", + Type: "InternalIP", + }, + { + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7335", + Type: "InternalIP", + }, + }, + }, + }, + "ipv6-node": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv4NodeIPFamilyLabel: "true", + IPv6NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.ipv6-instance", + }, + }, + "ipv6-node-ula": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv4NodeIPFamilyLabel: "true", + IPv6NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.ipv6-instance-ula", + }, + }, + "instance-id-ipv4-ipv6": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv4NodeIPFamilyLabel: "true", + IPv6NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instance-id-ipv4-ipv6", + }, + }, + "instance-id-ipv4": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv4NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instance-id-ipv4", + }, + }, + "instance-id-ipv6": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv6NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.instance-id-ipv6", + }, + }, + "openshift-instance-id-ipv6": { + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "default", + }, + Labels: map[string]string{ + IPv6NodeIPFamilyLabel: "true", + }, + Name: "Node-Ipv6", + }, + Spec: v1.NodeSpec{ + ProviderID: "ocid1.openshift-instance-ipv6", + }, + }, + } + + podList = map[string]*v1.Pod{ + "virtualPod1": { + ObjectMeta: metav1.ObjectMeta{ + Name: "virtualPod1", + Labels: map[string]string{ + "app": "pod1", + }, + }, + Spec: v1.PodSpec{ + NodeName: "virtualNodeDefault", + }, + }, + "virtualPod2": { + ObjectMeta: metav1.ObjectMeta{ + Name: "virtualPod2", + Labels: map[string]string{ + "app": "pod2", + }, + }, + Spec: v1.PodSpec{ + NodeName: "virtualNodeDefault", + }, + Status: v1.PodStatus{ + PodIP: "0.0.0.10", + PodIPs: []v1.PodIP{ + {"0.0.0.10"}, + }, + }, + }, + "virtualPodIPv4Ipv6": { + ObjectMeta: metav1.ObjectMeta{ + Name: "virtualPodIPv4Ipv6", + Labels: map[string]string{ + "app": "pod3", + }, + }, + Spec: v1.PodSpec{ + NodeName: "virtualNodeDefault", + }, + Status: v1.PodStatus{ + PodIP: "0.0.0.20", + PodIPs: []v1.PodIP{ + {"0.0.0.20"}, + {"2001:0db8:85a3:0000:0000:8a2e:0370:7334"}, + }, + }, + }, + "regularPod1": { + ObjectMeta: metav1.ObjectMeta{ + Name: "regularPod1", + }, + Spec: v1.PodSpec{ + NodeName: "default", + }, + }, + "regularPod2": { + ObjectMeta: metav1.ObjectMeta{ + Name: "regularPod2", + }, + Spec: v1.PodSpec{ + NodeName: "default", + }, + }, + } + + ready = true + endpointSliceList = map[string]*v1discovery.EndpointSlice{ + "endpointSliceVirtual": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "virtualService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.9"}, + NodeName: common.String("virtualNodeDefault"), + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.10"}, + NodeName: common.String("virtualNodeDefault"), + }, + }, + }, + "endpointSliceRegular": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "regularService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "regularPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.19"}, + NodeName: common.String("default"), + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "regularPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.20"}, + NodeName: common.String("default"), + }, + }, + }, + + "endpointSliceMixed": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "mixedService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.9"}, + NodeName: common.String("virtualNodeDefault"), + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "regularPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.19"}, + NodeName: common.String("default"), + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.10"}, + NodeName: common.String("virtualNodeDefault"), + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "regularPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.20"}, + NodeName: common.String("default"), + }, + }, + }, + "endpointSliceUnknownPod": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "unknownService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "unknown", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.100"}, + }, + }, + }, + "endpointSliceDuplicate1.1": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "duplicateEndpointsService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.10"}, + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.9"}, + }, + }, + }, + "endpointSliceDuplicate1.2": { + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + v1discovery.LabelServiceName: "duplicateEndpointsService", + }, + }, + Endpoints: []v1discovery.Endpoint{ + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod1", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.10"}, + }, + { + TargetRef: &v1.ObjectReference{ + Kind: "Pod", + Name: "virtualPod2", + }, + Conditions: v1discovery.EndpointConditions{ + Ready: &ready, + }, + Addresses: []string{"0.0.0.9"}, + }, + }, + }, + } + + serviceList = map[string]*v1.Service{ + "default": { + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + }, + Spec: v1.ServiceSpec{ + Type: v1.ServiceTypeLoadBalancer, + }, + }, + "non-loadbalancer": { + ObjectMeta: metav1.ObjectMeta{ + Name: "non-loadbalancer", }, }, } @@ -268,11 +856,11 @@ var ( type MockSecurityListManager struct{} -func (MockSecurityListManager) Update(ctx context.Context, lbSubnets []*core.Subnet, _ []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec, isPreserveSource bool) error { +func (MockSecurityListManager) Update(ctx context.Context, sc securityRuleComponents) error { return nil } -func (MockSecurityListManager) Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, ports portSpec, sourceCIDRs []string, isPreserveSource bool) error { +func (MockSecurityListManager) Delete(ctx context.Context, sc securityRuleComponents) error { return nil } @@ -291,7 +879,7 @@ func (MockOCIClient) LoadBalancer(logger *zap.SugaredLogger, lbType string, tena return &MockLoadBalancerClient{} } -func (MockOCIClient) Networking() client.NetworkingInterface { +func (MockOCIClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { return &MockVirtualNetworkClient{} } @@ -299,11 +887,11 @@ func (MockOCIClient) BlockStorage() client.BlockStorageInterface { return &MockBlockStorageClient{} } -func (MockOCIClient) FSS() client.FileStorageInterface { +func (MockOCIClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { return &MockFileStorageClient{} } -func (MockOCIClient) Identity() client.IdentityInterface { +func (MockOCIClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { return &MockIdentityClient{} } @@ -344,6 +932,10 @@ func (MockComputeClient) GetPrimaryVNICForInstance(ctx context.Context, compartm return instanceVnics[instanceID], nil } +func (MockComputeClient) GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) { + return []*core.Vnic{instanceVnics[instanceID]}, nil +} + func (MockComputeClient) FindVolumeAttachment(ctx context.Context, compartmentID, volumeID string) (core.VolumeAttachment, error) { return nil, nil } @@ -372,6 +964,10 @@ func (c *MockComputeClient) FindActiveVolumeAttachment(ctx context.Context, comp return nil, nil } +func (c *MockComputeClient) WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error { + return nil +} + func (c *MockBlockStorageClient) AwaitVolumeBackupAvailableOrTimeout(ctx context.Context, id string) (*core.VolumeBackup, error) { return &core.VolumeBackup{}, nil } @@ -401,6 +997,18 @@ func (c *MockBlockStorageClient) GetVolumeBackupsByName(ctx context.Context, sna type MockVirtualNetworkClient struct { } +func (c *MockVirtualNetworkClient) ListPrivateIps(ctx context.Context, vnicId string) ([]core.PrivateIp, error) { + return nil, nil +} + +func (c *MockVirtualNetworkClient) CreatePrivateIp(ctx context.Context, vnicID string) (*core.PrivateIp, error) { + return nil, nil +} + +func (c *MockVirtualNetworkClient) GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) { + return &core.Ipv6{}, nil +} + func (c *MockVirtualNetworkClient) IsRegionalSubnet(ctx context.Context, id string) (bool, error) { return subnets[id].AvailabilityDomain == nil, nil } @@ -409,6 +1017,14 @@ func (c *MockVirtualNetworkClient) GetPrivateIp(ctx context.Context, id string) return nil, nil } +func (c *MockVirtualNetworkClient) ListIpv6s(ctx context.Context, vnicId string) ([]core.Ipv6, error) { + return []core.Ipv6{}, nil +} + +func (c *MockVirtualNetworkClient) CreateIpv6(ctx context.Context, vnicID string) (*core.Ipv6, error) { + return &core.Ipv6{}, nil +} + func (c *MockVirtualNetworkClient) GetSubnet(ctx context.Context, id string) (*core.Subnet, error) { if subnet, ok := subnets[id]; ok { return subnet, nil @@ -420,7 +1036,11 @@ func (c *MockVirtualNetworkClient) GetVcn(ctx context.Context, id string) (*core return vcns[id], nil } -func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) { +func (c *MockVirtualNetworkClient) GetVNIC(ctx context.Context, id string) (*core.Vnic, error) { + return &core.Vnic{}, nil +} + +func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip client.IpAddresses) (*core.Subnet, error) { return nil, nil } @@ -644,7 +1264,19 @@ func (MockBlockStorageClient) CreateVolume(ctx context.Context, details core.Cre return nil, nil } +var updateVolumeErrors = map[string]error{ + "work-request-fails": errors.New("UpdateVolume request failed: internal server error"), + "api-returns-too-many-requests": mockServiceError{ + StatusCode: http.StatusTooManyRequests, + Code: client.HTTP429TooManyRequestsCode, + Message: "Too many requests", + }, +} + func (c MockBlockStorageClient) UpdateVolume(ctx context.Context, volumeId string, details core.UpdateVolumeDetails) (*core.Volume, error) { + if err, ok := updateVolumeErrors[volumeId]; ok { + return nil, err + } return nil, nil } @@ -757,9 +1389,12 @@ func (m mockInstanceCache) Get(obj interface{}) (item interface{}, exists bool, } func (m mockInstanceCache) GetByKey(key string) (item interface{}, exists bool, err error) { - if instance, ok := instances[key]; ok { - return instance, true, nil + for _, instance := range instances { + if *instance.Id == key { + return instance, true, nil + } } + return nil, false, nil } @@ -780,7 +1415,7 @@ func TestExtractNodeAddresses(t *testing.T) { }{ { name: "basic-complete", - in: "basic-complete", + in: "ocid1.basic-complete", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, @@ -791,7 +1426,7 @@ func TestExtractNodeAddresses(t *testing.T) { }, { name: "no-external-ip", - in: "no-external-ip", + in: "ocid1.no-external-ip", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, // v1.NodeAddress{Type: v1.NodeHostName, Address: "no-external-ip.subnetwithdnslabel.vcnwithdnslabel.oraclevcn.com"}, @@ -801,7 +1436,7 @@ func TestExtractNodeAddresses(t *testing.T) { }, { name: "no-internal-ip", - in: "no-internal-ip", + in: "ocid1.no-internal-ip", out: []v1.NodeAddress{ {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, // v1.NodeAddress{Type: v1.NodeHostName, Address: "no-internal-ip.subnetwithdnslabel.vcnwithdnslabel.oraclevcn.com"}, @@ -811,19 +1446,19 @@ func TestExtractNodeAddresses(t *testing.T) { }, { name: "invalid-external-ip", - in: "invalid-external-ip", + in: "ocid1.invalid-external-ip", out: nil, err: errors.New(`instance has invalid public address: "0.0.0."`), }, { name: "invalid-internal-ip", - in: "invalid-internal-ip", + in: "ocid1.invalid-internal-ip", out: nil, err: errors.New(`instance has invalid private address: "10.0.0."`), }, { name: "no-hostname-label", - in: "no-hostname-label", + in: "ocid1.no-hostname-label", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, @@ -832,7 +1467,7 @@ func TestExtractNodeAddresses(t *testing.T) { }, { name: "no-subnet-dns-label", - in: "no-subnet-dns-label", + in: "ocid1.no-subnet-dns-label", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, @@ -841,13 +1476,52 @@ func TestExtractNodeAddresses(t *testing.T) { }, { name: "no-vcn-dns-label", - in: "no-vcn-dns-label", + in: "ocid1.no-vcn-dns-label", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, }, err: nil, }, + { + name: "ipv6-instance", + in: "ocid1.ipv6-instance", + out: []v1.NodeAddress{ + {Type: v1.NodeExternalIP, Address: "2001:db8:85a3::8a2e:370:7334"}, + }, + err: nil, + }, + { + name: "ipv6-instance-ULA", + in: "ocid1.ipv6-instance-ula", + out: []v1.NodeAddress{ + {Type: v1.NodeInternalIP, Address: "fc00::"}, + }, + err: nil, + }, + { + name: "openshift-instance-ipv4", + in: "ocid1.openshift-instance-ipv4", + out: []v1.NodeAddress{ + {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, + {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, + }, + err: nil, + }, + { + name: "openshift-instance-invalid", + in: "ocid1.openshift-instance-invalid", + out: nil, + err: errors.New(`instance has invalid private address: "10.0.0."`), + }, + { + name: "openshift-instance-ipv6", + in: "ocid1.openshift-instance-ipv6", + out: []v1.NodeAddress{ + {Type: v1.NodeExternalIP, Address: "2001:db8:85a3::8a2e:370:7334"}, + }, + err: nil, + }, } cp := &CloudProvider{ @@ -855,6 +1529,7 @@ func TestExtractNodeAddresses(t *testing.T) { config: &providercfg.Config{CompartmentID: "testCompartment"}, NodeLister: &mockNodeLister{}, instanceCache: &mockInstanceCache{}, + logger: zap.S(), } for _, tt := range testCases { @@ -880,7 +1555,7 @@ func TestInstanceID(t *testing.T) { { name: "get instance id from instance in the cache", in: "instance1", - out: "instance1", + out: "ocid1.instance1", err: nil, }, { @@ -954,6 +1629,54 @@ func TestInstanceType(t *testing.T) { } } +func TestGetNodeIpFamily(t *testing.T) { + testCases := []struct { + name string + in string + out []string + err error + }{ + { + name: "IPv4", + in: "ocid1.instance-id-ipv4", + out: []string{IPv4}, + err: nil, + }, + { + name: "IPv6", + in: "ocid1.instance-id-ipv6", + out: []string{IPv6}, + err: nil, + }, + { + name: "IPv4 & IPv6", + in: "ocid1.instance-id-ipv4-ipv6", + out: []string{IPv4, IPv6}, + err: nil, + }, + } + + cp := &CloudProvider{ + NodeLister: &mockNodeLister{}, + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + logger: zap.S(), + instanceCache: &mockInstanceCache{}, + } + + for _, tt := range testCases { + t.Run(tt.name, func(t *testing.T) { + result, err := cp.getNodeIpFamily(tt.in) + if err != nil && err.Error() != tt.err.Error() { + t.Errorf("getNodeIpFamily(context, %+v) got error %v, expected %v", tt.in, err, tt.err) + } + if !reflect.DeepEqual(result, tt.out) { + t.Errorf("getNodeIpFamily(context, %+v) => %+v, want %+v", tt.name, result, tt.out) + } + }) + } +} + func TestInstanceTypeByProviderID(t *testing.T) { testCases := []struct { name string @@ -963,7 +1686,7 @@ func TestInstanceTypeByProviderID(t *testing.T) { }{ { name: "provider id without provider prefix", - in: "instance1", + in: "ocid1.instance1", out: "VM.Standard1.2", err: nil, }, @@ -1011,7 +1734,7 @@ func TestNodeAddressesByProviderID(t *testing.T) { }{ { name: "provider id without provider prefix", - in: "basic-complete", + in: "ocid1.basic-complete", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, @@ -1020,7 +1743,7 @@ func TestNodeAddressesByProviderID(t *testing.T) { }, { name: "provider id with provider prefix", - in: providerPrefix + "basic-complete", + in: providerPrefix + "ocid1.basic-complete", out: []v1.NodeAddress{ {Type: v1.NodeInternalIP, Address: "10.0.0.1"}, {Type: v1.NodeExternalIP, Address: "0.0.0.1"}, @@ -1059,19 +1782,19 @@ func TestInstanceExistsByProviderID(t *testing.T) { }{ { name: "provider id without provider prefix", - in: "instance1", + in: "ocid1.instance1", out: true, err: nil, }, { name: "provider id with provider prefix", - in: providerPrefix + "instance1", + in: providerPrefix + "ocid1.instance1", out: true, err: nil, }, { name: "provider id with provider prefix and instance not in cache", - in: providerPrefix + "noncacheinstance", + in: providerPrefix + "ocid1.noncacheinstance", out: true, err: nil, }, @@ -1107,19 +1830,19 @@ func TestInstanceShutdownByProviderID(t *testing.T) { }{ { name: "provider id without provider prefix", - in: "instance1", + in: "ocid1.instance1", out: false, err: nil, }, { name: "provider id with provider prefix", - in: providerPrefix + "instance1", + in: providerPrefix + "ocid1.instance1", out: false, err: nil, }, { name: "provider id with provider prefix and instance not in cache", - in: providerPrefix + "noncacheinstance", + in: providerPrefix + "ocid1.noncacheinstance", out: false, err: nil, }, @@ -1155,19 +1878,19 @@ func TestGetCompartmentIDByInstanceID(t *testing.T) { }{ { name: "instance found in cache", - in: "instance1", + in: "ocid1.instance1", out: "compartment1", err: nil, }, { name: "instance found in node lister", - in: "default", + in: "ocid1.default", out: "default", err: nil, }, { name: "instance neither found in cache nor node lister", - in: "instancex", + in: "ocid1.instancex", out: "", err: errors.New("compartmentID annotation missing in the node. Would retry"), }, @@ -1193,22 +1916,214 @@ func TestGetCompartmentIDByInstanceID(t *testing.T) { } } -type mockNodeLister struct{} +type mockNodeLister struct { + nodes []*v1.Node +} func (s *mockNodeLister) List(selector labels.Selector) (ret []*v1.Node, err error) { - nodes := make([]*v1.Node, len(nodeList)) - nodes[0] = nodeList["default"] - nodes[1] = nodeList["instance1"] + var nodes, allNodes []*v1.Node + if len(s.nodes) > 0 { + allNodes = s.nodes + } else { + for _, n := range nodeList { + allNodes = append(allNodes, n) + } + } + + for _, n := range allNodes { + if selector != nil { + if selector.Matches(labels.Set(n.ObjectMeta.GetLabels())) { + nodes = append(nodes, n) + } + } else { + nodes = append(nodes, n) + } + } return nodes, nil } func (s *mockNodeLister) Get(name string) (*v1.Node, error) { - if node, ok := nodeList[name]; ok { + if len(s.nodes) > 0 { + for _, n := range s.nodes { + if n.Name == name { + return n, nil + } + } + } else if node, ok := nodeList[name]; ok { return node, nil } - return nil, nil + return nil, errors.New("get node error") } func (s *mockNodeLister) ListWithPredicate() ([]*v1.Node, error) { return nil, nil } + +type mockEndpointSliceLister struct{} + +func (s *mockEndpointSliceLister) List(selector labels.Selector) (ret []*v1discovery.EndpointSlice, err error) { + return []*v1discovery.EndpointSlice{}, nil +} + +func (s *mockEndpointSliceLister) EndpointSlices(namespace string) v1discoverylisters.EndpointSliceNamespaceLister { + return &mockEndpointSliceNamespaceLister{} +} + +type mockEndpointSliceNamespaceLister struct{} + +func (s *mockEndpointSliceNamespaceLister) List(selector labels.Selector) (ret []*v1discovery.EndpointSlice, err error) { + var endpointSlices []*v1discovery.EndpointSlice + for _, es := range endpointSliceList { + if selector != nil { + if selector.Matches(labels.Set(es.ObjectMeta.GetLabels())) { + endpointSlices = append(endpointSlices, es) + } + } else { + endpointSlices = append(endpointSlices, es) + } + } + return endpointSlices, nil +} + +func (s *mockEndpointSliceNamespaceLister) Get(name string) (ret *v1discovery.EndpointSlice, err error) { + if es, ok := endpointSliceList[name]; ok { + return es, nil + } + return nil, errors.New("get endpointSlice error") +} + +type mockServiceError struct { + StatusCode int + Code string + Message string + OpcRequestID string +} + +func (m mockServiceError) GetHTTPStatusCode() int { + return m.StatusCode +} + +func (m mockServiceError) GetMessage() string { + return m.Message +} + +func (m mockServiceError) GetCode() string { + return m.Code +} + +func (m mockServiceError) GetOpcRequestID() string { + return m.OpcRequestID +} +func (m mockServiceError) Error() string { + return m.Message +} + +func TestGetOpenShiftTagNamespaceByInstance(t *testing.T) { + testCases := []struct { + name string + instanceID string + expected string + }{ + { + name: "Instance with OpenShift namespace", + instanceID: "openshift-instance-ipv4", + expected: "openshift-namespace", + }, + { + name: "Instance without OpenShift namespace", + instanceID: "basic-complete", + expected: "", + }, + { + name: "Non-existent instance", + instanceID: "non-existent-instance-id", + expected: "", + }, + } + + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + NodeLister: &mockNodeLister{}, + instanceCache: &mockInstanceCache{}, + } + + for _, tt := range testCases { + t.Run(tt.name, func(t *testing.T) { + result := cp.getOpenShiftTagNamespaceByInstance(context.Background(), tt.instanceID) + if !reflect.DeepEqual(result, tt.expected) { + t.Errorf("expected %s, got %s", tt.expected, result) + } + }) + } +} + +func TestCheckOpenShiftISCSIBootVolumeTagByVnic(t *testing.T) { + testCases := []struct { + name string + vnic *core.Vnic + namespace string + expected bool + }{ + { + name: "VNIC with ISCSI boot volume tag", + vnic: &core.Vnic{ + DefinedTags: map[string]map[string]interface{}{ + "openshift-namespace": { + "boot-volume-type": "ISCSI", + }, + }, + }, + namespace: "openshift-namespace", + expected: true, + }, + { + name: "VNIC without ISCSI boot volume tag", + vnic: &core.Vnic{ + DefinedTags: map[string]map[string]interface{}{ + "openshift-namespace": { + "boot-volume-type": "NVMe", + }, + }, + }, + namespace: "openshift-namespace", + expected: false, + }, + { + name: "VNIC with no defined tags", + vnic: &core.Vnic{ + DefinedTags: nil, + }, + namespace: "openshift-namespace", + expected: false, + }, + { + name: "Namespace not found in VNIC tags", + vnic: &core.Vnic{ + DefinedTags: map[string]map[string]interface{}{ + "another-namespace": { + "bootVolumeType": "ISCSI", + }, + }, + }, + namespace: "openshift-namespace", + expected: false, + }, + } + + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + NodeLister: &mockNodeLister{}, + instanceCache: &mockInstanceCache{}, + } + + for _, tt := range testCases { + t.Run(tt.name, func(t *testing.T) { + result := cp.checkOpenShiftISCSIBootVolumeTagByVnic(context.Background(), tt.vnic, tt.namespace) + if !reflect.DeepEqual(result, tt.expected) { + t.Errorf("expected %v, got %v", tt.expected, result) + } + }) + } +} diff --git a/pkg/cloudprovider/providers/oci/load_balancer.go b/pkg/cloudprovider/providers/oci/load_balancer.go index 122818f362..36126df4ce 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer.go +++ b/pkg/cloudprovider/providers/oci/load_balancer.go @@ -19,6 +19,7 @@ import ( "fmt" "reflect" "strconv" + "strings" "sync" "time" @@ -30,12 +31,14 @@ import ( "k8s.io/apimachinery/pkg/labels" "k8s.io/apimachinery/pkg/util/sets" k8sports "k8s.io/kubernetes/pkg/cluster/ports" + "k8s.io/utils/net" "k8s.io/utils/pointer" providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" "github.com/oracle/oci-cloud-controller-manager/pkg/metrics" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-cloud-controller-manager/pkg/util" + "github.com/oracle/oci-go-sdk/v65/common" "github.com/oracle/oci-go-sdk/v65/core" "github.com/oracle/oci-go-sdk/v65/loadbalancer" "github.com/oracle/oci-go-sdk/v65/networkloadbalancer" @@ -68,15 +71,6 @@ const DefaultNetworkLoadBalancerListenerProtocol = "TCP" // https://docs.oracle.com/en-us/iaas/Content/General/Concepts/servicelimits.htm#nsg_limits const MaxNsgPerVnic = 5 -const ( - OkeSystemTagNamesapce = "orcl-containerengine" - // MaxDefinedTagPerLB is the maximum number of defined tags that be can be associated with the resource - //https://docs.oracle.com/en-us/iaas/Content/Tagging/Concepts/taggingoverview.htm#limits - MaxDefinedTagPerLB = 64 - resourceTrackingFeatureFlagName = "CPO_ENABLE_RESOURCE_ATTRIBUTION" -) - -var MaxDefinedTagPerLBErr = fmt.Errorf("max limit of defined tags for lb is reached. skip adding tags. sending metric") var enableOkeSystemTags = false const ( @@ -112,6 +106,13 @@ type CloudLoadBalancerProvider struct { config *providercfg.Config } +type IpVersions struct { + IpFamilies []string + IpFamilyPolicy *string + LbEndpointIpVersion *client.GenericIpVersion + ListenerBackendIpVersion []client.GenericIpVersion +} + func (cp *CloudProvider) getLoadBalancerProvider(ctx context.Context, svc *v1.Service) (CloudLoadBalancerProvider, error) { lbType := getLoadBalancerType(svc) name := GetLoadBalancerName(svc) @@ -238,21 +239,34 @@ func getReservedIpOcidByIpAddress(ctx context.Context, ipAddress string, n clien // getSubnetsForNodes returns the de-duplicated subnets in which the given // internal IP addresses reside. -func getSubnetsForNodes(ctx context.Context, nodes []*v1.Node, client client.Interface) ([]*core.Subnet, error) { +func getSubnetsForNodes(ctx context.Context, nodes []*v1.Node, networkClient client.Interface) ([]*core.Subnet, error) { var ( subnetOCIDs = sets.NewString() subnets []*core.Subnet - ipSet = sets.NewString() + ipSet = sets.New[client.IpAddresses]() ) for _, node := range nodes { - ipSet.Insert(NodeInternalIP(node)) + ip := NodeInternalIP(node) + if ip.V6 == "" { + externalIP := NodeExternalIp(node) + if externalIP.V6 != "" { + ip.V6 = externalIP.V6 + } + } + ipSet.Insert(ip) } for _, node := range nodes { // First see if the IP of the node belongs to a subnet in the cache. ip := NodeInternalIP(node) - subnet, err := client.Networking().GetSubnetFromCacheByIP(ip) + if ip.V6 == "" { + // For IPv6 internal IP is not mandatory + externalIPs := NodeExternalIp(node) + ip.V6 = externalIPs.V6 + } + + subnet, err := networkClient.Networking(nil).GetSubnetFromCacheByIP(ip) if err != nil { return nil, err } @@ -280,23 +294,30 @@ func getSubnetsForNodes(ctx context.Context, nodes []*v1.Node, client client.Int return nil, errors.Errorf("%q annotation not present on node %q", CompartmentIDAnnotation, node.Name) } - vnic, err := client.Compute().GetPrimaryVNICForInstance(ctx, compartmentID, id) + vnic, err := networkClient.Compute().GetPrimaryVNICForInstance(ctx, compartmentID, id) if err != nil { return nil, err } - if vnic.PrivateIp != nil && ipSet.Has(*vnic.PrivateIp) && - !subnetOCIDs.Has(*vnic.SubnetId) { - subnet, err := client.Networking().GetSubnet(ctx, *vnic.SubnetId) - if err != nil { - return nil, errors.Wrapf(err, "get subnet %q for instance %q", *vnic.SubnetId, id) + ipAddresses := client.IpAddresses{} + if vnic != nil { + if vnic.PrivateIp != nil { + ipAddresses.V4 = *vnic.PrivateIp } + if vnic.Ipv6Addresses != nil && len(vnic.Ipv6Addresses) > 0 { + ipAddresses.V6 = vnic.Ipv6Addresses[0] + } + if ipAddresses != (client.IpAddresses{}) && ipSet.Has(ipAddresses) && !subnetOCIDs.Has(*vnic.SubnetId) { + subnet, err := networkClient.Networking(nil).GetSubnet(ctx, *vnic.SubnetId) + if err != nil { + return nil, errors.Wrapf(err, "get subnet %q for instance %q", *vnic.SubnetId, id) + } - subnets = append(subnets, subnet) - subnetOCIDs.Insert(*vnic.SubnetId) + subnets = append(subnets, subnet) + subnetOCIDs.Insert(*vnic.SubnetId) + } } } - return subnets, nil } @@ -356,7 +377,7 @@ func (clb *CloudLoadBalancerProvider) createLoadBalancer(ctx context.Context, sp // First update the security lists so that if it fails (due to the etag // bug or otherwise) we'll retry prior to LB creation. - lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking()) + lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking(nil)) if err != nil { return nil, "", errors.Wrap(err, "getting subnets for load balancers") } @@ -383,10 +404,16 @@ func (clb *CloudLoadBalancerProvider) createLoadBalancer(ctx context.Context, sp NetworkSecurityGroupIds: spec.NetworkSecurityGroupIds, FreeformTags: spec.FreeformTags, DefinedTags: spec.DefinedTags, + IpVersion: spec.IpVersions.LbEndpointIpVersion, } // do not block creation if the defined tag limit is reached. defer LB to tracked by backfilling - if len(details.DefinedTags) > MaxDefinedTagPerLB { - logger.Warnf("the number of defined tags in the LB create request is beyond the limit. removing the resource tracking tags from the details..") + if len(details.DefinedTags) > MaxDefinedTagPerResource { + logger.Warnf("the number of defined tags in the LB create request is beyond the limit. removing the resource tracking tags from the details") + delete(details.DefinedTags, OkeSystemTagNamesapce) + } + + if _, useWI := spec.service.Annotations[ServiceAnnotationServiceAccountName]; useWI { // When using Workload Identity + logger.Warnf("principal type is workload identity. removing oke system tags from the request") delete(details.DefinedTags, OkeSystemTagNamesapce) } @@ -398,7 +425,7 @@ func (clb *CloudLoadBalancerProvider) createLoadBalancer(ctx context.Context, sp } if spec.LoadBalancerIP != "" { - reservedIpOCID, err := getReservedIpOcidByIpAddress(ctx, spec.LoadBalancerIP, clb.client.Networking()) + reservedIpOCID, err := getReservedIpOcidByIpAddress(ctx, spec.LoadBalancerIP, clb.client.Networking(nil)) if err != nil { return nil, "", err } @@ -487,6 +514,34 @@ func filterNodes(svc *v1.Service, nodes []*v1.Node) ([]*v1.Node, error) { return filteredNodes, nil } +// checkSubnetIpFamilyCompatibility checks if any of the loadbalancer or node subnet supports the required IP family or returns error otherwise +func checkSubnetIpFamilyCompatibility(subnets []*core.Subnet, ipVersion string) error { + var err error + for _, subnet := range subnets { + if subnet == nil { + continue + } + if ipVersion == IPv6 { + if subnet.Ipv6CidrBlock != nil || subnet.Ipv6CidrBlocks != nil { + if len(subnet.Ipv6CidrBlocks) > 0 || *subnet.Ipv6CidrBlock != "" { + return nil + } + } + err = errors.Errorf("subnet with id %s does not have an ipv6 cidr block", pointer.StringDeref(subnet.Id, "")) + } else { + if subnet.CidrBlock != nil { + // By design IPv4 CidrBlock is not allowed to be null or empty, so it has been hardcoded with string "" by OCI-VCN + if !strings.Contains(*subnet.CidrBlock, "null") { + return nil + } + } + err = errors.Errorf("subnet with id %s does not have an ipv4 cidr block", pointer.StringDeref(subnet.Id, "")) + } + + } + return err +} + // EnsureLoadBalancer creates a new load balancer or updates the existing one. // Returns the status of the balancer (i.e it's public IP address if one exists). func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName string, service *v1.Service, clusterNodes []*v1.Node) (*v1.LoadBalancerStatus, error) { @@ -578,7 +633,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str secretBackendSetString := service.Annotations[ServiceAnnotationLoadBalancerTLSBackendSetSecret] sslConfig = NewSSLConfig(secretListenerString, secretBackendSetString, service, ports, cp) } - subnets, err := cp.getLoadBalancerSubnets(ctx, logger, service) + lbSubnetIds, err := cp.getLoadBalancerSubnets(ctx, logger, service) if err != nil { logger.With(zap.Error(err)).Error("Failed to get Load balancer Subnets.") errorType = util.GetError(err) @@ -588,7 +643,23 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str return nil, err } - spec, err := NewLBSpec(logger, service, nodes, subnets, sslConfig, cp.securityListManagerFactory, cp.config.Tags, lb) + lbSubnets, err := getSubnets(ctx, lbSubnetIds, cp.client.Networking(nil)) + if err != nil { + logger.With(zap.Error(err)).Error("failed to get loadbalancer nodeSubnets") + return nil, err + } + nodeSubnets, err := getSubnetsForNodes(ctx, nodes, cp.client) + if err != nil { + logger.With(zap.Error(err)).Error("failed to get node nodeSubnets") + return nil, err + } + + ipVersions, err := cp.getOciIpVersions(lbSubnets, nodeSubnets, service) + if err != nil { + return nil, err + } + + spec, err := NewLBSpec(logger, service, nodes, lbSubnetIds, sslConfig, cp.securityListManagerFactory, ipVersions, cp.config.Tags, lb) if err != nil { logger.With(zap.Error(err)).Error("Failed to derive LBSpec") errorType = util.GetError(err) @@ -660,7 +731,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str if len(spec.NetworkSecurityGroupIds) >= MaxNsgPerVnic { return nil, fmt.Errorf("invalid number of Network Security Groups (Max: 5) including managed nsg") } - resp, err := cp.client.Networking().CreateNetworkSecurityGroup(ctx, cp.config.CompartmentID, cp.config.VCNID, generateNsgName(service), fmt.Sprintf("%s", service.UID)) + resp, err := cp.client.Networking(nil).CreateNetworkSecurityGroup(ctx, cp.config.CompartmentID, cp.config.VCNID, generateNsgName(service), fmt.Sprintf("%s", service.UID)) if err != nil { logger.With(zap.Error(err)).Error("Failed to create nsg") errorType = util.GetError(err) @@ -684,7 +755,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str } if len(backendNsgs) > 0 { for _, nsg := range backendNsgs { - resp, etag, err := cp.client.Networking().GetNetworkSecurityGroup(ctx, nsg) + resp, etag, err := cp.client.Networking(nil).GetNetworkSecurityGroup(ctx, nsg) if err != nil { logger.With(zap.Error(err)).Error("Failed to get nsg") errorType = util.GetError(err) @@ -697,7 +768,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str if _, ok := freeformTags["ManagedBy"]; !ok { if etag != nil { freeformTags["ManagedBy"] = "CCM" - response, err := cp.client.Networking().UpdateNetworkSecurityGroup(ctx, nsg, *etag, freeformTags) + response, err := cp.client.Networking(nil).UpdateNetworkSecurityGroup(ctx, nsg, *etag, freeformTags) if err != nil { logger.With(zap.Error(err)).Errorf("Failed to update nsg %s", nsg) errorType = util.GetError(err) @@ -715,7 +786,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str } } } - serviceComponents := serviceComponents{ + serviceComponents := securityRuleComponents{ frontendNsgOcid: frontendNsgId, backendNsgOcids: backendNsgs, ports: spec.Ports, @@ -732,7 +803,7 @@ func (cp *CloudProvider) EnsureLoadBalancer(ctx context.Context, clusterName str if !lbExists { lbStatus, newLBOCID, err := lbProvider.createLoadBalancer(ctx, spec) if err != nil && client.IsSystemTagNotFoundOrNotAuthorisedError(logger, err) { - logger.Warn("LB creation failed due to error in adding system tags. sending metric & retrying without system tags") + logger.With(zap.Error(err)).Warn("LB creation failed due to error in adding system tags. sending metric & retrying without system tags") // send resource track tagging failure metrics errorType = util.SystemTagErrTypePrefix + util.GetError(err) @@ -864,7 +935,7 @@ func (cp *CloudProvider) getOciLoadBalancerSubnets(ctx context.Context, logger * if s, ok := svc.Annotations[ServiceAnnotationLoadBalancerSubnet1]; ok && len(s) != 0 { subnets[0] = s - r, err := cp.client.Networking().IsRegionalSubnet(ctx, s) + r, err := cp.client.Networking(nil).IsRegionalSubnet(ctx, s) if err != nil { return nil, err } @@ -874,7 +945,7 @@ func (cp *CloudProvider) getOciLoadBalancerSubnets(ctx context.Context, logger * } if s, ok := svc.Annotations[ServiceAnnotationLoadBalancerSubnet2]; ok && len(s) != 0 { - r, err := cp.client.Networking().IsRegionalSubnet(ctx, s) + r, err := cp.client.Networking(nil).IsRegionalSubnet(ctx, s) if err != nil { return nil, err } @@ -929,6 +1000,32 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancer(ctx context.Context, lb break } } + lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking(nil)) + if err != nil { + return errors.Wrapf(err, "getting load balancer subnets") + } + nodeSubnets, err := getSubnetsForNodes(ctx, spec.nodes, clb.client) + if err != nil { + return errors.Wrap(err, "get subnets for nodes") + } + + // Conversion from SingleStack to DualStack needs to happen before the IPv6 listeners & Backendsets are created + if spec.Type == NLB && spec.IpVersions.LbEndpointIpVersion != nil { + ipVersion := string(*lb.IpVersion) + lbEndpointVersion := string(*spec.IpVersions.LbEndpointIpVersion) + ipFamilyPolicy := *spec.IpVersions.IpFamilyPolicy + ipVersionChanged := hasIpVersionChanged(ipVersion, lbEndpointVersion) + if ipVersionChanged && (ipFamilyPolicy == string(v1.IPFamilyPolicyPreferDualStack) || ipFamilyPolicy == string(v1.IPFamilyPolicyRequireDualStack)) { + logger.Infof("IPversion: %s LbEndpointIpVersion: %s IpFamilyPolicy: %s", ipVersion, lbEndpointVersion, ipFamilyPolicy) + details := &client.GenericUpdateLoadBalancerDetails{ + IpVersion: spec.IpVersions.LbEndpointIpVersion, + } + err = clb.updateLoadBalancerIpVersion(ctx, lb, details) + if err != nil { + return err + } + } + } actualBackendSets := lb.BackendSets desiredBackendSets := spec.BackendSets @@ -938,15 +1035,6 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancer(ctx context.Context, lb desiredListeners := spec.Listeners listenerActions := getListenerChanges(logger, actualListeners, desiredListeners) - lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking()) - if err != nil { - return errors.Wrapf(err, "getting load balancer subnets") - } - nodeSubnets, err := getSubnetsForNodes(ctx, spec.nodes, clb.client) - if err != nil { - return errors.Wrap(err, "get subnets for nodes") - } - if len(backendSetActions) == 0 && len(listenerActions) == 0 { // If there are no backendSetActions or Listener actions // this function must have been called because of a failed @@ -1007,6 +1095,24 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancer(ctx context.Context, lb } } + // Conversion from DualStack to SingleStack needs to happen after the IPv6 listeners & Backendsets are removed + if spec.Type == NLB && spec.IpVersions.LbEndpointIpVersion != nil { + ipVersion := string(*lb.IpVersion) + lbEndpointVersion := string(*spec.IpVersions.LbEndpointIpVersion) + ipFamilyPolicy := *spec.IpVersions.IpFamilyPolicy + ipVersionChanged := hasIpVersionChanged(ipVersion, lbEndpointVersion) + if ipVersionChanged && ipFamilyPolicy == string(v1.IPFamilyPolicySingleStack) { + logger.Infof("IPversion: %s LbEndpointIpVersion: %s IpFamilyPolicy: %s", ipVersion, lbEndpointVersion, ipFamilyPolicy) + details := &client.GenericUpdateLoadBalancerDetails{ + IpVersion: spec.IpVersions.LbEndpointIpVersion, + } + err = clb.updateLoadBalancerIpVersion(ctx, lb, details) + if err != nil { + return err + } + } + } + // Check if the reservedIP has changed in spec if spec.LoadBalancerIP != "" || actualPublicReservedIP != nil { if actualPublicReservedIP == nil || *actualPublicReservedIP != spec.LoadBalancerIP { @@ -1023,7 +1129,7 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancer(ctx context.Context, lb // fail open if the update request fails logger.With(zap.Error(err)).Warn("updateLoadBalancer didn't succeed. unable to add oke system tags") errType = util.SystemTagErrTypePrefix + util.GetError(err) - if errors.Is(err, MaxDefinedTagPerLBErr) { + if errors.Is(err, fmt.Errorf(MaxDefinedTagErrMessage, spec.Type)) { errType = util.ErrTagLimitReached } dimensionsMap[metrics.ComponentDimension] = util.GetMetricDimensionForComponent(errType, util.LoadBalancerType) @@ -1039,11 +1145,7 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancerBackends(ctx context.Con logger := clb.logger.With("loadBalancerID", lbID, "compartmentID", clb.config.CompartmentID, "loadBalancerType", getLoadBalancerType(spec.service), "serviceName", spec.service.Name) - actualBackendSets := lb.BackendSets - desiredBackendSets := spec.BackendSets - backendSetActions := getBackendSetChanges(logger, actualBackendSets, desiredBackendSets) - - lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking()) + lbSubnets, err := getSubnets(ctx, spec.Subnets, clb.client.Networking(nil)) if err != nil { return errors.Wrapf(err, "getting load balancer subnets") } @@ -1052,6 +1154,10 @@ func (clb *CloudLoadBalancerProvider) updateLoadBalancerBackends(ctx context.Con return errors.Wrap(err, "get subnets for nodes") } + actualBackendSets := lb.BackendSets + desiredBackendSets := spec.BackendSets + backendSetActions := getBackendSetChanges(logger, actualBackendSets, desiredBackendSets) + for _, action := range backendSetActions { switch a := action.(type) { case *BackendSetAction: @@ -1071,7 +1177,16 @@ func updateSecurityListsInCriticalSection(ctx context.Context, spec *LBSpec, lbS updateRulesMutex.Lock() defer updateRulesMutex.Unlock() for _, ports := range spec.Ports { - if err = spec.securityListManager.Update(ctx, lbSubnets, nodeSubnets, spec.SourceCIDRs, nil, ports, *spec.IsPreserveSource); err != nil { + sc := securityRuleComponents{ + lbSubnets: lbSubnets, + backendSubnets: nodeSubnets, + sourceCIDRs: spec.SourceCIDRs, + actualPorts: nil, + desiredPorts: ports, + isPreserveSource: *spec.IsPreserveSource, + ipFamilies: convertOciIpVersionsToOciIpFamilies(spec.IpVersions.ListenerBackendIpVersion), + } + if err = spec.securityListManager.Update(ctx, sc); err != nil { return err } } @@ -1094,9 +1209,20 @@ func (clb *CloudLoadBalancerProvider) updateBackendSet(ctx context.Context, lbID "loadBalancerID", lbID, "loadBalancerType", getLoadBalancerType(spec.service)) logger.Info("Applying action on backend set") + + sc := securityRuleComponents{ + lbSubnets: lbSubnets, + backendSubnets: nodeSubnets, + sourceCIDRs: sourceCIDRs, + actualPorts: nil, + desiredPorts: ports, + isPreserveSource: *spec.IsPreserveSource, + ipFamilies: convertOciIpVersionsToOciIpFamilies(spec.IpVersions.ListenerBackendIpVersion), + } + switch action.Type() { case Create: - err = secListManager.Update(ctx, lbSubnets, nodeSubnets, sourceCIDRs, nil, ports, *spec.IsPreserveSource) + err = secListManager.Update(ctx, sc) if err != nil { return err } @@ -1104,13 +1230,14 @@ func (clb *CloudLoadBalancerProvider) updateBackendSet(ctx context.Context, lbID case Update: // For NLB, due to source IP preservation we need to ensure ingress rules from sourceCIDRs are added to // the backends subnet's seclist as well - - if err = secListManager.Update(ctx, lbSubnets, nodeSubnets, spec.SourceCIDRs, action.OldPorts, ports, *spec.IsPreserveSource); err != nil { + sc.actualPorts = action.OldPorts + sc.sourceCIDRs = spec.SourceCIDRs + if err = secListManager.Update(ctx, sc); err != nil { return err } workRequestID, err = clb.lbClient.UpdateBackendSet(ctx, lbID, action.Name(), &bs) case Delete: - err = secListManager.Delete(ctx, lbSubnets, nodeSubnets, ports, sourceCIDRs, *spec.IsPreserveSource) + err = secListManager.Delete(ctx, sc) if err != nil { return err } @@ -1144,21 +1271,30 @@ func (clb *CloudLoadBalancerProvider) updateListener(ctx context.Context, lbID s "loadBalancerID", lbID, "loadBalancerType", getLoadBalancerType(spec.service)) logger.Info("Applying action on listener") + sc := securityRuleComponents{ + lbSubnets: lbSubnets, + backendSubnets: nodeSubnets, + sourceCIDRs: sourceCIDRs, + actualPorts: nil, + desiredPorts: ports, + isPreserveSource: *spec.IsPreserveSource, + ipFamilies: convertOciIpVersionsToOciIpFamilies(spec.IpVersions.ListenerBackendIpVersion), + } switch action.Type() { case Create: - err = secListManager.Update(ctx, lbSubnets, nodeSubnets, sourceCIDRs, nil, ports, *spec.IsPreserveSource) + err = secListManager.Update(ctx, sc) if err != nil { return err } workRequestID, err = clb.lbClient.CreateListener(ctx, lbID, action.Name(), &listener) case Update: - err = secListManager.Update(ctx, lbSubnets, nodeSubnets, sourceCIDRs, nil, ports, *spec.IsPreserveSource) + err = secListManager.Update(ctx, sc) if err != nil { return err } workRequestID, err = clb.lbClient.UpdateListener(ctx, lbID, action.Name(), &listener) case Delete: - err = secListManager.Delete(ctx, lbSubnets, nodeSubnets, ports, sourceCIDRs, *spec.IsPreserveSource) + err = secListManager.Delete(ctx, sc) if err != nil { return err } @@ -1293,7 +1429,7 @@ func (cp *CloudProvider) UpdateLoadBalancer(ctx context.Context, clusterName str sslConfig = NewSSLConfig(secretListenerString, secretBackendSetString, service, ports, cp) } - subnets, err := cp.getLoadBalancerSubnets(ctx, logger, service) + lbSubnetIds, err := cp.getLoadBalancerSubnets(ctx, logger, service) if err != nil { logger.With(zap.Error(err)).Error("Failed to get Load balancer Subnets.") errorType = util.GetError(err) @@ -1303,7 +1439,23 @@ func (cp *CloudProvider) UpdateLoadBalancer(ctx context.Context, clusterName str return err } - spec, err := NewLBSpec(logger, service, nodes, subnets, sslConfig, cp.securityListManagerFactory, cp.config.Tags, lb) + lbSubnets, err := getSubnets(ctx, lbSubnetIds, cp.client.Networking(nil)) + if err != nil { + logger.With(zap.Error(err)).Error("failed to get loadbalancer subnets") + return err + } + nodeSubnets, err := getSubnetsForNodes(ctx, nodes, cp.client) + if err != nil { + logger.With(zap.Error(err)).Error("failed to get node subnets") + return err + } + + ipVersions, err := cp.getOciIpVersions(lbSubnets, nodeSubnets, service) + if err != nil { + return err + } + + spec, err := NewLBSpec(logger, service, nodes, lbSubnetIds, sslConfig, cp.securityListManagerFactory, ipVersions, cp.config.Tags, lb) if err != nil { logger.With(zap.Error(err)).Error("Failed to derive LBSpec") errorType = util.GetError(err) @@ -1342,14 +1494,15 @@ func (cp *CloudProvider) UpdateLoadBalancer(ctx context.Context, clusterName str return nil } -// getNodesByIPs returns a slice of Nodes corresponding to the given IP addresses. -func (cp *CloudProvider) getNodesByIPs(backendIPs []string) ([]*v1.Node, error) { +// getNodesAndPodsByIPs returns slices of Nodes and Pods corresponding to the given IP addresses. +func (cp *CloudProvider) getNodesAndPodsByIPs(ctx context.Context, backendIPs []client.IpAddresses, service *v1.Service) ([]*v1.Node, error) { + ipToNodeLookup := make(map[client.IpAddresses]*v1.Node) + nodeList, err := cp.NodeLister.List(labels.Everything()) if err != nil { return nil, err } - ipToNodeLookup := make(map[string]*v1.Node) for _, node := range nodeList { ip := NodeInternalIP(node) ipToNodeLookup[ip] = node @@ -1357,11 +1510,11 @@ func (cp *CloudProvider) getNodesByIPs(backendIPs []string) ([]*v1.Node, error) var nodes []*v1.Node for _, ip := range backendIPs { - node, ok := ipToNodeLookup[ip] - if !ok { - return nil, errors.Errorf("node was not found by IP %q", ip) + if node, nodeExists := ipToNodeLookup[ip]; nodeExists { + nodes = append(nodes, node) + } else { + cp.logger.With("loadBalancerName", GetLoadBalancerName(service), "serviceName", service.Name, "loadBalancerType", getLoadBalancerType(service)).Errorf("provisioned node or virtual pod was not found by IP %q", ip) } - nodes = append(nodes, node) } return nodes, nil @@ -1540,13 +1693,25 @@ func (cp *CloudProvider) cleanupSecurityRulesForLoadBalancerDelete(lb *client.Ge defer updateRulesMutex.Unlock() id := *lb.Id - ipSet := sets.NewString() + + ipAddresses := client.IpAddresses{ + V4: "", + V6: "", + } + ipSet := sets.New(ipAddresses) + for _, backendSet := range lb.BackendSets { for _, backend := range backendSet.Backends { - ipSet.Insert(*backend.IpAddress) + if net.IsIPv6String(*backend.IpAddress) { + ipAddresses.V6 = *backend.IpAddress + } else { + ipAddresses.V4 = *backend.IpAddress + } + ipSet.Insert(ipAddresses) + } } - nodes, err := cp.getNodesByIPs(ipSet.List()) + nodes, err := cp.getNodesAndPodsByIPs(ctx, ipSet.UnsortedList(), service) if err != nil { logger.With(zap.Error(err)).Error("Failed to fetch nodes by internal ips") return errors.Wrap(err, "fetching nodes by internal ips") @@ -1557,7 +1722,7 @@ func (cp *CloudProvider) cleanupSecurityRulesForLoadBalancerDelete(lb *client.Ge return errors.Wrap(err, "getting subnets for nodes") } - lbSubnets, err := getSubnets(ctx, lb.SubnetIds, cp.client.Networking()) + lbSubnets, err := getSubnets(ctx, lb.SubnetIds, cp.client.Networking(nil)) if err != nil { logger.With(zap.Error(err)).Error("Failed to get subnets for load balancers") return errors.Wrap(err, "getting subnets for load balancers") @@ -1594,13 +1759,19 @@ func (cp *CloudProvider) cleanupSecurityRulesForLoadBalancerDelete(lb *client.Ge logger.With(zap.Error(err)).Error("failed to determine value for is-preserve-source") return errors.Wrap(err, "failed to determine value for is-preserve-source") } - portsNsg, err := getPorts(service) + + ipVersions, err := cp.getOciIpVersions(lbSubnets, nodeSubnets, service) + if err != nil { + return err + } + + portsNsg, err := getPorts(service, convertOciIpVersionsToOciIpFamilies(ipVersions.ListenerBackendIpVersion)) if err != nil { return errors.Wrapf(err, "failed to get ports from spec") } sourceCIDRs, err := getLoadBalancerSourceRanges(service) if securityRuleManagerMode == NSG && len(managedNsg.backendNsgId) > 0 { - serviceComponents := serviceComponents{ + serviceComponents := securityRuleComponents{ frontendNsgOcid: managedNsg.frontendNsgId, backendNsgOcids: managedNsg.backendNsgId, sourceCIDRs: sourceCIDRs, @@ -1636,7 +1807,17 @@ func (cp *CloudProvider) cleanupSecurityRulesForLoadBalancerDelete(lb *client.Ge logger.Infof("Security rule management mode %s", securityRuleManagerMode) if securityRuleManagerMode == ManagementModeAll || securityRuleManagerMode == ManagementModeFrontend { - if err = securityListManager.Delete(ctx, lbSubnets, nodeSubnets, ports, sourceCIDRs, isPreserveSource); err != nil { + sc := securityRuleComponents{ + lbSubnets: lbSubnets, + backendSubnets: nodeSubnets, + sourceCIDRs: sourceCIDRs, + actualPorts: nil, + desiredPorts: ports, + isPreserveSource: isPreserveSource, + ipFamilies: convertOciIpVersionsToOciIpFamilies(ipVersions.ListenerBackendIpVersion), + } + logger.Infof("Service Components security list %#v", sc) + if err = securityListManager.Delete(ctx, sc); err != nil { logger.With(zap.Error(err)).Errorf("Failed to delete security rules for listener %q on load balancer %q", listenerName, name) return errors.Wrapf(err, "delete security rules for listener %q on load balancer %q", listenerName, name) } @@ -1708,6 +1889,10 @@ func doesLbHaveOkeSystemTags(lb *client.GenericLoadBalancer, spec *LBSpec) bool func (clb *CloudLoadBalancerProvider) addLoadBalancerOkeSystemTags(ctx context.Context, lb *client.GenericLoadBalancer, spec *LBSpec) error { lbDefinedTagsRequest := make(map[string]map[string]interface{}) + if _, useWI := spec.service.Annotations[ServiceAnnotationServiceAccountName]; useWI { // When using Workload Identity + return fmt.Errorf("principal type is workload identity. skip addition of oke system tags.") + } + if spec.SystemTags == nil { return fmt.Errorf("oke system tag is not found in LB spec. ignoring..") } @@ -1724,8 +1909,8 @@ func (clb *CloudLoadBalancerProvider) addLoadBalancerOkeSystemTags(ctx context.C lbDefinedTagsRequest[OkeSystemTagNamesapce] = spec.SystemTags[OkeSystemTagNamesapce] // update fails if the number of defined tags is more than the service limit i.e 64 - if len(lbDefinedTagsRequest) > MaxDefinedTagPerLB { - return MaxDefinedTagPerLBErr + if len(lbDefinedTagsRequest) > MaxDefinedTagPerResource { + return fmt.Errorf(MaxDefinedTagErrMessage, spec.Type) } lbUpdateDetails := &client.GenericUpdateLoadBalancerDetails{ @@ -1746,6 +1931,21 @@ func (clb *CloudLoadBalancerProvider) addLoadBalancerOkeSystemTags(ctx context.C return nil } +func (clb *CloudLoadBalancerProvider) updateLoadBalancerIpVersion(ctx context.Context, lb *client.GenericLoadBalancer, details *client.GenericUpdateLoadBalancerDetails) error { + wrID, err := clb.lbClient.UpdateLoadBalancer(ctx, *lb.Id, details) + if err != nil { + return errors.Wrap(err, "failed to create UpdateLoadBalancer request") + } + logger := clb.logger.With("existingIpVersion", lb.IpVersion, "newIpVersion", details.IpVersion) + logger.Infof("Awaiting UpdateLoadBalancer workrequest to update endpoint IpVersion %s", wrID) + _, err = clb.lbClient.AwaitWorkRequest(ctx, wrID) + if err != nil { + return errors.Wrap(err, "failed to await UpdateLoadBalancer workrequest") + } + logger.Infof("UpdateLoadBalancer workrequest to update %s endpoint IpVersion completed successfully", *lb.Id) + return nil +} + // Given an OCI load balancer, return a LoadBalancerStatus func loadBalancerToStatus(lb *client.GenericLoadBalancer) (*v1.LoadBalancerStatus, error) { if len(lb.IpAddresses) == 0 { @@ -1778,12 +1978,11 @@ func (cp *CloudProvider) checkAllBackendNodesNotReady(nodeList []*v1.Node) bool } return true } - // If CCM manages the NSG for the service, CCM to delete the NSG when the LB/NLB service is deleted func (cp *CloudProvider) deleteNsg(ctx context.Context, logger *zap.SugaredLogger, id, etag string) (bool, error) { - opcRequestId, err := cp.client.Networking().DeleteNetworkSecurityGroup(ctx, id, etag) + opcRequestId, err := cp.client.Networking(nil).DeleteNetworkSecurityGroup(ctx, id, etag) if err != nil { - logger.Errorf("failed to delete nsg %s OpcRequestId %s", id, pointer.StringDeref(opcRequestId, "")) + logger.Errorf("failed to delete nsg %s", id) return false, err } logger.Infof("delete nsg OpcRequestId %s", pointer.StringDeref(opcRequestId, "")) @@ -1791,7 +1990,7 @@ func (cp *CloudProvider) deleteNsg(ctx context.Context, logger *zap.SugaredLogge } func (cp *CloudProvider) getFrontendNsg(ctx context.Context, logger *zap.SugaredLogger, id, uid string) (frontendNsgId string, etag *string, err error) { - nsg, etag, err := cp.client.Networking().GetNetworkSecurityGroup(ctx, id) + nsg, etag, err := cp.client.Networking(nil).GetNetworkSecurityGroup(ctx, id) if err != nil || nsg == nil || etag == nil { logger.Errorf("failed to get nsg %s", id) return "", nil, err @@ -1808,7 +2007,7 @@ func (cp *CloudProvider) getFrontendNsg(ctx context.Context, logger *zap.Sugared } func (cp *CloudProvider) getFrontendNsgByName(ctx context.Context, logger *zap.SugaredLogger, displayName, compartmentId, vcnId, uid string) (frontendNsgId string, etag *string, err error) { - nsgs, err := cp.client.Networking().ListNetworkSecurityGroups(ctx, displayName, compartmentId, vcnId) + nsgs, err := cp.client.Networking(nil).ListNetworkSecurityGroups(ctx, displayName, compartmentId, vcnId) for _, nsg := range nsgs { frontendNsgId, etag, err = cp.getFrontendNsg(ctx, logger, pointer.StringDeref(nsg.Id, ""), uid) if err != nil { @@ -1883,3 +2082,137 @@ func (cp *CloudProvider) checkForNetworkPartition(logger *zap.SugaredLogger, nod } return } + +func (cp *CloudProvider) getLbEndpointIpVersion(ipFamilies []string, ipFamilyPolicy string, lbSubnets []*core.Subnet) (string, error) { + lbEndpointVersion := "" + errIPv6Subnet := checkSubnetIpFamilyCompatibility(lbSubnets, IPv6) + errIPv4Subnet := checkSubnetIpFamilyCompatibility(lbSubnets, IPv4) + SingleStackIPv4 := "SingleStackIPv4" + SingleStackIPv6 := "SingleStackIPv6" + DualStack := "DualStack" + switch ipFamilyPolicy { + case string(v1.IPFamilyPolicySingleStack): + if ipFamilies[0] == IPv6 { + if errIPv6Subnet != nil { + return "", errors.Wrapf(errIPv6Subnet, "subnet does not have %s CIDR blocks", IPv6) + } + lbEndpointVersion = SingleStackIPv6 + } + if ipFamilies[0] == IPv4 { + if errIPv4Subnet != nil { + return "", errors.Wrapf(errIPv4Subnet, "subnet does not have %s CIDR blocks", IPv4) + } + lbEndpointVersion = SingleStackIPv4 + } + case string(v1.IPFamilyPolicyRequireDualStack): + if errIPv6Subnet != nil { + return "", errors.Wrapf(errIPv6Subnet, "subnet does not have %s CIDR blocks", IPv6) + } + if errIPv4Subnet != nil { + return "", errors.Wrapf(errIPv4Subnet, "subnet does not have %s CIDR blocks", IPv4) + } + lbEndpointVersion = DualStack + case string(v1.IPFamilyPolicyPreferDualStack): + lbEndpointVersion = DualStack + if errIPv4Subnet != nil && errIPv6Subnet != nil { + // This should never happen + return "", errors.New("subnet does not have IPv4 or IPv6 cidr, can't create loadbalancer") + } + if errIPv6Subnet != nil { + cp.logger.Warn("subnet provided does not have IPv6 subnet CIDR block, creating LB with only IPv4 endpoint") + lbEndpointVersion = SingleStackIPv4 + } + if errIPv4Subnet != nil { + cp.logger.Warn("subnet provided does not have IPV4 subnet CIDR block, creating LB with only IPv6 endpoint") + lbEndpointVersion = SingleStackIPv6 + } + default: + lbEndpointVersion = SingleStackIPv4 + } + if strings.Compare(lbEndpointVersion, SingleStackIPv4) == 0 { + lbEndpointVersion = IPv4 + } + if strings.Compare(lbEndpointVersion, SingleStackIPv6) == 0 { + lbEndpointVersion = IPv6 + } + if strings.Compare(lbEndpointVersion, DualStack) == 0 { + lbEndpointVersion = IPv4AndIPv6 + } + return lbEndpointVersion, nil +} + +func (cp *CloudProvider) getLbListenerBackendSetIpVersion(ipFamilies []string, ipFamilyPolicy string, nodeSubnets []*core.Subnet) ([]string, error) { + errIPv6Subnet := checkSubnetIpFamilyCompatibility(nodeSubnets, IPv6) + errIPv4Subnet := checkSubnetIpFamilyCompatibility(nodeSubnets, IPv4) + switch ipFamilyPolicy { + case string(v1.IPFamilyPolicySingleStack): + if ipFamilies[0] == IPv6 { + if errIPv6Subnet != nil { + return []string{}, errors.Wrapf(errIPv6Subnet, "subnet does not have %s CIDR blocks", IPv6) + } + return []string{IPv6}, nil + } + if ipFamilies[0] == IPv4 { + if errIPv4Subnet != nil { + return []string{}, errors.Wrapf(errIPv4Subnet, "subnet does not have %s CIDR blocks", IPv4) + } + return []string{IPv4}, nil + } + case string(v1.IPFamilyPolicyRequireDualStack): + if errIPv6Subnet != nil { + return []string{}, errors.Wrapf(errIPv6Subnet, "subnet does not have %s CIDR blocks", IPv6) + } + if errIPv4Subnet != nil { + return []string{}, errors.Wrapf(errIPv4Subnet, "subnet does not have %s CIDR blocks", IPv4) + } + return []string{IPv4, IPv6}, nil + case string(v1.IPFamilyPolicyPreferDualStack): + if errIPv6Subnet != nil && errIPv4Subnet != nil { + // should never happen + return nil, errors.New("subnet does not have IPv4 or IPv6 cidr, can't create loadbalancer") + } + if errIPv6Subnet != nil { + cp.logger.Warn("subnet provided does not have IPv6 subnet CIDR block, creating listeners and backends of ip-version IPv4") + return []string{IPv4}, nil + } + if errIPv4Subnet != nil { + cp.logger.Warn("subnet provided does not have IPV4 subnet CIDR block, creating listeners and backends of ip-version IPv6") + return []string{IPv6}, nil + } + return []string{IPv4, IPv6}, nil + } + return []string{IPv4}, nil +} + +func (cp *CloudProvider) getOciIpVersions(lbSubnets, nodeSubnets []*core.Subnet, service *v1.Service) (*IpVersions, error) { + ipFamilies := getIpFamilies(service) + ipFamilyPolicy := getIpFamilyPolicy(service) + + lbEndpointVersion, err := cp.getLbEndpointIpVersion(ipFamilies, ipFamilyPolicy, lbSubnets) + if err != nil { + return nil, err + } + listenerBackendIpVersion, err := cp.getLbListenerBackendSetIpVersion(ipFamilies, ipFamilyPolicy, nodeSubnets) + if err != nil { + return nil, err + } + + if getLoadBalancerType(service) == LB { + if lbEndpointVersion == IPv6 { + return nil, errors.New("SingleStack IPv6 is not supported for OCI LBaaS") + } + listenerBackendIpVersion = []string{IPv4} + } + + var ociListenerBackendIpVersion []client.GenericIpVersion + for _, ipFamily := range listenerBackendIpVersion { + ociListenerBackendIpVersion = append(ociListenerBackendIpVersion, convertK8sIpFamiliesToOciIpVersion(ipFamily)) + } + ipVersions := &IpVersions{ + IpFamilies: ipFamilies, + IpFamilyPolicy: common.String(ipFamilyPolicy), + LbEndpointIpVersion: GenericIpVersion(convertK8sIpFamiliesToOciIpVersion(lbEndpointVersion)), + ListenerBackendIpVersion: ociListenerBackendIpVersion, + } + return ipVersions, nil +} diff --git a/pkg/cloudprovider/providers/oci/load_balancer_network_security_group.go b/pkg/cloudprovider/providers/oci/load_balancer_network_security_group.go index 0c7fbe9a4c..1107c6baa9 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_network_security_group.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_network_security_group.go @@ -42,13 +42,18 @@ const ( batchSize = 25 ) -type serviceComponents struct { +type securityRuleComponents struct { frontendNsgOcid string backendNsgOcids []string ports map[string]portSpec sourceCIDRs []string isPreserveSource bool serviceUid string + lbSubnets []*core.Subnet + backendSubnets []*core.Subnet + actualPorts *portSpec + desiredPorts portSpec + ipFamilies []string } // generateNsgBackendIngressRules is a helper method to generate the ingress rules for the backend NSG @@ -207,7 +212,7 @@ func (s *CloudProvider) getNsg(ctx context.Context, id string) (*core.NetworkSec if id == "" { return nil, errors.New("invalid; empty nsg id provided") // should never happen } - response, _, err := s.client.Networking().GetNetworkSecurityGroup(ctx, id) + response, _, err := s.client.Networking(nil).GetNetworkSecurityGroup(ctx, id) if err != nil { return nil, errors.Wrapf(err, "failed to get nsg with id %s", id) } @@ -220,7 +225,7 @@ func (s *CloudProvider) listNsgRules(ctx context.Context, id string, direction c return nil, errors.New("invalid; empty nsg id provided") // should never happen } - response, err := s.client.Networking().ListNetworkSecurityGroupSecurityRules(ctx, id, direction) + response, err := s.client.Networking(nil).ListNetworkSecurityGroupSecurityRules(ctx, id, direction) if err != nil { return nil, errors.Wrapf(err, "failed to list Security Rules for nsg: %s", id) } @@ -233,11 +238,11 @@ func (s *CloudProvider) addNetworkSecurityGroupSecurityRules(ctx context.Context var response *core.AddNetworkSecurityGroupSecurityRulesResponse var err error for i, _ := range rulesInBatches { - response, err = s.client.Networking().AddNetworkSecurityGroupSecurityRules(ctx, + response, err = s.client.Networking(nil).AddNetworkSecurityGroupSecurityRules(ctx, *nsgId, core.AddNetworkSecurityGroupSecurityRulesDetails{SecurityRules: securityRuleToAddSecurityRuleDetails(rulesInBatches[i])}) if err != nil { - return nil, errors.Wrapf(err, "failed to add security rules for nsg: %s OpcRequestId: %s", *nsgId, pointer.StringDeref(response.OpcRequestId, "")) + return nil, errors.Wrapf(err, "failed to add security rules for nsg: %s", *nsgId) } s.logger.Infof("AddNetworkSecurityGroupSecurityRules OpcRequestId %s", pointer.StringDeref(response.OpcRequestId, "")) } @@ -250,10 +255,10 @@ func (s *CloudProvider) removeNetworkSecurityGroupSecurityRules(ctx context.Cont var response *core.RemoveNetworkSecurityGroupSecurityRulesResponse var err error for i, _ := range rulesInBatches { - response, err = s.client.Networking().RemoveNetworkSecurityGroupSecurityRules(ctx, *nsgId, + response, err = s.client.Networking(nil).RemoveNetworkSecurityGroupSecurityRules(ctx, *nsgId, core.RemoveNetworkSecurityGroupSecurityRulesDetails{SecurityRuleIds: rulesInBatches[i]}) if err != nil { - return nil, errors.Wrapf(err, "failed to remove security rules for nsg: %s OpcRequestId: %s", *nsgId, pointer.StringDeref(response.OpcRequestId, "")) + return nil, errors.Wrapf(err, "failed to remove security rules for nsg: %s", *nsgId) } s.logger.Infof("RemoveNetworkSecurityGroupSecurityRules OpcRequestId %s", pointer.StringDeref(response.OpcRequestId, "")) } @@ -303,7 +308,7 @@ func splitRuleIdsIntoBatches(rules []string) [][]string { return securityRulesInBatches } -func (s *CloudProvider) reconcileSecurityGroup(ctx context.Context, lbservice serviceComponents) error { +func (s *CloudProvider) reconcileSecurityGroup(ctx context.Context, lbservice securityRuleComponents) error { if len(lbservice.backendNsgOcids) > 0 { updateRulesMutex.Lock() defer updateRulesMutex.Unlock() @@ -385,7 +390,7 @@ func (s *CloudProvider) reconcileSecurityGroup(ctx context.Context, lbservice se return nil } -func (s *CloudProvider) removeBackendSecurityGroupRules(ctx context.Context, lbservice serviceComponents) error { +func (s *CloudProvider) removeBackendSecurityGroupRules(ctx context.Context, lbservice securityRuleComponents) error { for _, backendNsg := range lbservice.backendNsgOcids { nsg, err := s.getNsg(ctx, backendNsg) diff --git a/pkg/cloudprovider/providers/oci/load_balancer_security_lists.go b/pkg/cloudprovider/providers/oci/load_balancer_security_lists.go index 64a12e1a96..ca5fe277d5 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_security_lists.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_security_lists.go @@ -59,8 +59,8 @@ type portSpec struct { } type securityListManager interface { - Update(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec, isPreserveSource bool) error - Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, actualPorts portSpec, sourceCIDRs []string, isPreserveSource bool) error + Update(ctx context.Context, sc securityRuleComponents) error + Delete(ctx context.Context, sc securityRuleComponents) error } type baseSecurityListManager struct { @@ -105,7 +105,8 @@ func newSecurityListManager(logger *zap.SugaredLogger, client client.Interface, // updateBackendRules handles adding ingress rules to the backend subnets from the load balancer subnets. // TODO: Pass parameters in a struct -func (s *baseSecurityListManager) updateBackendRules(ctx context.Context, lbSubnets []*core.Subnet, nodeSubnets []*core.Subnet, actualPorts *portSpec, desiredPorts portSpec, sourceCIDRs []string, isPreserveSource bool) error { +func (s *baseSecurityListManager) updateBackendRules(ctx context.Context, lbSubnets []*core.Subnet, nodeSubnets []*core.Subnet, + actualPorts *portSpec, desiredPorts portSpec, sourceCIDRs []string, isPreserveSource bool, ipFamilies []string) error { for _, subnet := range nodeSubnets { secList, etag, err := s.getSecurityList(ctx, subnet) if err != nil { @@ -114,7 +115,7 @@ func (s *baseSecurityListManager) updateBackendRules(ctx context.Context, lbSubn logger := s.logger.With("securityListID", *secList.Id) - ingressRules := getNodeIngressRules(logger, secList.IngressSecurityRules, lbSubnets, actualPorts, desiredPorts, s.serviceLister, sourceCIDRs, isPreserveSource) + ingressRules := getNodeIngressRules(logger, secList.IngressSecurityRules, lbSubnets, actualPorts, desiredPorts, s.serviceLister, sourceCIDRs, isPreserveSource, ipFamilies) if !securityListRulesChanged(secList, ingressRules, secList.EgressSecurityRules) { logger.Debug("No changes for node subnet security list") @@ -123,7 +124,7 @@ func (s *baseSecurityListManager) updateBackendRules(ctx context.Context, lbSubn logger.Info("Node subnet security list changed") - _, err = s.client.Networking().UpdateSecurityList(ctx, *secList.Id, etag, ingressRules, secList.EgressSecurityRules) + _, err = s.client.Networking(nil).UpdateSecurityList(ctx, *secList.Id, etag, ingressRules, secList.EgressSecurityRules) if err != nil { return errors.Wrapf(err, "update security list rules %q for subnet %q", *secList.Id, *subnet.Id) } @@ -134,7 +135,8 @@ func (s *baseSecurityListManager) updateBackendRules(ctx context.Context, lbSubn // updateLoadBalancerRules handles updating the ingress and egress rules for the load balance subnets. // If the listener is nil, then only egress rules from the load balancer to the backend subnets will be checked. -func (s *baseSecurityListManager) updateLoadBalancerRules(ctx context.Context, lbSubnets []*core.Subnet, nodeSubnets []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec) error { +func (s *baseSecurityListManager) updateLoadBalancerRules(ctx context.Context, lbSubnets []*core.Subnet, nodeSubnets []*core.Subnet, + sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec, ipFamilies []string) error { for _, lbSubnet := range lbSubnets { secList, etag, err := s.getSecurityList(ctx, lbSubnet) if err != nil { @@ -151,8 +153,8 @@ func (s *baseSecurityListManager) updateLoadBalancerRules(ctx context.Context, l currentHealthCheck = actualPorts.HealthCheckerPort } - lbEgressRules := getLoadBalancerEgressRules(logger, secList.EgressSecurityRules, nodeSubnets, currentBackEndPort, desiredPorts.BackendPort, s.serviceLister) - lbEgressRules = getLoadBalancerEgressRules(logger, lbEgressRules, nodeSubnets, currentHealthCheck, desiredPorts.HealthCheckerPort, s.serviceLister) + lbEgressRules := getLoadBalancerEgressRules(logger, secList.EgressSecurityRules, nodeSubnets, currentBackEndPort, desiredPorts.BackendPort, s.serviceLister, ipFamilies) + lbEgressRules = getLoadBalancerEgressRules(logger, lbEgressRules, nodeSubnets, currentHealthCheck, desiredPorts.HealthCheckerPort, s.serviceLister, ipFamilies) lbIngressRules := secList.IngressSecurityRules if desiredPorts.ListenerPort != 0 { @@ -166,7 +168,7 @@ func (s *baseSecurityListManager) updateLoadBalancerRules(ctx context.Context, l logger.Info("Load balancer subnet security list changed") - _, err = s.client.Networking().UpdateSecurityList(ctx, *secList.Id, etag, lbIngressRules, lbEgressRules) + _, err = s.client.Networking(nil).UpdateSecurityList(ctx, *secList.Id, etag, lbIngressRules, lbEgressRules) if err != nil { return errors.Wrapf(err, "update lb security list rules %q for subnet %q", *secList.Id, *lbSubnet.Id) } @@ -182,7 +184,7 @@ func (s *baseSecurityListManager) getSecurityList(ctx context.Context, subnet *c // Use the security list from cloud-provider config if provided. if id, ok := s.securityLists[*subnet.Id]; ok && sets.NewString(subnet.SecurityListIds...).Has(id) { - response, err := s.client.Networking().GetSecurityList(ctx, id) + response, err := s.client.Networking(nil).GetSecurityList(ctx, id) if err != nil { return nil, "", err } @@ -193,7 +195,7 @@ func (s *baseSecurityListManager) getSecurityList(ctx context.Context, subnet *c // NOTE(apryde): This is rather arbitrary but we're probably stuck with it at this point. responses := make([]core.GetSecurityListResponse, len(subnet.SecurityListIds)) for i, id := range subnet.SecurityListIds { - response, err := s.client.Networking().GetSecurityList(ctx, id) + response, err := s.client.Networking(nil).GetSecurityList(ctx, id) if err != nil { return nil, "", err } @@ -223,12 +225,13 @@ type defaultSecurityListManager struct { // Egress rules added: // // from LB subnets to backend subnets on the backend port -func (s *defaultSecurityListManager) Update(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec, isPreserveSource bool) error { - if err := s.updateLoadBalancerRules(ctx, lbSubnets, backendSubnets, sourceCIDRs, actualPorts, desiredPorts); err != nil { +func (s *defaultSecurityListManager) Update(ctx context.Context, sc securityRuleComponents) error { + + if err := s.updateLoadBalancerRules(ctx, sc.lbSubnets, sc.backendSubnets, sc.sourceCIDRs, sc.actualPorts, sc.desiredPorts, sc.ipFamilies); err != nil { return err } - return s.updateBackendRules(ctx, lbSubnets, backendSubnets, actualPorts, desiredPorts, sourceCIDRs, isPreserveSource) + return s.updateBackendRules(ctx, sc.lbSubnets, sc.backendSubnets, sc.actualPorts, sc.desiredPorts, sc.sourceCIDRs, sc.isPreserveSource, sc.ipFamilies) } // Delete the security list rules associated with the listener and backends. @@ -236,16 +239,16 @@ func (s *defaultSecurityListManager) Update(ctx context.Context, lbSubnets []*co // If the listener is nil, then only the egress rules from the LB's to the backends and the // ingress rules from the LB's to the backends will be cleaned up. // If the listener is not nil, then the ingress rules to the LB's will be cleaned up. -func (s *defaultSecurityListManager) Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, ports portSpec, sourceCIDRs []string, isPreserveSource bool) error { +func (s *defaultSecurityListManager) Delete(ctx context.Context, sc securityRuleComponents) error { noSubnets := []*core.Subnet{} noSourceCIDRs := []string{} - err := s.updateLoadBalancerRules(ctx, lbSubnets, noSubnets, noSourceCIDRs, &ports, ports) + err := s.updateLoadBalancerRules(ctx, sc.lbSubnets, noSubnets, noSourceCIDRs, &sc.desiredPorts, sc.desiredPorts, sc.ipFamilies) if err != nil { return err } - return s.updateBackendRules(ctx, noSubnets, backendSubnets, &ports, ports, noSourceCIDRs, isPreserveSource) + return s.updateBackendRules(ctx, noSubnets, sc.backendSubnets, &sc.desiredPorts, sc.desiredPorts, noSourceCIDRs, sc.isPreserveSource, sc.ipFamilies) } // frontendSecurityListManager manages only the ingress security list rules required for @@ -259,16 +262,16 @@ type frontendSecurityListManager struct { // Ingress rules added: // // from source cidrs to lb subnets on the listener port -func (s *frontendSecurityListManager) Update(ctx context.Context, lbSubnets []*core.Subnet, _ []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, desiredPorts portSpec, isPreserveSource bool) error { +func (s *frontendSecurityListManager) Update(ctx context.Context, sc securityRuleComponents) error { noSubnets := []*core.Subnet{} - return s.updateLoadBalancerRules(ctx, lbSubnets, noSubnets, sourceCIDRs, actualPorts, desiredPorts) + return s.updateLoadBalancerRules(ctx, sc.lbSubnets, noSubnets, sc.sourceCIDRs, sc.actualPorts, sc.desiredPorts, sc.ipFamilies) } // Delete the ingress security list rules associated with the listener. -func (s *frontendSecurityListManager) Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, ports portSpec, sourceCIDRs []string, isPreserveSource bool) error { +func (s *frontendSecurityListManager) Delete(ctx context.Context, sc securityRuleComponents) error { noSubnets := []*core.Subnet{} noSourceCIDRs := []string{} - return s.updateLoadBalancerRules(ctx, lbSubnets, noSubnets, noSourceCIDRs, &ports, ports) + return s.updateLoadBalancerRules(ctx, sc.lbSubnets, noSubnets, noSourceCIDRs, &sc.desiredPorts, sc.desiredPorts, sc.ipFamilies) } // securityListManagerNOOP implements the securityListManager interface but does @@ -276,11 +279,11 @@ func (s *frontendSecurityListManager) Delete(ctx context.Context, lbSubnets []*c // to use that feature. type securityListManagerNOOP struct{} -func (s *securityListManagerNOOP) Update(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, sourceCIDRs []string, actualPorts *portSpec, ports portSpec, isPreserveSource bool) error { +func (s *securityListManagerNOOP) Update(ctx context.Context, sc securityRuleComponents) error { return nil } -func (s *securityListManagerNOOP) Delete(ctx context.Context, lbSubnets []*core.Subnet, backendSubnets []*core.Subnet, ports portSpec, sourceCIDRs []string, isPreserveSource bool) error { +func (s *securityListManagerNOOP) Delete(ctx context.Context, sc securityRuleComponents) error { return nil } @@ -343,6 +346,7 @@ func getNodeIngressRules( serviceLister listersv1.ServiceLister, sourceCIDRs []string, isPreserveSource bool, + ipFamilies []string, ) []core.IngressSecurityRule { // 0 denotes nil ports. var currentBackEndPort = 0 @@ -355,8 +359,19 @@ func getNodeIngressRules( desiredBackend := sets.NewString() desiredHealthChecker := sets.NewString() for _, lbSubnet := range lbSubnets { - desiredBackend.Insert(*lbSubnet.CidrBlock) - desiredHealthChecker.Insert(*lbSubnet.CidrBlock) + + if contains(ipFamilies, IPv4) && lbSubnet.CidrBlock != nil { + desiredBackend.Insert(*lbSubnet.CidrBlock) + desiredHealthChecker.Insert(*lbSubnet.CidrBlock) + } + if contains(ipFamilies, IPv6) && lbSubnet.Ipv6CidrBlocks != nil { + if len(lbSubnet.Ipv6CidrBlocks) > 0 { + for _, cidr := range lbSubnet.Ipv6CidrBlocks { + desiredBackend.Insert(cidr) + desiredHealthChecker.Insert(cidr) + } + } + } } // Additional sourceCIDR rule for NLB only, for source IP preservation @@ -540,10 +555,21 @@ func getLoadBalancerEgressRules( nodeSubnets []*core.Subnet, actualPort, desiredPort int, serviceLister listersv1.ServiceLister, + ipFamilies []string, ) []core.EgressSecurityRule { nodeCIDRs := sets.NewString() for _, subnet := range nodeSubnets { - nodeCIDRs.Insert(*subnet.CidrBlock) + if contains(ipFamilies, IPv4) && subnet.CidrBlock != nil { + nodeCIDRs.Insert(*subnet.CidrBlock) + } + if contains(ipFamilies, IPv6) && subnet.Ipv6CidrBlocks != nil { + if len(subnet.Ipv6CidrBlocks) > 0 { + for _, cidr := range subnet.Ipv6CidrBlocks { + nodeCIDRs.Insert(cidr) + } + + } + } } egressRules := []core.EgressSecurityRule{} diff --git a/pkg/cloudprovider/providers/oci/load_balancer_security_lists_test.go b/pkg/cloudprovider/providers/oci/load_balancer_security_lists_test.go index c5468cf0f9..fe59ae1ab4 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_security_lists_test.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_security_lists_test.go @@ -41,6 +41,7 @@ func TestGetNodeIngressRules(t *testing.T) { sourceCIDRs []string isPreserveSource bool expected []core.IngressSecurityRule + ipFamilies []string }{ { name: "new ingress", @@ -67,7 +68,9 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("1", k8sports.ProxyHealthzPort), makeIngressSecurityRule("2", k8sports.ProxyHealthzPort), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "no change", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -96,7 +99,9 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("2", 80), makeIngressSecurityRule("2", k8sports.ProxyHealthzPort), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "change lb subnet", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -127,6 +132,7 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("3", 80), makeIngressSecurityRule("3", k8sports.ProxyHealthzPort), }, + ipFamilies: []string{IPv4}, }, { name: "remove lb subnets", @@ -152,6 +158,7 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("existing", 9000), makeIngressSecurityRule("existing", 9001), }, + ipFamilies: []string{IPv4}, }, { name: "do not delete health check rules that are used by other services", @@ -181,6 +188,7 @@ func TestGetNodeIngressRules(t *testing.T) { expected: []core.IngressSecurityRule{ makeIngressSecurityRule("0.0.0.0/0", lbNodesHealthCheckPort), }, + ipFamilies: []string{IPv4}, }, { name: "multiple services for same cluster; one uses default healthcheck and other uses HealthcheckNodeport", @@ -221,6 +229,7 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("0.0.0.0/0", lbNodesHealthCheckPort), makeIngressSecurityRule("1.1.1.1/1", 32000), }, + ipFamilies: []string{IPv4}, }, { name: "update service port", @@ -255,7 +264,9 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("1", 80), makeIngressSecurityRule("2", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service health check port", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -288,7 +299,9 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort+1), makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort+1), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "external traffic policy local service health check port", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -330,6 +343,57 @@ func TestGetNodeIngressRules(t *testing.T) { makeIngressSecurityRule("10.0.50.0/24", 30000), makeIngressSecurityRule("10.0.51.0/24", 30000), }, + ipFamilies: []string{IPv4}, + }, + { + name: "external traffic policy local service health check port", + securityList: &core.SecurityList{ + IngressSecurityRules: []core.IngressSecurityRule{ + core.IngressSecurityRule{Source: common.String("0.0.0.0/0")}, + makeIngressSecurityRule("10.0.50.0/24", 8081), + makeIngressSecurityRule("10.0.51.0/24", 8081), + makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort), + makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort), + }, + }, + lbSubnets: []*core.Subnet{ + {CidrBlock: common.String("10.0.50.0/24")}, + { + CidrBlock: common.String("10.0.51.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B/7"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B/7"}, + }, + }, + actualPorts: &portSpec{ + BackendPort: 8081, + HealthCheckerPort: k8sports.ProxyHealthzPort, + }, + desiredPorts: portSpec{ + BackendPort: 8081, + HealthCheckerPort: 30000, + }, + services: []*v1.Service{ + { + ObjectMeta: metav1.ObjectMeta{Namespace: "namespace", Name: "using-non-default-health-check-port"}, + Spec: v1.ServiceSpec{ + Type: v1.ServiceTypeLoadBalancer, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicy(api.ServiceExternalTrafficPolicyLocal), + Ports: []v1.ServicePort{{Port: 8081}}, + }, + }, + }, + isPreserveSource: false, + sourceCIDRs: []string{"0.0.0.0/0"}, + expected: []core.IngressSecurityRule{ + core.IngressSecurityRule{Source: common.String("0.0.0.0/0")}, + makeIngressSecurityRule("10.0.50.0/24", 8081), + makeIngressSecurityRule("10.0.51.0/24", 8081), + makeIngressSecurityRule("2001:0000:130F:0000:0000:09C0:876A:130B/7", 8081), + makeIngressSecurityRule("10.0.50.0/24", 30000), + makeIngressSecurityRule("10.0.51.0/24", 30000), + makeIngressSecurityRule("2001:0000:130F:0000:0000:09C0:876A:130B/7", 30000), + }, + ipFamilies: []string{IPv4, IPv6}, }, } @@ -342,7 +406,8 @@ func TestGetNodeIngressRules(t *testing.T) { } } t.Run(tc.name, func(t *testing.T) { - rules := getNodeIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.lbSubnets, tc.actualPorts, tc.desiredPorts, serviceLister, tc.sourceCIDRs, tc.isPreserveSource) + rules := getNodeIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.lbSubnets, tc.actualPorts, + tc.desiredPorts, serviceLister, tc.sourceCIDRs, tc.isPreserveSource, tc.ipFamilies) if !reflect.DeepEqual(rules, tc.expected) { t.Errorf("expected rules\n%+v\nbut got\n%+v", tc.expected, rules) } @@ -361,6 +426,7 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { sourceCIDRs []string isPreserveSource bool expected []core.IngressSecurityRule + ipFamilies []string }{ { name: "new ingress", @@ -388,7 +454,8 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("1", k8sports.ProxyHealthzPort), makeIngressSecurityRule("2", k8sports.ProxyHealthzPort), }, - }, { + ipFamilies: []string{IPv4}}, + { name: "no change", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -419,7 +486,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("2", k8sports.ProxyHealthzPort), makeIngressSecurityRule("0.0.0.0/0", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "change lb subnet", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -452,7 +521,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("3", 80), makeIngressSecurityRule("3", k8sports.ProxyHealthzPort), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "remove lb subnets", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -477,7 +548,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("existing", 9000), makeIngressSecurityRule("existing", 9001), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "do not delete health check rules that are used by other services", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -504,7 +577,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { expected: []core.IngressSecurityRule{ makeIngressSecurityRule("0.0.0.0/0", lbNodesHealthCheckPort), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service port", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -539,7 +614,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("1", 80), makeIngressSecurityRule("2", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service health check port", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -574,7 +651,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort+1), makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort+1), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "new ingress without source IP preservation", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -600,7 +679,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("1", k8sports.ProxyHealthzPort), makeIngressSecurityRule("2", k8sports.ProxyHealthzPort), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service to not preserve source", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -634,7 +715,9 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort+1), makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort+1), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service to preserve source", securityList: &core.SecurityList{ IngressSecurityRules: []core.IngressSecurityRule{ @@ -658,15 +741,17 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { HealthCheckerPort: k8sports.ProxyHealthzPort + 1, }, services: []*v1.Service{}, - isPreserveSource: false, + isPreserveSource: true, sourceCIDRs: []string{"0.0.0.0/0"}, expected: []core.IngressSecurityRule{ core.IngressSecurityRule{Source: common.String("0.0.0.0/0")}, makeIngressSecurityRule("10.0.50.0/24", 8081), makeIngressSecurityRule("10.0.51.0/24", 8081), + makeIngressSecurityRule("0.0.0.0/0", 8081), makeIngressSecurityRule("10.0.50.0/24", k8sports.ProxyHealthzPort+1), makeIngressSecurityRule("10.0.51.0/24", k8sports.ProxyHealthzPort+1), }, + ipFamilies: []string{IPv4}, }, } @@ -679,7 +764,8 @@ func TestGetNodeIngressRules_NLB(t *testing.T) { } } t.Run(tc.name, func(t *testing.T) { - rules := getNodeIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.lbSubnets, tc.actualPorts, tc.desiredPorts, serviceLister, tc.sourceCIDRs, tc.isPreserveSource) + rules := getNodeIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.lbSubnets, tc.actualPorts, tc.desiredPorts, + serviceLister, tc.sourceCIDRs, tc.isPreserveSource, tc.ipFamilies) if !reflect.DeepEqual(rules, tc.expected) { t.Errorf("expected rules\n%+v\nbut got\n%+v", tc.expected, rules) } @@ -695,6 +781,7 @@ func TestGetLoadBalancerIngressRules(t *testing.T) { port int services []*v1.Service expected []core.IngressSecurityRule + ipFamilies []string }{ { name: "new source cidrs", @@ -806,7 +893,8 @@ func TestGetLoadBalancerIngressRules(t *testing.T) { } } t.Run(tc.name, func(t *testing.T) { - rules := getLoadBalancerIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.sourceCIDRs, tc.port, serviceLister) + rules := getLoadBalancerIngressRules(zap.S(), tc.securityList.IngressSecurityRules, tc.sourceCIDRs, tc.port, + serviceLister) if !reflect.DeepEqual(rules, tc.expected) { t.Errorf("expected rules\n%+v\nbut got\n%+v", tc.expected, rules) } @@ -823,6 +911,7 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { desiredPort int services []*v1.Service expected []core.EgressSecurityRule + ipFamilies []string }{ { name: "new egress", @@ -843,7 +932,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("1", 80), makeEgressSecurityRule("2", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "no change", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -864,7 +955,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("1", 80), makeEgressSecurityRule("2", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service port", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -902,7 +995,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("10.0.41.0/24", 30355), makeEgressSecurityRule("10.0.42.0/24", 30355), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "update service health check port", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -940,7 +1035,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("10.0.41.0/24", lbNodesHealthCheckPort+1), makeEgressSecurityRule("10.0.42.0/24", lbNodesHealthCheckPort+1), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "change node subnet", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -963,7 +1060,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("existing", 9001), makeEgressSecurityRule("3", 80), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "remove node subnets", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -981,7 +1080,9 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("existing", 9000), makeEgressSecurityRule("existing", 9001), }, - }, { + ipFamilies: []string{IPv4}, + }, + { name: "do not delete a port rule which is used by another services (default) health check", securityList: &core.SecurityList{ EgressSecurityRules: []core.EgressSecurityRule{ @@ -1004,6 +1105,7 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { expected: []core.EgressSecurityRule{ makeEgressSecurityRule("0.0.0.0/0", lbNodesHealthCheckPort), }, + ipFamilies: []string{IPv4}, }, { name: "do not delete a port rule during listener deletes", @@ -1028,6 +1130,7 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { expected: []core.EgressSecurityRule{ makeEgressSecurityRule("0.0.0.0/0", 30000), }, + ipFamilies: []string{IPv4}, }, { name: "multiple services in the same cluster; one using default healthcheck and other using healthcheck Nodeport", @@ -1063,6 +1166,33 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { makeEgressSecurityRule("0.0.0.0/0", 30000), makeEgressSecurityRule("0.0.0.0/0", lbNodesHealthCheckPort), }, + ipFamilies: []string{IPv4}, + }, + { + name: "new egress Ipv6", + securityList: &core.SecurityList{ + EgressSecurityRules: []core.EgressSecurityRule{ + makeEgressSecurityRule("existing", 9000), + }, + }, + subnets: []*core.Subnet{ + {CidrBlock: common.String("1")}, + { + CidrBlock: common.String("2"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B/7"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B/7"}, + }, + }, + actualPort: 80, + desiredPort: 80, + services: []*v1.Service{}, + expected: []core.EgressSecurityRule{ + makeEgressSecurityRule("existing", 9000), + makeEgressSecurityRule("1", 80), + makeEgressSecurityRule("2", 80), + makeEgressSecurityRule("2001:0000:130F:0000:0000:09C0:876A:130B/7", 80), + }, + ipFamilies: []string{IPv4, IPv6}, }, } @@ -1075,7 +1205,8 @@ func TestGetLoadBalancerEgressRules(t *testing.T) { } } t.Run(tc.name, func(t *testing.T) { - rules := getLoadBalancerEgressRules(zap.S(), tc.securityList.EgressSecurityRules, tc.subnets, tc.actualPort, tc.desiredPort, serviceLister) + rules := getLoadBalancerEgressRules(zap.S(), tc.securityList.EgressSecurityRules, tc.subnets, tc.actualPort, + tc.desiredPort, serviceLister, tc.ipFamilies) if !reflect.DeepEqual(rules, tc.expected) { t.Errorf("expected rules\n%+v\nbut got\n%+v", tc.expected, rules) } diff --git a/pkg/cloudprovider/providers/oci/load_balancer_spec.go b/pkg/cloudprovider/providers/oci/load_balancer_spec.go index 4ad4f5a697..646abe9448 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_spec.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_spec.go @@ -26,6 +26,7 @@ import ( v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" apiservice "k8s.io/kubernetes/pkg/api/v1/service" + "k8s.io/utils/pointer" "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" @@ -33,6 +34,7 @@ import ( "github.com/oracle/oci-go-sdk/v65/common" "github.com/pkg/errors" helper "k8s.io/cloud-provider/service/helpers" + net2 "k8s.io/utils/net" ) const ( @@ -43,6 +45,14 @@ const ( LBHealthCheckIntervalMax = 1800000 NLBHealthCheckIntervalMin = 10000 NLBHealthCheckIntervalMax = 1800000 + IPv4 = string(client.GenericIPv4) + IPv6 = string(client.GenericIPv6) + IPv4AndIPv6 = string("IPv4_AND_IPv6") +) + +const ( + defaultLoadBalancerSourceRangesIPv4 = "0.0.0.0/0" + defaultLoadBalancerSourceRangesIPv6 = "::/0" ) const ProtocolTypeMixed = "TCP_AND_UDP" @@ -159,6 +169,12 @@ const ( // ServiceAnnotationBackendSecurityRuleManagement is a service annotation to denote management of backend Network Security Group(s) // ingress / egress security rules for a given kubernetes service could be either LB or NLB ServiceAnnotationBackendSecurityRuleManagement = "oci.oraclecloud.com/oci-backend-network-security-group" + + // ServiceAnnotationLoadbalancerListenerSSLConfig is a service annotation allows you to set the cipher suite on the listener + ServiceAnnotationLoadbalancerListenerSSLConfig = "oci.oraclecloud.com/oci-load-balancer-listener-ssl-config" + + // ServiceAnnotationLoadbalancerBackendSetSSLConfig is a service annotation allows you to set the cipher suite on the backendSet + ServiceAnnotationLoadbalancerBackendSetSSLConfig = "oci.oraclecloud.com/oci-load-balancer-backendset-ssl-config" ) // NLB specific annotations @@ -220,6 +236,9 @@ const ( // ServiceAnnotationNetworkLoadBalancerIsPreserveSource is a service annotation to enable/disable preserving source information // on the NLB traffic. Default value when no annotation is given is to enable this for NLBs with externalTrafficPolicy=Local. ServiceAnnotationNetworkLoadBalancerIsPreserveSource = "oci-network-load-balancer.oraclecloud.com/is-preserve-source" + + // ServiceAnnotationNetworkLoadBalancerIsPpv2Enabled is a service annotation to enable/disable PPv2 feature for the listeners of this NLB. + ServiceAnnotationNetworkLoadBalancerIsPpv2Enabled = "oci-network-load-balancer.oraclecloud.com/is-ppv2-enabled" ) // certificateData is a structure containing the data about a K8S secret required @@ -316,6 +335,7 @@ type LBSpec struct { securityListManager securityListManager ManagedNetworkSecurityGroup *ManagedNetworkSecurityGroup NetworkSecurityGroupIds []string + IpVersions *IpVersions FreeformTags map[string]string DefinedTags map[string]map[string]interface{} SystemTags map[string]map[string]interface{} @@ -325,11 +345,21 @@ type LBSpec struct { } // NewLBSpec creates a LB Spec from a Kubernetes service and a slice of nodes. -func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, subnets []string, sslConfig *SSLConfig, secListFactory securityListManagerFactory, initialLBTags *config.InitialTags, existingLB *client.GenericLoadBalancer) (*LBSpec, error) { +func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, provisionedNodes []*v1.Node, subnets []string, + sslConfig *SSLConfig, secListFactory securityListManagerFactory, versions *IpVersions, initialLBTags *config.InitialTags, + existingLB *client.GenericLoadBalancer) (*LBSpec, error) { if err := validateService(svc); err != nil { return nil, errors.Wrap(err, "invalid service") } + lbType := getLoadBalancerType(svc) + ipVersions := &IpVersions{ + IpFamilyPolicy: versions.IpFamilyPolicy, + IpFamilies: versions.IpFamilies, + LbEndpointIpVersion: versions.LbEndpointIpVersion, + ListenerBackendIpVersion: versions.ListenerBackendIpVersion, + } + internal, err := isInternalLB(svc) if err != nil { return nil, err @@ -345,7 +375,7 @@ func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, sub return nil, err } - listeners, err := getListeners(svc, sslConfig) + listeners, err := getListeners(svc, sslConfig, convertOciIpVersionsToOciIpFamilies(versions.ListenerBackendIpVersion)) if err != nil { return nil, err } @@ -355,12 +385,12 @@ func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, sub return nil, err } - backendSets, err := getBackendSets(logger, svc, nodes, sslConfig, isPreserveSource) + backendSets, err := getBackendSets(logger, svc, provisionedNodes, sslConfig, isPreserveSource, convertOciIpVersionsToOciIpFamilies(versions.ListenerBackendIpVersion)) if err != nil { return nil, err } - ports, err := getPorts(svc) + ports, err := getPorts(svc, convertOciIpVersionsToOciIpFamilies(versions.ListenerBackendIpVersion)) if err != nil { return nil, err } @@ -398,8 +428,6 @@ func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, sub managedNsg.backendNsgId = backendNsgOcids } - lbType := getLoadBalancerType(svc) - return &LBSpec{ Type: lbType, Name: GetLoadBalancerName(svc), @@ -418,11 +446,12 @@ func NewLBSpec(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, sub NetworkSecurityGroupIds: networkSecurityGroupIds, ManagedNetworkSecurityGroup: managedNsg, service: svc, - nodes: nodes, + nodes: provisionedNodes, securityListManager: secListFactory(ruleManagementMode), + IpVersions: ipVersions, FreeformTags: lbTags.FreeformTags, DefinedTags: lbTags.DefinedTags, - SystemTags: getResourceTrackingSysTagsFromConfig(logger, initialLBTags), + SystemTags: getResourceTrackingSystemTagsFromConfig(logger, initialLBTags), }, nil } @@ -629,11 +658,26 @@ func getLoadBalancerSourceRanges(service *v1.Service) ([]string, error) { return []string{}, err } + requireIPv6 := contains(getIpFamilies(service), IPv6) sourceCIDRs := make([]string, 0, len(sourceRanges)) for _, sourceRange := range sourceRanges { sourceCIDRs = append(sourceCIDRs, sourceRange.String()) } + if len(sourceCIDRs) > 1 || (len(sourceCIDRs) == 1 && sourceCIDRs[0] != defaultLoadBalancerSourceRangesIPv4) { + // User provided Loadbalancer source ranges, don't add any + return sourceCIDRs, nil + } + + if requireIPv6 { + if !isServiceDualStack(service) { + if len(sourceCIDRs) == 1 && sourceCIDRs[0] == defaultLoadBalancerSourceRangesIPv4 { + sourceCIDRs = removeAtPosition(sourceCIDRs, 0) + } + } + sourceCIDRs = append(sourceCIDRs, defaultLoadBalancerSourceRangesIPv6) + } + return sourceCIDRs, nil } @@ -641,29 +685,48 @@ func getBackendSetName(protocol string, port int) string { return fmt.Sprintf("%s-%d", protocol, port) } -func getPorts(svc *v1.Service) (map[string]portSpec, error) { +func getPorts(svc *v1.Service, listenerBackendIpVersion []string) (map[string]portSpec, error) { ports := make(map[string]portSpec) - for backendSetName, servicePort := range getBackendSetNamePortMap(svc) { healthChecker, err := getHealthChecker(svc) if err != nil { return nil, err } - ports[backendSetName] = portSpec{ - BackendPort: int(servicePort.NodePort), - ListenerPort: int(servicePort.Port), - HealthCheckerPort: *healthChecker.Port, + if strings.Contains(backendSetName, IPv6) && contains(listenerBackendIpVersion, IPv6) { + ports[backendSetName] = portSpec{ + BackendPort: int(servicePort.NodePort), + ListenerPort: int(servicePort.Port), + HealthCheckerPort: *healthChecker.Port, + } + } else if !strings.Contains(backendSetName, IPv6) && contains(listenerBackendIpVersion, IPv4) { + ports[backendSetName] = portSpec{ + BackendPort: int(servicePort.NodePort), + ListenerPort: int(servicePort.Port), + HealthCheckerPort: *healthChecker.Port, + } } } return ports, nil } -func getBackends(logger *zap.SugaredLogger, nodes []*v1.Node, nodePort int32) []client.GenericBackend { - backends := make([]client.GenericBackend, 0) - for _, node := range nodes { - nodeAddressString := common.String(NodeInternalIP(node)) - if *nodeAddressString == "" { - logger.Warnf("Node %q has an empty Internal IP address.", node.Name) +func getBackends(logger *zap.SugaredLogger, provisionedNodes []*v1.Node, nodePort int32) ([]client.GenericBackend, []client.GenericBackend) { + IPv4Backends := make([]client.GenericBackend, 0) + IPv6Backends := make([]client.GenericBackend, 0) + + // Prepare provisioned nodes backends + for _, node := range provisionedNodes { + nodeAddressString := NodeInternalIP(node) + nodeAddressStringV4 := common.String(nodeAddressString.V4) + nodeAddressStringV6 := common.String(nodeAddressString.V6) + + if *nodeAddressStringV6 == "" { + // Since Internal IP is optional for IPv6 populate external IP of node if present + externalNodeAddressString := NodeExternalIp(node) + nodeAddressStringV6 = common.String(externalNodeAddressString.V6) + } + + if *nodeAddressStringV4 == "" && *nodeAddressStringV6 == "" { + logger.Warnf("Node %q has an empty IP address'", node.Name) continue } instanceID, err := MapProviderIDToResourceID(node.Spec.ProviderID) @@ -672,17 +735,28 @@ func getBackends(logger *zap.SugaredLogger, nodes []*v1.Node, nodePort int32) [] continue } - backends = append(backends, client.GenericBackend{ - IpAddress: nodeAddressString, - Port: common.Int(int(nodePort)), - Weight: common.Int(1), - TargetId: &instanceID, - }) + genericBackend := client.GenericBackend{ + Port: common.Int(int(nodePort)), + Weight: common.Int(1), + } + + if net2.IsIPv6String(*nodeAddressStringV6) { + // IPv6 IP + genericBackend.IpAddress = nodeAddressStringV6 + genericBackend.TargetId = nil + IPv6Backends = append(IPv6Backends, genericBackend) + } + if net2.IsIPv4String(*nodeAddressStringV4) { + // IPv4 IP + genericBackend.IpAddress = nodeAddressStringV4 + genericBackend.TargetId = &instanceID + IPv4Backends = append(IPv4Backends, genericBackend) + } } - return backends + return IPv4Backends, IPv6Backends } -func getBackendSets(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node, sslCfg *SSLConfig, isPreserveSource bool) (map[string]client.GenericBackendSetDetails, error) { +func getBackendSets(logger *zap.SugaredLogger, svc *v1.Service, provisionedNodes []*v1.Node, sslCfg *SSLConfig, isPreserveSource bool, listenerBackendIpVersion []string) (map[string]client.GenericBackendSetDetails, error) { backendSets := make(map[string]client.GenericBackendSetDetails) loadbalancerPolicy, err := getLoadBalancerPolicy(svc) if err != nil { @@ -691,19 +765,37 @@ func getBackendSets(logger *zap.SugaredLogger, svc *v1.Service, nodes []*v1.Node for backendSetName, servicePort := range getBackendSetNamePortMap(svc) { var secretName string - if sslCfg != nil && len(sslCfg.BackendSetSSLSecretName) != 0 { + var sslConfiguration *client.GenericSslConfigurationDetails + if sslCfg != nil && len(sslCfg.BackendSetSSLSecretName) != 0 && getLoadBalancerType(svc) == LB { secretName = sslCfg.BackendSetSSLSecretName + backendSetSSLConfig, _ := svc.Annotations[ServiceAnnotationLoadbalancerBackendSetSSLConfig] + sslConfiguration, err = getSSLConfiguration(sslCfg, secretName, int(servicePort.Port), backendSetSSLConfig) + if err != nil { + return nil, err + } } healthChecker, err := getHealthChecker(svc) if err != nil { return nil, err } - backendSets[backendSetName] = client.GenericBackendSetDetails{ + backendsIPv4, backendsIPv6 := getBackends(logger, provisionedNodes, servicePort.NodePort) + + genericBackendSetDetails := client.GenericBackendSetDetails{ + Name: common.String(backendSetName), Policy: &loadbalancerPolicy, - Backends: getBackends(logger, nodes, servicePort.NodePort), HealthChecker: healthChecker, IsPreserveSource: &isPreserveSource, - SslConfiguration: getSSLConfiguration(sslCfg, secretName, int(servicePort.Port)), + SslConfiguration: sslConfiguration, + } + + if strings.Contains(backendSetName, IPv6) && contains(listenerBackendIpVersion, IPv6) { + genericBackendSetDetails.IpVersion = GenericIpVersion(client.GenericIPv6) + genericBackendSetDetails.Backends = backendsIPv6 + backendSets[backendSetName] = genericBackendSetDetails + } else if !strings.Contains(backendSetName, IPv6) && contains(listenerBackendIpVersion, IPv4) { + genericBackendSetDetails.IpVersion = GenericIpVersion(client.GenericIPv4) + genericBackendSetDetails.Backends = backendsIPv4 + backendSets[backendSetName] = genericBackendSetDetails } } return backendSets, nil @@ -854,15 +946,38 @@ func getHealthCheckTimeout(svc *v1.Service) (int, error) { return timeoutInMillis, nil } -func getSSLConfiguration(cfg *SSLConfig, name string, port int) *client.GenericSslConfigurationDetails { +func GetSSLConfiguration(cfg *SSLConfig, name string, port int, sslConfigAnnotation string) (*client.GenericSslConfigurationDetails, error) { + sslConfig, err := getSSLConfiguration(cfg, name, port, sslConfigAnnotation) + if err != nil { + return nil, err + } + return sslConfig, nil +} + +func getSSLConfiguration(cfg *SSLConfig, name string, port int, lbSslConfigurationAnnotation string) (*client.GenericSslConfigurationDetails, error) { if cfg == nil || !cfg.Ports.Has(port) || len(name) == 0 { - return nil + return nil, nil } - return &client.GenericSslConfigurationDetails{ + // TODO: fast-follow to pass the sslconfiguration object directly to loadbalancer + var extractCipherSuite *client.GenericSslConfigurationDetails + + if lbSslConfigurationAnnotation != "" { + err := json.Unmarshal([]byte(lbSslConfigurationAnnotation), &extractCipherSuite) + if err != nil { + return nil, errors.Wrap(err, "failed to parse SSL Configuration annotation") + } + } + genericSSLConfigurationDetails := &client.GenericSslConfigurationDetails{ CertificateName: &name, VerifyDepth: common.Int(0), VerifyPeerCertificate: common.Bool(false), } + if extractCipherSuite != nil { + genericSSLConfigurationDetails.CipherSuiteName = extractCipherSuite.CipherSuiteName + genericSSLConfigurationDetails.Protocols = extractCipherSuite.Protocols + } + + return genericSSLConfigurationDetails, nil } func getListenersOciLoadBalancer(svc *v1.Service, sslCfg *SSLConfig) (map[string]client.GenericListener, error) { @@ -912,11 +1027,18 @@ func getListenersOciLoadBalancer(svc *v1.Service, sslCfg *SSLConfig) (map[string } } port := int(servicePort.Port) + var secretName string + var err error + var sslConfiguration *client.GenericSslConfigurationDetails if sslCfg != nil && len(sslCfg.ListenerSSLSecretName) != 0 { secretName = sslCfg.ListenerSSLSecretName + listenerCipherSuiteAnnotation, _ := svc.Annotations[ServiceAnnotationLoadbalancerListenerSSLConfig] + sslConfiguration, err = getSSLConfiguration(sslCfg, secretName, port, listenerCipherSuiteAnnotation) + if err != nil { + return nil, err + } } - sslConfiguration := getSSLConfiguration(sslCfg, secretName, port) name := getListenerName(protocol, port) listener := client.GenericListener{ @@ -953,13 +1075,26 @@ func getListenersOciLoadBalancer(svc *v1.Service, sslCfg *SSLConfig) (map[string return listeners, nil } -func getListenersNetworkLoadBalancer(svc *v1.Service) (map[string]client.GenericListener, error) { +func getListenersNetworkLoadBalancer(svc *v1.Service, listenerBackendIpVersion []string) (map[string]client.GenericListener, error) { listeners := make(map[string]client.GenericListener) portsMap := make(map[int][]string) mixedProtocolsPortSet := make(map[int]bool) + var enablePpv2 *bool + + requireIPv4, requireIPv6 := getRequireIpVersions(listenerBackendIpVersion) + for _, servicePort := range svc.Spec.Ports { portsMap[int(servicePort.Port)] = append(portsMap[int(servicePort.Port)], string(servicePort.Protocol)) } + + if ppv2EnabledValue, ppv2AnnotationSet := svc.Annotations[ServiceAnnotationNetworkLoadBalancerIsPpv2Enabled]; ppv2AnnotationSet { + if strings.ToLower(ppv2EnabledValue) == "true" { + enablePpv2 = pointer.Bool(true) + } else if strings.ToLower(ppv2EnabledValue) == "false" { + enablePpv2 = pointer.Bool(false) + } + } + for _, servicePort := range svc.Spec.Ports { protocol := string(servicePort.Protocol) @@ -986,26 +1121,37 @@ func getListenersNetworkLoadBalancer(svc *v1.Service) (map[string]client.Generic backendSetName = getBackendSetName(string(servicePort.Protocol), int(servicePort.Port)) } - listener := client.GenericListener{ - Name: &listenerName, - DefaultBackendSetName: common.String(backendSetName), - Protocol: &protocol, - Port: &port, + genericListener := client.GenericListener{ + Protocol: &protocol, + Port: &port, + IsPpv2Enabled: enablePpv2, + } + if requireIPv4 { + genericListener.Name = common.String(listenerName) + genericListener.IpVersion = GenericIpVersion(client.GenericIPv4) + genericListener.DefaultBackendSetName = common.String(backendSetName) + listeners[listenerName] = genericListener + } + if requireIPv6 { + listenerNameIPv6 := fmt.Sprintf(listenerName + "-" + IPv6) + backendSetNameIPv6 := fmt.Sprintf(backendSetName + "-" + IPv6) + genericListener.Name = common.String(listenerNameIPv6) + genericListener.IpVersion = GenericIpVersion(client.GenericIPv6) + genericListener.DefaultBackendSetName = common.String(backendSetNameIPv6) + listeners[listenerNameIPv6] = genericListener } - - listeners[listenerName] = listener } return listeners, nil } -func getListeners(svc *v1.Service, sslCfg *SSLConfig) (map[string]client.GenericListener, error) { +func getListeners(svc *v1.Service, sslCfg *SSLConfig, listenerBackendIpVersion []string) (map[string]client.GenericListener, error) { lbType := getLoadBalancerType(svc) switch lbType { case NLB: { - return getListenersNetworkLoadBalancer(svc) + return getListenersNetworkLoadBalancer(svc, listenerBackendIpVersion) } default: { @@ -1316,22 +1462,40 @@ func getBackendSetNamePortMap(service *v1.Service) map[string]v1.ServicePort { portsMap[int(servicePort.Port)] = append(portsMap[int(servicePort.Port)], string(servicePort.Protocol)) } + ipFamilies := getIpFamilies(service) + requireIPv4, requireIPv6 := getRequireIpVersions(ipFamilies) + mixedProtocolsPortSet := make(map[int]bool) for _, servicePort := range service.Spec.Ports { port := int(servicePort.Port) backendSetName := "" - if len(portsMap[port]) > 1 { - if mixedProtocolsPortSet[port] { - continue + if requireIPv4 { + if len(portsMap[port]) > 1 { + if mixedProtocolsPortSet[port] { + continue + } + backendSetName = getBackendSetName(ProtocolTypeMixed, port) + mixedProtocolsPortSet[port] = true + } else { + backendSetName = getBackendSetName(string(servicePort.Protocol), int(servicePort.Port)) } - backendSetName = getBackendSetName(ProtocolTypeMixed, port) - mixedProtocolsPortSet[port] = true - } else { - backendSetName = getBackendSetName(string(servicePort.Protocol), int(servicePort.Port)) + backendSetPortMap[backendSetName] = servicePort + } + if requireIPv6 { + if len(portsMap[port]) > 1 { + if mixedProtocolsPortSet[port] { + continue + } + backendSetName = getBackendSetName(ProtocolTypeMixed, port) + mixedProtocolsPortSet[port] = true + } else { + backendSetName = getBackendSetName(string(servicePort.Protocol), int(servicePort.Port)) + } + backendSetNameIPv6 := fmt.Sprintf(backendSetName + "-" + IPv6) + backendSetPortMap[backendSetNameIPv6] = servicePort } - backendSetPortMap[backendSetName] = servicePort - } + } return backendSetPortMap } @@ -1354,21 +1518,41 @@ func updateSpecWithLbSubnets(spec *LBSpec, lbSubnetId []string) (*LBSpec, error) return spec, nil } -// getResourceTrackingSysTagsFromConfig reads resource tracking tags from config -// which are specified under common tags -func getResourceTrackingSysTagsFromConfig(logger *zap.SugaredLogger, initialTags *config.InitialTags) (resourceTrackingTags map[string]map[string]interface{}) { - resourceTrackingTags = make(map[string]map[string]interface{}) - // TODO: Fix the double negative - if !(util.IsCommonTagPresent(initialTags) && initialTags.Common.DefinedTags != nil) { - logger.Error("oke resource tracking system tags are not present in cloud-config.yaml") - return nil +// getIpFamilies gets ip families based on the field set in the spec +func getIpFamilies(svc *v1.Service) []string { + ipFamilies := []string{} + for _, ipFamily := range svc.Spec.IPFamilies { + ipFamilies = append(ipFamilies, string(ipFamily)) + } + return ipFamilies +} + +// getIpFamilyPolicy from the service spec +func getIpFamilyPolicy(svc *v1.Service) string { + if svc.Spec.IPFamilyPolicy == nil { + return string(v1.IPFamilyPolicySingleStack) } + return string(*svc.Spec.IPFamilyPolicy) +} - if tag, exists := initialTags.Common.DefinedTags[OkeSystemTagNamesapce]; exists { - resourceTrackingTags[OkeSystemTagNamesapce] = tag - return +// getRequireIpVersions gets the required IP version for the service +func getRequireIpVersions(listenerBackendSetIpVersion []string) (requireIPv4, requireIPv6 bool) { + if contains(listenerBackendSetIpVersion, IPv6) { + requireIPv6 = true + } + if contains(listenerBackendSetIpVersion, IPv4) { + requireIPv4 = true } + return +} - logger.Error("tag config doesn't consist resource tracking tags") - return nil +// isServiceDualStack checks if a Service is dual-stack or not. +func isServiceDualStack(svc *v1.Service) bool { + if svc.Spec.IPFamilyPolicy == nil { + return false + } + if *svc.Spec.IPFamilyPolicy == v1.IPFamilyPolicyRequireDualStack || *svc.Spec.IPFamilyPolicy == v1.IPFamilyPolicyPreferDualStack { + return true + } + return false } diff --git a/pkg/cloudprovider/providers/oci/load_balancer_spec_test.go b/pkg/cloudprovider/providers/oci/load_balancer_spec_test.go index fcd01316f6..e3b623a3f1 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_spec_test.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_spec_test.go @@ -16,7 +16,9 @@ package oci import ( "context" + "encoding/json" "fmt" + "k8s.io/utils/pointer" "net/http" "reflect" "testing" @@ -35,7 +37,7 @@ import ( var ( backendSecret = "backendsecret" listenerSecret = "listenersecret" - testNodeString = "testNodeTargetID" + testNodeString = "ocid1.testNodeTargetID" ) var ( @@ -70,14 +72,49 @@ func TestNewLBSpecSuccess(t *testing.T) { defaultSubnetOne string defaultSubnetTwo string nodes []*v1.Node + virtualPods []*v1.Pod service *v1.Service expected *LBSpec sslConfig *SSLConfig clusterTags *providercfg.InitialTags + IpVersions *IpVersions }{ "defaults": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -86,6 +123,7 @@ func TestNewLBSpecSuccess(t *testing.T) { Annotations: map[string]string{}, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -111,7 +149,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -124,6 +163,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -137,10 +177,76 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "defaults-nlb-cluster-policy": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -151,6 +257,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -171,11 +278,13 @@ func TestNewLBSpecSuccess(t *testing.T) { DefaultBackendSetName: common.String("TCP-80"), Port: common.Int(80), Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -188,6 +297,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("FIVE_TUPLE"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -201,10 +311,76 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "defaults-nlb-local-policy": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -215,6 +391,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -236,11 +413,13 @@ func TestNewLBSpecSuccess(t *testing.T) { DefaultBackendSetName: common.String("TCP-80"), Port: common.Int(80), Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -253,6 +432,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(true), Policy: common.String("FIVE_TUPLE"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(true), @@ -266,11 +446,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "internal with default subnet": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -281,6 +527,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -306,7 +553,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -319,6 +567,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -332,11 +581,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "internal with overridden regional subnet1": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -348,6 +663,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -373,7 +689,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -386,6 +703,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -399,11 +717,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "internal with overridden regional subnet2": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -415,6 +799,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -440,7 +825,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -453,6 +839,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -466,9 +853,75 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "internal with no default subnets provide subnet1 via annotation": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -480,6 +933,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -505,7 +959,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -531,11 +987,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "use default subnet in case of no subnet overrides via annotation": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -544,6 +1066,7 @@ func TestNewLBSpecSuccess(t *testing.T) { Annotations: map[string]string{}, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ v1.ServicePort{ @@ -569,7 +1092,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -582,6 +1106,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -595,26 +1120,93 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - }, - }, - "no default subnets provide subnet1 via annotation as regional-subnet": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "regional-subnet", - }, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - v1.ServicePort{ - Protocol: v1.ProtocolTCP, - Port: int32(80), - }, - }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + }, + }, + "no default subnets provide subnet1 via annotation as regional-subnet": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerSubnet1: "regional-subnet", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + v1.ServicePort{ + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, + }, }, }, expected: &LBSpec{ @@ -633,7 +1225,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -646,6 +1239,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -659,9 +1253,75 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "no default subnets provide subnet2 via annotation": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -672,6 +1332,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -697,7 +1358,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -710,6 +1372,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -723,11 +1386,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "override default subnet via subnet1 annotation as regional subnet": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -738,6 +1467,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ v1.ServicePort{ @@ -763,7 +1493,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -776,6 +1507,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -789,11 +1521,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "override default subnet via subnet2 annotation as regional subnet": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -804,6 +1602,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ v1.ServicePort{ @@ -829,7 +1628,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -842,6 +1642,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -855,11 +1656,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "override default subnet via subnet1 and subnet2 annotation": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -871,6 +1738,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ v1.ServicePort{ @@ -896,7 +1764,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": client.GenericBackendSetDetails{ - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -909,6 +1778,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -922,12 +1792,78 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, //"security list manager annotation": "custom shape": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -938,6 +1874,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -963,7 +1900,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -989,11 +1928,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "custom idle connection timeout": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1004,6 +2009,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1032,7 +2038,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1058,12 +2066,78 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - }, - }, - "custom proxy protocol version w/o timeout for multiple listeners": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + }, + }, + "custom proxy protocol version w/o timeout for multiple listeners": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -1073,6 +2147,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1116,7 +2191,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1131,7 +2208,9 @@ func TestNewLBSpecSuccess(t *testing.T) { Policy: common.String("ROUND_ROBIN"), }, "HTTP-443": { - Backends: []client.GenericBackend{}, + Name: common.String("HTTP-443"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1161,11 +2240,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "custom proxy protocol version and timeout": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1177,6 +2322,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1206,7 +2352,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1232,11 +2380,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "protocol annotation set to http": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1249,6 +2463,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1274,7 +2489,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1300,11 +2517,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "protocol annotation set to tcp": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1317,6 +2600,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1342,7 +2626,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1368,11 +2654,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "protocol annotation empty": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1385,6 +2737,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1410,7 +2763,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1436,11 +2791,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "LBSpec returned with proper SSLConfiguration": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1449,6 +2870,7 @@ func TestNewLBSpecSuccess(t *testing.T) { Annotations: map[string]string{}, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1479,7 +2901,8 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-443": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-443"), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1497,6 +2920,7 @@ func TestNewLBSpecSuccess(t *testing.T) { VerifyDepth: common.Int(0), VerifyPeerCertificate: common.Bool(false), }, + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), @@ -1508,13 +2932,46 @@ func TestNewLBSpecSuccess(t *testing.T) { HealthCheckerPort: 10256, }, }, - securityListManager: newSecurityListManagerNOOP(), - ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + securityListManager: newSecurityListManagerNOOP(), SSLConfig: &SSLConfig{ Ports: sets.NewInt(443), ListenerSSLSecretName: listenerSecret, BackendSetSSLSecretName: backendSecret, }, + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, sslConfig: &SSLConfig{ Ports: sets.NewInt(443), @@ -1525,6 +2982,39 @@ func TestNewLBSpecSuccess(t *testing.T) { "custom health check config": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1537,6 +3027,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1562,7 +3053,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1588,23 +3081,90 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - }, - }, - "flex shape": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "Flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "10", - ServiceAnnotationLoadBalancerShapeFlexMax: "80", - }, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - Spec: v1.ServiceSpec{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + }, + }, + "flex shape": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "Flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "10", + ServiceAnnotationLoadBalancerShapeFlexMax: "80", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1632,7 +3192,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1658,11 +3220,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "valid loadbalancer policy": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1674,6 +3302,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1699,7 +3328,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1725,11 +3356,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "default loadbalancer policy": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1740,6 +3437,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1765,7 +3463,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1791,11 +3491,77 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "load balancer with reserved ip": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1806,6 +3572,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, LoadBalancerIP: "10.0.0.0", SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ @@ -1832,7 +3599,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1857,13 +3626,79 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, securityListManager: newSecurityListManagerNOOP(), - ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, LoadBalancerIP: "10.0.0.0", + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, }, "defaults with tags": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1875,6 +3710,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1907,7 +3743,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -1933,13 +3771,79 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, }, "merge default tags with common tags": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -1951,6 +3855,7 @@ func TestNewLBSpecSuccess(t *testing.T) { }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -1984,7 +3889,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2010,13 +3917,79 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}, "namespace2": {"cost": "staging"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}, "namespace2": {"cost": "staging"}}, }, }, "merge intial lb tags with common tags": { defaultSubnetOne: "one", defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -2024,6 +3997,7 @@ func TestNewLBSpecSuccess(t *testing.T) { UID: "test-uid", }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2059,7 +4033,9 @@ func TestNewLBSpecSuccess(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2085,69 +4061,90 @@ func TestNewLBSpecSuccess(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"cluster": "testname", "project": "pre-prod", "access": "developers"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}, "cost": {"unit": "shared", "env": "pre-prod"}}, - }, - }, - } - - cp := &CloudProvider{ - client: MockOCIClient{}, - config: &providercfg.Config{CompartmentID: "testCompartment"}, - } - - for name, tc := range testCases { - logger := zap.L() - t.Run(name, func(t *testing.T) { - // we expect the service to be unchanged - tc.expected.service = tc.service - cp.config = &providercfg.Config{ - LoadBalancer: &providercfg.LoadBalancerConfig{ - Subnet1: tc.defaultSubnetOne, - Subnet2: tc.defaultSubnetTwo, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - } - subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if err != nil { - t.Error(err) - } - slManagerFactory := func(mode string) securityListManager { - return newSecurityListManagerNOOP() - } - result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, tc.sslConfig, slManagerFactory, tc.clusterTags, nil) - if err != nil { - t.Error(err) - } - - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected load balancer spec\n%+v\nbut got\n%+v", tc.expected, result) - } - }) - } -} - -func TestNewLBSpecForTags(t *testing.T) { - enableOkeSystemTags = true - tests := map[string]struct { - defaultSubnetOne string - defaultSubnetTwo string - nodes []*v1.Node - virtualPods []*v1.Pod - service *v1.Service - sslConfig *SSLConfig - expected *LBSpec - clusterTags *providercfg.InitialTags - featureEnabled bool - }{ - "no resource & cluster level tags but common tags from config": { + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"cluster": "testname", "project": "pre-prod", "access": "developers"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}, "cost": {"unit": "shared", "env": "pre-prod"}}, + }, + }, + "SingleStack IPv6 - NLB": { defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv6}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2157,31 +4154,25 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, }, - clusterTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, - }, - Common: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}}, - }, - }, expected: &LBSpec{ - Name: "test-uid", - Type: "lb", - Shape: "100Mbps", + Name: "kube-system/testservice/test-uid", + Type: "nlb", + Shape: "flexible", Internal: false, Subnets: []string{"one"}, Listeners: map[string]client.GenericListener{ - "TCP-80": { - Name: common.String("TCP-80"), - DefaultBackendSetName: common.String("TCP-80"), + "TCP-80-IPv6": { + Name: common.String("TCP-80-IPv6"), + DefaultBackendSetName: common.String("TCP-80-IPv6"), Port: common.Int(80), Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv6), }, }, BackendSets: map[string]client.GenericBackendSetDetails{ - "TCP-80": { - Backends: []client.GenericBackend{}, + "TCP-80-IPv6": { + Name: common.String("TCP-80-IPv6"), + Backends: []client.GenericBackend{{IpAddress: common.String("2001:0db8:85a3:0000:0000:8a2e:0370:7334"), Port: common.Int(0), Weight: common.Int(1)}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2193,34 +4184,104 @@ func TestNewLBSpecForTags(t *testing.T) { ReturnCode: common.Int(http.StatusOK), }, IsPreserveSource: common.Bool(false), - Policy: common.String("ROUND_ROBIN"), + Policy: common.String("FIVE_TUPLE"), + IpVersion: GenericIpVersion(client.GenericIPv6), }, }, IsPreserveSource: common.Bool(false), NetworkSecurityGroupIds: []string{}, - SourceCIDRs: []string{"0.0.0.0/0"}, + SourceCIDRs: []string{"::/0"}, Ports: map[string]portSpec{ - "TCP-80": { + "TCP-80-IPv6": { ListenerPort: 80, HealthCheckerPort: 10256, }, }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv6}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, - featureEnabled: true, }, - "no resource or cluster level tags and no common tags": { + "Prefer DualStack IPv4 and IPv6 LB": { defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "10.0.0.1", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "lb", + }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2230,13 +4291,12 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, }, - clusterTags: &providercfg.InitialTags{}, expected: &LBSpec{ Name: "test-uid", Type: "lb", Shape: "100Mbps", Internal: false, - Subnets: []string{"one"}, + Subnets: []string{"one", "two"}, Listeners: map[string]client.GenericListener{ "TCP-80": { Name: common.String("TCP-80"), @@ -2247,7 +4307,8 @@ func TestNewLBSpecForTags(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("10.0.0.1"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2260,11 +4321,12 @@ func TestNewLBSpecForTags(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("ROUND_ROBIN"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, IsPreserveSource: common.Bool(false), NetworkSecurityGroupIds: []string{}, - SourceCIDRs: []string{"0.0.0.0/0"}, + SourceCIDRs: []string{"0.0.0.0/0", "::/0"}, Ports: map[string]portSpec{ "TCP-80": { ListenerPort: 80, @@ -2273,23 +4335,93 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "10.0.0.1", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, - featureEnabled: true, }, - "resource level tags with common tags from config": { + "PreferDualStack IPv4 and IPv6 NLB": { defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + { + Type: v1.NodeInternalIP, + Address: "10.0.0.1", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + ServiceAnnotationLoadBalancerType: "nlb", }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2299,12 +4431,6 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, }, - clusterTags: &providercfg.InitialTags{ - Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace2": {"owner2": "team2", "key2": "value2"}}, - }, - }, expected: &LBSpec{ Name: "kube-system/testservice/test-uid", Type: "nlb", @@ -2317,11 +4443,37 @@ func TestNewLBSpecForTags(t *testing.T) { DefaultBackendSetName: common.String("TCP-80"), Port: common.Int(80), Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv4), + }, + "TCP-80-IPv6": { + Name: common.String("TCP-80-IPv6"), + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Port: common.Int(80), + Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv6), }, }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + Backends: []client.GenericBackend{{IpAddress: common.String("10.0.0.1"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + IsPreserveSource: common.Bool(false), + Policy: common.String("FIVE_TUPLE"), + IpVersion: GenericIpVersion(client.GenericIPv4), + }, + "TCP-80-IPv6": { + Name: common.String("TCP-80-IPv6"), + Backends: []client.GenericBackend{{IpAddress: common.String("2001:0db8:85a3:0000:0000:8a2e:0370:7334"), Port: common.Int(0), Weight: common.Int(1)}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2334,101 +4486,152 @@ func TestNewLBSpecForTags(t *testing.T) { }, IsPreserveSource: common.Bool(false), Policy: common.String("FIVE_TUPLE"), + IpVersion: GenericIpVersion(client.GenericIPv6), }, }, IsPreserveSource: common.Bool(false), NetworkSecurityGroupIds: []string{}, - SourceCIDRs: []string{"0.0.0.0/0"}, + SourceCIDRs: []string{"0.0.0.0/0", "::/0"}, Ports: map[string]portSpec{ "TCP-80": { ListenerPort: 80, HealthCheckerPort: 10256, }, + "TCP-80-IPv6": { + ListenerPort: 80, + HealthCheckerPort: 10256, + }, }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag", "name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}, "namespace2": {"owner2": "team2", "key2": "value2"}}, - }, - featureEnabled: true, - }, - "resource level defined tags and common defined tags from config with same key": { - defaultSubnetOne: "one", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, - }, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolTCP, - Port: int32(80), + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + { + Type: v1.NodeInternalIP, + Address: "10.0.0.1", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, }, }, - clusterTags: &providercfg.InitialTags{ - Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, - }, - }, - expected: &LBSpec{ - Name: "test-uid", - Type: "lb", - Shape: "100Mbps", - Internal: false, - Subnets: []string{"one"}, - Listeners: map[string]client.GenericListener{ - "TCP-80": { - Name: common.String("TCP-80"), - DefaultBackendSetName: common.String("TCP-80"), - Port: common.Int(80), - Protocol: common.String("TCP"), - }, + }, + } + + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + } + + for name, tc := range testCases { + logger := zap.L() + t.Run(name, func(t *testing.T) { + // we expect the service to be unchanged + tc.expected.service = tc.service + cp.config = &providercfg.Config{ + LoadBalancer: &providercfg.LoadBalancerConfig{ + Subnet1: tc.defaultSubnetOne, + Subnet2: tc.defaultSubnetTwo, }, - BackendSets: map[string]client.GenericBackendSetDetails{ - "TCP-80": { - Backends: []client.GenericBackend{}, - HealthChecker: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(false), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(3), - TimeoutInMillis: common.Int(3000), - IntervalInMillis: common.Int(10000), - ReturnCode: common.Int(http.StatusOK), + } + subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) + if err != nil { + t.Error(err) + } + slManagerFactory := func(mode string) securityListManager { + return newSecurityListManagerNOOP() + } + + result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, tc.sslConfig, slManagerFactory, tc.IpVersions, tc.clusterTags, nil) + if err != nil { + t.Error(err) + } + + if !reflect.DeepEqual(result, tc.expected) { + results, _ := json.Marshal(result) + expected, _ := json.Marshal(tc.expected) + t.Errorf("Expected load balancer spec failed want: %s \n got: %s \n", expected, results) + } + }) + } +} + +func TestNewLBSpecForTags(t *testing.T) { + enableOkeSystemTags = true + tests := map[string]struct { + defaultSubnetOne string + defaultSubnetTwo string + nodes []*v1.Node + virtualPods []*v1.Pod + service *v1.Service + sslConfig *SSLConfig + expected *LBSpec + clusterTags *providercfg.InitialTags + featureEnabled bool + IpVersions *IpVersions + }{ + "no resource & cluster level tags but common tags from config": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, }, - IsPreserveSource: common.Bool(false), - Policy: common.String("ROUND_ROBIN"), - }, - }, - IsPreserveSource: common.Bool(false), - NetworkSecurityGroupIds: []string{}, - SourceCIDRs: []string{"0.0.0.0/0"}, - Ports: map[string]portSpec{ - "TCP-80": { - ListenerPort: 80, - HealthCheckerPort: 10256, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, - securityListManager: newSecurityListManagerNOOP(), - ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag", "name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, }, - featureEnabled: true, - }, - "cluster level tags and common tags": { - defaultSubnetOne: "one", service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -2436,6 +4639,7 @@ func TestNewLBSpecForTags(t *testing.T) { UID: "test-uid", }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2447,12 +4651,10 @@ func TestNewLBSpecForTags(t *testing.T) { }, clusterTags: &providercfg.InitialTags{ LoadBalancer: &providercfg.TagConfig{ - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, }, Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace2": {"owner2": "team2", "key2": "value2"}}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}}, }, }, expected: &LBSpec{ @@ -2471,7 +4673,9 @@ func TestNewLBSpecForTags(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2497,13 +4701,79 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer", "name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}, "namespace2": {"owner2": "team2", "key2": "value2"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "CommonCluster", "owner": "CommonClusterOwner"}}, }, featureEnabled: true, }, - "cluster level defined tags and common defined tags with same key": { + "no resource or cluster level tags and no common tags": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", @@ -2511,6 +4781,7 @@ func TestNewLBSpecForTags(t *testing.T) { UID: "test-uid", }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2520,16 +4791,7 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, }, - clusterTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, - }, - Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, - }, - }, + clusterTags: &providercfg.InitialTags{}, expected: &LBSpec{ Name: "test-uid", Type: "lb", @@ -2546,7 +4808,9 @@ func TestNewLBSpecForTags(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2572,20 +4836,90 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer", "name": "development_cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, }, featureEnabled: true, }, - "cluster level tags with no common tags": { + "resource level tags with common tags from config": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2596,15 +4930,15 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, clusterTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace2": {"owner2": "team2", "key2": "value2"}}, }, }, expected: &LBSpec{ - Name: "test-uid", - Type: "lb", - Shape: "100Mbps", + Name: "kube-system/testservice/test-uid", + Type: "nlb", + Shape: "flexible", Internal: false, Subnets: []string{"one"}, Listeners: map[string]client.GenericListener{ @@ -2613,11 +4947,14 @@ func TestNewLBSpecForTags(t *testing.T) { DefaultBackendSetName: common.String("TCP-80"), Port: common.Int(80), Protocol: common.String("TCP"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2629,7 +4966,7 @@ func TestNewLBSpecForTags(t *testing.T) { ReturnCode: common.Int(http.StatusOK), }, IsPreserveSource: common.Bool(false), - Policy: common.String("ROUND_ROBIN"), + Policy: common.String("FIVE_TUPLE"), }, }, IsPreserveSource: common.Bool(false), @@ -2643,20 +4980,91 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag", "name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}, "namespace2": {"owner2": "team2", "key2": "value2"}}, }, featureEnabled: true, }, - "no cluster or level tags but common tags from config": { + "resource level defined tags and common defined tags from config with same key": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2668,8 +5076,8 @@ func TestNewLBSpecForTags(t *testing.T) { }, clusterTags: &providercfg.InitialTags{ Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + FreeformTags: map[string]string{"name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, }, }, expected: &LBSpec{ @@ -2688,7 +5096,9 @@ func TestNewLBSpecForTags(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2714,20 +5124,87 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, - }, - featureEnabled: true, - }, - "when the feature is disabled": { - defaultSubnetOne: "one", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag", "name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, + }, + featureEnabled: true, + }, + "cluster level tags and common tags": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", Name: "testservice", UID: "test-uid", }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2738,10 +5215,14 @@ func TestNewLBSpecForTags(t *testing.T) { }, }, clusterTags: &providercfg.InitialTags{ - Common: &providercfg.TagConfig{ + LoadBalancer: &providercfg.TagConfig{ FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace2": {"owner2": "team2", "key2": "value2"}}, + }, }, expected: &LBSpec{ Name: "test-uid", @@ -2759,7 +5240,9 @@ func TestNewLBSpecForTags(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2785,68 +5268,87 @@ func TestNewLBSpecForTags(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer", "name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}, "namespace2": {"owner2": "team2", "key2": "value2"}}, }, - featureEnabled: false, + featureEnabled: true, }, - } - cp := &CloudProvider{ - client: MockOCIClient{}, - config: &providercfg.Config{CompartmentID: "testCompartment"}, - } - - for name, tc := range tests { - logger := zap.L() - enableOkeSystemTags = tc.featureEnabled - t.Run(name, func(t *testing.T) { - // we expect the service to be unchanged - tc.expected.service = tc.service - cp.config = &providercfg.Config{ - LoadBalancer: &providercfg.LoadBalancerConfig{ - Subnet1: tc.defaultSubnetOne, - Subnet2: tc.defaultSubnetTwo, - }, - } - subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if err != nil { - t.Error(err) - } - slManagerFactory := func(mode string) securityListManager { - return newSecurityListManagerNOOP() - } - - result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, tc.sslConfig, slManagerFactory, tc.clusterTags, nil) - if err != nil { - t.Error(err) - } - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected load balancer spec\n%+v\nbut got\n%+v", tc.expected, result) - } - }) - } -} - -func TestNewLBSpecSingleAD(t *testing.T) { - testCases := map[string]struct { - defaultSubnetOne string - defaultSubnetTwo string - nodes []*v1.Node - service *v1.Service - expected *LBSpec - clusterTags *providercfg.InitialTags - }{ - "single subnet for single AD": { + "cluster level defined tags and common defined tags with same key": { defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerBEProtocol: "", - ServiceAnnotationLoadBalancerSubnet1: "annotation-one", - }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { @@ -2856,12 +5358,22 @@ func TestNewLBSpecSingleAD(t *testing.T) { }, }, }, + clusterTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, + }, + }, expected: &LBSpec{ Name: "test-uid", Type: "lb", Shape: "100Mbps", Internal: false, - Subnets: []string{"annotation-one"}, + Subnets: []string{"one"}, Listeners: map[string]client.GenericListener{ "TCP-80": { Name: common.String("TCP-80"), @@ -2872,7 +5384,9 @@ func TestNewLBSpecSingleAD(t *testing.T) { }, BackendSets: map[string]client.GenericBackendSetDetails{ "TCP-80": { - Backends: []client.GenericBackend{}, + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, HealthChecker: &client.GenericHealthChecker{ Protocol: "HTTP", IsForcePlainText: common.Bool(false), @@ -2898,401 +5412,474 @@ func TestNewLBSpecSingleAD(t *testing.T) { }, securityListManager: newSecurityListManagerNOOP(), ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, - }, - }, - } - - cp := &CloudProvider{ - client: MockOCIClient{}, - config: &providercfg.Config{CompartmentID: "testCompartment"}, - } - - for name, tc := range testCases { - logger := zap.L() - t.Run(name, func(t *testing.T) { - // we expect the service to be unchanged - tc.expected.service = tc.service - cp.config = &providercfg.Config{ - LoadBalancer: &providercfg.LoadBalancerConfig{ - Subnet1: tc.defaultSubnetOne, - Subnet2: tc.defaultSubnetTwo, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - } - subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if err != nil { - t.Error(err) - } - slManagerFactory := func(mode string) securityListManager { - return newSecurityListManagerNOOP() - } - result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, nil, slManagerFactory, tc.clusterTags, nil) - if err != nil { - t.Error(err) - } - - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected load balancer spec\n%+v\nbut got\n%+v", tc.expected, result) - } - }) - } -} - -func TestNewLBSpecFailure(t *testing.T) { - testCases := map[string]struct { - defaultSubnetOne string - defaultSubnetTwo string - nodes []*v1.Node - service *v1.Service - //add cp or cp security list - expectedErrMsg string - clusterTags *providercfg.InitialTags - }{ - "unsupported udp protocol": { - defaultSubnetOne: "one", - service: &v1.Service{ - Spec: v1.ServiceSpec{ - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolUDP}, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, }, }, + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer", "name": "development_cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner2": "team2", "key2": "value2"}}, }, - expectedErrMsg: "invalid service: OCI load balancers do not support UDP", + featureEnabled: true, }, - "unsupported session affinity": { + "cluster level tags with no common tags": { defaultSubnetOne: "one", - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityClientIP, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, }, - expectedErrMsg: "invalid service: OCI only supports SessionAffinity \"None\" currently", - }, - "invalid idle connection timeout": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerConnectionIdleTimeout: "whoops", - }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, }, }, }, - expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-connection-idle-timeout=whoops", - }, - "invalid connection proxy protocol version": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerConnectionProxyProtocolVersion: "bla", + clusterTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + }, + expected: &LBSpec{ + Name: "test-uid", + Type: "lb", + Shape: "100Mbps", + Internal: false, + Subnets: []string{"one"}, + Listeners: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + BackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-80": { + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + IsPreserveSource: common.Bool(false), + Policy: common.String("ROUND_ROBIN"), }, }, - }, - expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-connection-proxy-protocol-version=bla", - }, - "internal lb missing subnet1": { - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "true", + IsPreserveSource: common.Bool(false), + NetworkSecurityGroupIds: []string{}, + SourceCIDRs: []string{"0.0.0.0/0"}, + Ports: map[string]portSpec{ + "TCP-80": { + ListenerPort: 80, + HealthCheckerPort: 10256, }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{}, - //add security list mananger in spec + securityListManager: newSecurityListManagerNOOP(), + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "internal lb with empty subnet1 annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "true", + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{}, - //add security list mananger in spec - }, + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", + featureEnabled: true, }, - "non boolean internal lb": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "yes", + "no cluster or level tags but common tags from config": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{}, - }, }, - expectedErrMsg: fmt.Sprintf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationLoadBalancerInternal), - }, - "invalid flex shape missing min": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMax: "80", - }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, }, }, }, - expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-shape=flexible requires service.beta.kubernetes.io/oci-load-balancer-shape-flex-min and service.beta.kubernetes.io/oci-load-balancer-shape-flex-max to be set", - }, - "invalid flex shape missing max": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "10", + clusterTags: &providercfg.InitialTags{ + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + }, + expected: &LBSpec{ + Name: "test-uid", + Type: "lb", + Shape: "100Mbps", + Internal: false, + Subnets: []string{"one"}, + Listeners: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + BackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-80": { + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + IsPreserveSource: common.Bool(false), + Policy: common.String("ROUND_ROBIN"), + }, + }, + IsPreserveSource: common.Bool(false), + NetworkSecurityGroupIds: []string{}, + SourceCIDRs: []string{"0.0.0.0/0"}, + Ports: map[string]portSpec{ + "TCP-80": { + ListenerPort: 80, + HealthCheckerPort: 10256, + }, + }, + securityListManager: newSecurityListManagerNOOP(), + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, }, }, + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, - expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-shape=flexible requires service.beta.kubernetes.io/oci-load-balancer-shape-flex-min and service.beta.kubernetes.io/oci-load-balancer-shape-flex-max to be set", + featureEnabled: true, }, - "invalid loadbalancer policy": { + "when the feature is disabled": { defaultSubnetOne: "one", - defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShapeFlexMin: "10Mbps", - ServiceAnnotationLoadBalancerPolicy: "not-valid-loadbalancer-policy", - }, }, Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, }, }, }, - expectedErrMsg: `loadbalancer policy "not-valid-loadbalancer-policy" is not valid`, - }, - "invalid loadBalancerIP format": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - Spec: v1.ServiceSpec{ - LoadBalancerIP: "non-ip-format", - SessionAffinity: v1.ServiceAffinityNone, + clusterTags: &providercfg.InitialTags{ + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"lbname": "development_cluster_loadbalancer"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, }, - expectedErrMsg: "invalid value \"non-ip-format\" provided for LoadBalancerIP", - }, - "unsupported loadBalancerIP for internal load balancer": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "true", - }, - }, - Spec: v1.ServiceSpec{ - LoadBalancerIP: "10.0.0.0", - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{}, - }, - }, - expectedErrMsg: `invalid service: cannot create a private load balancer with Reserved IP`, - }, - "invalid defined tags": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "whoops", - }, - }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, - }, - }, - }, - expectedErrMsg: "failed to parse defined tags annotation: invalid character 'w' looking for beginning of value", - }, - "empty subnets": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{}, - }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, - }, - }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "empty strings for subnets": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{}, - }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, - }, - }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "empty string for subnet1 annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "annotation-two", - }, - }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + expected: &LBSpec{ + Name: "test-uid", + Type: "lb", + Shape: "100Mbps", + Internal: false, + Subnets: []string{"one"}, + Listeners: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), }, }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "default string for cloud config subnet2": { - defaultSubnetOne: "", - defaultSubnetTwo: "random", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "", + BackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-80": { + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + IsPreserveSource: common.Bool(false), + Policy: common.String("ROUND_ROBIN"), }, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + IsPreserveSource: common.Bool(false), + NetworkSecurityGroupIds: []string{}, + SourceCIDRs: []string{"0.0.0.0/0"}, + Ports: map[string]portSpec{ + "TCP-80": { + ListenerPort: 80, + HealthCheckerPort: 10256, }, }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "regional string for subnet2 annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "", - }, + securityListManager: newSecurityListManagerNOOP(), + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - {Protocol: v1.ProtocolTCP}, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, }, }, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", + featureEnabled: false, }, } - cp := &CloudProvider{ client: MockOCIClient{}, config: &providercfg.Config{CompartmentID: "testCompartment"}, } - for name, tc := range testCases { + for name, tc := range tests { logger := zap.L() + enableOkeSystemTags = tc.featureEnabled t.Run(name, func(t *testing.T) { + // we expect the service to be unchanged + tc.expected.service = tc.service cp.config = &providercfg.Config{ LoadBalancer: &providercfg.LoadBalancerConfig{ Subnet1: tc.defaultSubnetOne, @@ -3300,1360 +5887,2630 @@ func TestNewLBSpecFailure(t *testing.T) { }, } subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if err == nil { - slManagerFactory := func(mode string) securityListManager { - return newSecurityListManagerNOOP() - } - _, err = NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, nil, slManagerFactory, tc.clusterTags, nil) + if err != nil { + t.Error(err) } - if err == nil || err.Error() != tc.expectedErrMsg { - t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) + slManagerFactory := func(mode string) securityListManager { + return newSecurityListManagerNOOP() + } + result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, tc.sslConfig, slManagerFactory, tc.IpVersions, tc.clusterTags, nil) + if err != nil { + t.Error(err) + } + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected load balancer spec\n%+v\nbut got\n%+v", tc.expected, result) } }) } } -func TestNewSSLConfig(t *testing.T) { +func TestNewLBSpecSingleAD(t *testing.T) { testCases := map[string]struct { - secretListenerString string - secretBackendSetString string - service *v1.Service - ports []int - ssr sslSecretReader - - expectedResult *SSLConfig + defaultSubnetOne string + defaultSubnetTwo string + nodes []*v1.Node + virtualPods []*v1.Pod + service *v1.Service + expected *LBSpec + clusterTags *providercfg.InitialTags + IpVersions *IpVersions }{ - "noopSSLSecretReader if ssr is nil and uses the default service namespace": { - secretListenerString: "listenerSecretName", - secretBackendSetString: "backendSetSecretName", + "single subnet for single AD": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Namespace: "default", + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerBEProtocol: "", + ServiceAnnotationLoadBalancerSubnet1: "annotation-one", + }, }, - }, - ports: []int{8080}, - ssr: nil, - - expectedResult: &SSLConfig{ - Ports: sets.NewInt(8080), - ListenerSSLSecretName: "listenerSecretName", - ListenerSSLSecretNamespace: "default", - BackendSetSSLSecretName: "backendSetSecretName", - BackendSetSSLSecretNamespace: "default", - sslSecretReader: noopSSLSecretReader{}, - }, - }, - "ssr is assigned if provided and uses the default service namespace": { - secretListenerString: "listenerSecretName", - secretBackendSetString: "backendSetSecretName", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "default", + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, + }, }, }, - ports: []int{8080}, - ssr: &mockSSLSecretReader{}, - - expectedResult: &SSLConfig{ - Ports: sets.NewInt(8080), - ListenerSSLSecretName: "listenerSecretName", - ListenerSSLSecretNamespace: "default", - BackendSetSSLSecretName: "backendSetSecretName", - BackendSetSSLSecretNamespace: "default", - sslSecretReader: &mockSSLSecretReader{}, - }, - }, - "If namespace is specified in secret string, use it": { - secretListenerString: "namespaceone/listenerSecretName", - secretBackendSetString: "namespacetwo/backendSetSecretName", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "default", + expected: &LBSpec{ + Name: "test-uid", + Type: "lb", + Shape: "100Mbps", + Internal: false, + Subnets: []string{"annotation-one"}, + Listeners: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), + }, + }, + BackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-80": { + Name: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), + Backends: []client.GenericBackend{{IpAddress: common.String("0.0.0.0"), Port: common.Int(0), Weight: common.Int(1), TargetId: &testNodeString}}, + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + IsPreserveSource: common.Bool(false), + Policy: common.String("ROUND_ROBIN"), + }, + }, + IsPreserveSource: common.Bool(false), + NetworkSecurityGroupIds: []string{}, + SourceCIDRs: []string{"0.0.0.0/0"}, + Ports: map[string]portSpec{ + "TCP-80": { + ListenerPort: 80, + HealthCheckerPort: 10256, + }, + }, + securityListManager: newSecurityListManagerNOOP(), + ManagedNetworkSecurityGroup: &ManagedNetworkSecurityGroup{frontendNsgId: "", backendNsgId: []string{}, nsgRuleManagementMode: ManagementModeNone}, + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, }, - }, - ports: []int{8080}, - ssr: &mockSSLSecretReader{}, - - expectedResult: &SSLConfig{ - Ports: sets.NewInt(8080), - ListenerSSLSecretName: "listenerSecretName", - ListenerSSLSecretNamespace: "namespaceone", - BackendSetSSLSecretName: "backendSetSecretName", - BackendSetSSLSecretNamespace: "namespacetwo", - sslSecretReader: &mockSSLSecretReader{}, }, }, - "Empty secret string results in empty name and namespace": { - ports: []int{8080}, - ssr: &mockSSLSecretReader{}, + } - expectedResult: &SSLConfig{ - Ports: sets.NewInt(8080), - ListenerSSLSecretName: "", - ListenerSSLSecretNamespace: "", - BackendSetSSLSecretName: "", - BackendSetSSLSecretNamespace: "", - sslSecretReader: &mockSSLSecretReader{}, - }, - }, + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, } for name, tc := range testCases { + logger := zap.L() t.Run(name, func(t *testing.T) { - result := NewSSLConfig(tc.secretListenerString, tc.secretBackendSetString, tc.service, tc.ports, tc.ssr) - if !reflect.DeepEqual(result, tc.expectedResult) { - t.Errorf("Expected SSlConfig \n%+v\nbut got\n%+v", tc.expectedResult, result) + // we expect the service to be unchanged + tc.expected.service = tc.service + cp.config = &providercfg.Config{ + LoadBalancer: &providercfg.LoadBalancerConfig{ + Subnet1: tc.defaultSubnetOne, + Subnet2: tc.defaultSubnetTwo, + }, + } + subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) + if err != nil { + t.Error(err) + } + slManagerFactory := func(mode string) securityListManager { + return newSecurityListManagerNOOP() + } + + result, err := NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, nil, slManagerFactory, tc.IpVersions, tc.clusterTags, nil) + if err != nil { + t.Error(err) + } + + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected load balancer spec\n%+v\nbut got\n%+v", tc.expected, result) } }) } } -func TestCertificates(t *testing.T) { - - backendSecretCaCert := "cacert1" - backendSecretPublicCert := "publiccert1" - backendSecretPrivateKey := "privatekey1" - backendSecretPassphrase := "passphrase1" - - listenerSecretCaCert := "cacert2" - listenerSecretPublicCert := "publiccert2" - listenerSecretPrivateKey := "privatekey2" - listenerSecretPassphrase := "passphrase2" - +func TestNewLBSpecFailure(t *testing.T) { testCases := map[string]struct { - lbSpec *LBSpec - expectedResult map[string]client.GenericCertificate - expectError bool + defaultSubnetOne string + defaultSubnetTwo string + nodes []*v1.Node + virtualPods []*v1.Pod + service *v1.Service + //add cp or cp security list + expectedErrMsg string + clusterTags *providercfg.InitialTags + IpVersions *IpVersions }{ - "No SSLConfig results in empty certificate details array": { - expectError: false, - lbSpec: &LBSpec{}, - expectedResult: make(map[string]client.GenericCertificate), - }, - "Return backend SSL secret": { - expectError: false, - lbSpec: &LBSpec{ - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "testnamespace", - }, - }, - SSLConfig: &SSLConfig{ - BackendSetSSLSecretName: backendSecret, - BackendSetSSLSecretNamespace: "backendnamespace", - sslSecretReader: &mockSSLSecretReader{ - returnError: false, - returnMap: map[struct { - namespaceArg string - nameArg string - }]*certificateData{ - {namespaceArg: "backendnamespace", nameArg: backendSecret}: { - Name: "certificatename", - CACert: []byte(backendSecretCaCert), - PublicCert: []byte(backendSecretPublicCert), - PrivateKey: []byte(backendSecretPrivateKey), - Passphrase: []byte(backendSecretPassphrase), - }, - }, - }, - }, + "unsupported udp protocol": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - expectedResult: map[string]client.GenericCertificate{ - backendSecret: { - CertificateName: &backendSecret, - CaCertificate: &backendSecretCaCert, - Passphrase: &backendSecretPassphrase, - PrivateKey: &backendSecretPrivateKey, - PublicCertificate: &backendSecretPublicCert, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolUDP}, + }, }, }, + expectedErrMsg: "invalid service: OCI load balancers do not support UDP", }, - "Return both backend and listener SSL secret": { - expectError: false, - lbSpec: &LBSpec{ - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "testnamespace", - }, - }, - SSLConfig: &SSLConfig{ - BackendSetSSLSecretName: backendSecret, - BackendSetSSLSecretNamespace: "backendnamespace", - ListenerSSLSecretName: listenerSecret, - ListenerSSLSecretNamespace: "listenernamespace", - sslSecretReader: &mockSSLSecretReader{ - returnError: false, - returnMap: map[struct { - namespaceArg string - nameArg string - }]*certificateData{ - {namespaceArg: "backendnamespace", nameArg: backendSecret}: { - Name: "backendcertificatename", - CACert: []byte(backendSecretCaCert), - PublicCert: []byte(backendSecretPublicCert), - PrivateKey: []byte(backendSecretPrivateKey), - Passphrase: []byte(backendSecretPassphrase), - }, - {namespaceArg: "listenernamespace", nameArg: listenerSecret}: { - Name: "listenercertificatename", - CACert: []byte(listenerSecretCaCert), - PublicCert: []byte(listenerSecretPublicCert), - PrivateKey: []byte(listenerSecretPrivateKey), - Passphrase: []byte(listenerSecretPassphrase), - }, - }, + "unsupported session affinity": { + defaultSubnetOne: "one", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityClientIP, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, }, }, }, - expectedResult: map[string]client.GenericCertificate{ - backendSecret: { - CertificateName: &backendSecret, - CaCertificate: &backendSecretCaCert, - Passphrase: &backendSecretPassphrase, - PrivateKey: &backendSecretPrivateKey, - PublicCertificate: &backendSecretPublicCert, + expectedErrMsg: "invalid service: OCI only supports SessionAffinity \"None\" currently", + }, + "invalid idle connection timeout": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerConnectionIdleTimeout: "whoops", + }, }, - listenerSecret: { - CertificateName: &listenerSecret, - CaCertificate: &listenerSecretCaCert, - Passphrase: &listenerSecretPassphrase, - PrivateKey: &listenerSecretPrivateKey, - PublicCertificate: &listenerSecretPublicCert, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, }, }, + expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-connection-idle-timeout=whoops", }, - "Error returned from SSL secret reader is handled gracefully": { - expectError: true, - lbSpec: &LBSpec{ - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "testnamespace", + "invalid connection proxy protocol version": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerConnectionProxyProtocolVersion: "bla", }, }, - SSLConfig: &SSLConfig{ - BackendSetSSLSecretName: backendSecret, - sslSecretReader: &mockSSLSecretReader{ - returnError: true, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, }, }, }, - expectedResult: nil, + expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-connection-proxy-protocol-version=bla", }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - certDetails, err := tc.lbSpec.Certificates() - if err != nil && !tc.expectError { - t.Errorf("Was not expected an error to be returned, but got one:\n%+v", err) - } - if !reflect.DeepEqual(certDetails, tc.expectedResult) { - t.Errorf("Expected certificate details \n%+v\nbut got\n%+v", tc.expectedResult, certDetails) - } - }) - } -} - -func TestRequiresCertificate(t *testing.T) { - testCases := map[string]struct { - expected bool - annotations map[string]string - }{ - "Contains the Load Balancer SSL Ports Annotation": { - expected: true, - annotations: map[string]string{ - ServiceAnnotationLoadBalancerSSLPorts: "443", + "internal lb missing subnet1": { + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - }, - "Does not contain the Load Balancer SSL Ports Annotation": { - expected: false, - annotations: make(map[string]string, 0), - }, - "Always false for NLBs": { - expected: false, - annotations: map[string]string{ - ServiceAnnotationLoadBalancerSSLPorts: "443", - ServiceAnnotationLoadBalancerType: "nlb", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "true", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{}, + //add security list mananger in spec + }, }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - result := requiresCertificate(&v1.Service{ + "internal lb with empty subnet1 annotation": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: tc.annotations, + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "true", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{}, + //add security list mananger in spec }, - }) - if result != tc.expected { - t.Error("Did not get the correct result") - } - }) - } -} - -func TestRequiresFrontendNsg(t *testing.T) { - testCases := map[string]struct { - expected bool - annotations map[string]string - }{ - "Contains annotation for NSG Rule management": { - expected: true, - annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "Does not contain annotation for NSG Rule management": { - expected: false, - annotations: make(map[string]string, 0), - }, - "Contains annotation (NLB) for NSG Rule management": { - expected: true, - annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", - ServiceAnnotationLoadBalancerType: "nlb", + "non boolean internal lb": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, }, - }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - result := requiresNsgManagement(&v1.Service{ + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: tc.annotations, + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "yes", + }, }, - }) - if result != tc.expected { - t.Error("Did not get the correct result") - } - }) - } -} - -func Test_getBackends(t *testing.T) { - type args struct { - nodes []*v1.Node - nodePort int32 - } - var tests = []struct { - name string - args args - want []client.GenericBackend - }{ - { - name: "no nodes", - args: args{nodePort: 80}, - want: []client.GenericBackend{}, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{}, + }, + }, + expectedErrMsg: fmt.Sprintf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationLoadBalancerInternal), }, - { - name: "single node with assigned IP", - args: args{ - nodes: []*v1.Node{ - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{ - { - Address: "0.0.0.0", - Type: "InternalIP", - }, - }, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + "invalid flex shape missing min": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMax: "80", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, }, }, - nodePort: 80, + }, + expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-shape=flexible requires service.beta.kubernetes.io/oci-load-balancer-shape-flex-min and service.beta.kubernetes.io/oci-load-balancer-shape-flex-max to be set", + }, + "invalid flex shape missing max": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "10", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "error parsing service annotation: service.beta.kubernetes.io/oci-load-balancer-shape=flexible requires service.beta.kubernetes.io/oci-load-balancer-shape-flex-min and service.beta.kubernetes.io/oci-load-balancer-shape-flex-max to be set", + }, + "invalid loadbalancer policy": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShapeFlexMin: "10Mbps", + ServiceAnnotationLoadBalancerPolicy: "not-valid-loadbalancer-policy", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: `loadbalancer policy "not-valid-loadbalancer-policy" is not valid`, + }, + "invalid loadBalancerIP format": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + LoadBalancerIP: "non-ip-format", + SessionAffinity: v1.ServiceAffinityNone, + }, + }, + expectedErrMsg: "invalid value \"non-ip-format\" provided for LoadBalancerIP", + }, + "unsupported loadBalancerIP for internal load balancer": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "true", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + LoadBalancerIP: "10.0.0.0", + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{}, + }, + }, + expectedErrMsg: `invalid service: cannot create a private load balancer with Reserved IP`, + }, + "invalid defined tags": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "whoops", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "failed to parse defined tags annotation: invalid character 'w' looking for beginning of value", + }, + "empty subnets": { + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{}, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", + }, + "empty strings for subnets": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{}, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", + }, + "empty string for subnet1 annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "annotation-two", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", + }, + "default string for cloud config subnet2": { + defaultSubnetOne: "", + defaultSubnetTwo: "random", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", + }, + "regional string for subnet2 annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + IpVersions: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + {Protocol: v1.ProtocolTCP}, + }, + }, + }, + expectedErrMsg: "a subnet must be specified for creating a load balancer", + }, + } + + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + } + + for name, tc := range testCases { + logger := zap.L() + t.Run(name, func(t *testing.T) { + cp.config = &providercfg.Config{ + LoadBalancer: &providercfg.LoadBalancerConfig{ + Subnet1: tc.defaultSubnetOne, + Subnet2: tc.defaultSubnetTwo, + }, + } + subnets, err := cp.getLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) + tc.service.Spec.IPFamilies = []v1.IPFamily{v1.IPFamily(IPv4)} + if err == nil { + slManagerFactory := func(mode string) securityListManager { + return newSecurityListManagerNOOP() + } + _, err = NewLBSpec(logger.Sugar(), tc.service, tc.nodes, subnets, nil, slManagerFactory, tc.IpVersions, tc.clusterTags, nil) + } + if err == nil || err.Error() != tc.expectedErrMsg { + t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) + } + }) + } +} + +func TestNewSSLConfig(t *testing.T) { + testCases := map[string]struct { + secretListenerString string + secretBackendSetString string + service *v1.Service + ports []int + ssr sslSecretReader + + expectedResult *SSLConfig + }{ + "noopSSLSecretReader if ssr is nil and uses the default service namespace": { + secretListenerString: "listenerSecretName", + secretBackendSetString: "backendSetSecretName", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "default", + }, + }, + ports: []int{8080}, + ssr: nil, + + expectedResult: &SSLConfig{ + Ports: sets.NewInt(8080), + ListenerSSLSecretName: "listenerSecretName", + ListenerSSLSecretNamespace: "default", + BackendSetSSLSecretName: "backendSetSecretName", + BackendSetSSLSecretNamespace: "default", + sslSecretReader: noopSSLSecretReader{}, + }, + }, + "ssr is assigned if provided and uses the default service namespace": { + secretListenerString: "listenerSecretName", + secretBackendSetString: "backendSetSecretName", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "default", + }, + }, + ports: []int{8080}, + ssr: &mockSSLSecretReader{}, + + expectedResult: &SSLConfig{ + Ports: sets.NewInt(8080), + ListenerSSLSecretName: "listenerSecretName", + ListenerSSLSecretNamespace: "default", + BackendSetSSLSecretName: "backendSetSecretName", + BackendSetSSLSecretNamespace: "default", + sslSecretReader: &mockSSLSecretReader{}, + }, + }, + "If namespace is specified in secret string, use it": { + secretListenerString: "namespaceone/listenerSecretName", + secretBackendSetString: "namespacetwo/backendSetSecretName", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "default", + }, + }, + ports: []int{8080}, + ssr: &mockSSLSecretReader{}, + + expectedResult: &SSLConfig{ + Ports: sets.NewInt(8080), + ListenerSSLSecretName: "listenerSecretName", + ListenerSSLSecretNamespace: "namespaceone", + BackendSetSSLSecretName: "backendSetSecretName", + BackendSetSSLSecretNamespace: "namespacetwo", + sslSecretReader: &mockSSLSecretReader{}, + }, + }, + "Empty secret string results in empty name and namespace": { + ports: []int{8080}, + ssr: &mockSSLSecretReader{}, + + expectedResult: &SSLConfig{ + Ports: sets.NewInt(8080), + ListenerSSLSecretName: "", + ListenerSSLSecretNamespace: "", + BackendSetSSLSecretName: "", + BackendSetSSLSecretNamespace: "", + sslSecretReader: &mockSSLSecretReader{}, + }, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := NewSSLConfig(tc.secretListenerString, tc.secretBackendSetString, tc.service, tc.ports, tc.ssr) + if !reflect.DeepEqual(result, tc.expectedResult) { + t.Errorf("Expected SSlConfig \n%+v\nbut got\n%+v", tc.expectedResult, result) + } + }) + } +} + +func TestCertificates(t *testing.T) { + + backendSecretCaCert := "cacert1" + backendSecretPublicCert := "publiccert1" + backendSecretPrivateKey := "privatekey1" + backendSecretPassphrase := "passphrase1" + + listenerSecretCaCert := "cacert2" + listenerSecretPublicCert := "publiccert2" + listenerSecretPrivateKey := "privatekey2" + listenerSecretPassphrase := "passphrase2" + + testCases := map[string]struct { + lbSpec *LBSpec + expectedResult map[string]client.GenericCertificate + expectError bool + }{ + "No SSLConfig results in empty certificate details array": { + expectError: false, + lbSpec: &LBSpec{}, + expectedResult: make(map[string]client.GenericCertificate), + }, + "Return backend SSL secret": { + expectError: false, + lbSpec: &LBSpec{ + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "testnamespace", + }, + }, + SSLConfig: &SSLConfig{ + BackendSetSSLSecretName: backendSecret, + BackendSetSSLSecretNamespace: "backendnamespace", + sslSecretReader: &mockSSLSecretReader{ + returnError: false, + returnMap: map[struct { + namespaceArg string + nameArg string + }]*certificateData{ + {namespaceArg: "backendnamespace", nameArg: backendSecret}: { + Name: "certificatename", + CACert: []byte(backendSecretCaCert), + PublicCert: []byte(backendSecretPublicCert), + PrivateKey: []byte(backendSecretPrivateKey), + Passphrase: []byte(backendSecretPassphrase), + }, + }, + }, + }, + }, + expectedResult: map[string]client.GenericCertificate{ + backendSecret: { + CertificateName: &backendSecret, + CaCertificate: &backendSecretCaCert, + Passphrase: &backendSecretPassphrase, + PrivateKey: &backendSecretPrivateKey, + PublicCertificate: &backendSecretPublicCert, + }, + }, + }, + "Return both backend and listener SSL secret": { + expectError: false, + lbSpec: &LBSpec{ + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "testnamespace", + }, + }, + SSLConfig: &SSLConfig{ + BackendSetSSLSecretName: backendSecret, + BackendSetSSLSecretNamespace: "backendnamespace", + ListenerSSLSecretName: listenerSecret, + ListenerSSLSecretNamespace: "listenernamespace", + sslSecretReader: &mockSSLSecretReader{ + returnError: false, + returnMap: map[struct { + namespaceArg string + nameArg string + }]*certificateData{ + {namespaceArg: "backendnamespace", nameArg: backendSecret}: { + Name: "backendcertificatename", + CACert: []byte(backendSecretCaCert), + PublicCert: []byte(backendSecretPublicCert), + PrivateKey: []byte(backendSecretPrivateKey), + Passphrase: []byte(backendSecretPassphrase), + }, + {namespaceArg: "listenernamespace", nameArg: listenerSecret}: { + Name: "listenercertificatename", + CACert: []byte(listenerSecretCaCert), + PublicCert: []byte(listenerSecretPublicCert), + PrivateKey: []byte(listenerSecretPrivateKey), + Passphrase: []byte(listenerSecretPassphrase), + }, + }, + }, + }, + }, + expectedResult: map[string]client.GenericCertificate{ + backendSecret: { + CertificateName: &backendSecret, + CaCertificate: &backendSecretCaCert, + Passphrase: &backendSecretPassphrase, + PrivateKey: &backendSecretPrivateKey, + PublicCertificate: &backendSecretPublicCert, + }, + listenerSecret: { + CertificateName: &listenerSecret, + CaCertificate: &listenerSecretCaCert, + Passphrase: &listenerSecretPassphrase, + PrivateKey: &listenerSecretPrivateKey, + PublicCertificate: &listenerSecretPublicCert, + }, + }, + }, + "Error returned from SSL secret reader is handled gracefully": { + expectError: true, + lbSpec: &LBSpec{ + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "testnamespace", + }, + }, + SSLConfig: &SSLConfig{ + BackendSetSSLSecretName: backendSecret, + sslSecretReader: &mockSSLSecretReader{ + returnError: true, + }, + }, + }, + expectedResult: nil, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + certDetails, err := tc.lbSpec.Certificates() + if err != nil && !tc.expectError { + t.Errorf("Was not expected an error to be returned, but got one:\n%+v", err) + } + if !reflect.DeepEqual(certDetails, tc.expectedResult) { + t.Errorf("Expected certificate details \n%+v\nbut got\n%+v", tc.expectedResult, certDetails) + } + }) + } +} + +func TestRequiresCertificate(t *testing.T) { + testCases := map[string]struct { + expected bool + annotations map[string]string + }{ + "Contains the Load Balancer SSL Ports Annotation": { + expected: true, + annotations: map[string]string{ + ServiceAnnotationLoadBalancerSSLPorts: "443", + }, + }, + "Does not contain the Load Balancer SSL Ports Annotation": { + expected: false, + annotations: make(map[string]string, 0), + }, + "Always false for NLBs": { + expected: false, + annotations: map[string]string{ + ServiceAnnotationLoadBalancerSSLPorts: "443", + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := requiresCertificate(&v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: tc.annotations, + }, + }) + if result != tc.expected { + t.Error("Did not get the correct result") + } + }) + } +} + +func TestRequiresFrontendNsg(t *testing.T) { + testCases := map[string]struct { + expected bool + annotations map[string]string + }{ + "Contains annotation for NSG Rule management": { + expected: true, + annotations: map[string]string{ + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + }, + }, + "Does not contain annotation for NSG Rule management": { + expected: false, + annotations: make(map[string]string, 0), + }, + "Contains annotation (NLB) for NSG Rule management": { + expected: true, + annotations: map[string]string{ + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := requiresNsgManagement(&v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: tc.annotations, + }, + }) + if result != tc.expected { + t.Error("Did not get the correct result") + } + }) + } +} + +func Test_getBackends(t *testing.T) { + type args struct { + nodes []*v1.Node + virtualPods []*v1.Pod + nodePort int32 + } + var tests = []struct { + name string + args args + want []client.GenericBackend + wantIPv6 []client.GenericBackend + }{ + { + name: "no nodes", + args: args{nodePort: 80}, + want: []client.GenericBackend{}, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "single node with assigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, + }, + want: []client.GenericBackend{ + {IpAddress: common.String("0.0.0.0"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + }, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "single node with unassigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{}, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, + }, + want: []client.GenericBackend{}, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "multiple nodes - all with assigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, + }, + want: []client.GenericBackend{ + {IpAddress: common.String("0.0.0.0"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("0.0.0.1"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + }, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "multiple nodes - all with unassigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{}, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{}, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{}, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, + }, + want: []client.GenericBackend{}, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "multiple nodes - one with unassigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.0", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{}, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "0.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, }, want: []client.GenericBackend{ {IpAddress: common.String("0.0.0.0"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("0.0.0.1"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + }, + wantIPv6: []client.GenericBackend{}, + }, + { + name: "multiple nodes - one with unassigned IP", + args: args{ + nodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{}, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + nodePort: 80, + }, + want: []client.GenericBackend{}, + wantIPv6: []client.GenericBackend{ + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), Port: common.Int(80), Weight: common.Int(1)}, + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:1300"), Port: common.Int(80), Weight: common.Int(1)}, + }, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + logger := zap.L() + gotIpv4, gotIpv6 := getBackends(logger.Sugar(), tt.args.nodes, tt.args.nodePort) + if !reflect.DeepEqual(gotIpv4, tt.want) { + t.Errorf("getBackends() = %+v, want %+v", gotIpv4, tt.want) + } + if !reflect.DeepEqual(gotIpv6, tt.wantIPv6) { + t.Errorf("getBackends() = %+v, want %+v", gotIpv6, tt.wantIPv6) + } + + }) + } +} + +func TestIsInternal(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + isInternal bool + err error + }{ + "no ServiceAnnotationLoadBalancerInternal annotation": { + service: &v1.Service{}, + isInternal: false, + err: nil, + }, + "ServiceAnnotationLoadBalancerInternal is true": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "true", + }, + }, + }, + isInternal: true, + err: nil, + }, + "ServiceAnnotationLoadBalancerInternal is TRUE": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "TRUE", + }, + }, + }, + isInternal: true, + err: nil, + }, + "ServiceAnnotationLoadBalancerInternal is FALSE": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "FALSE", + }, + }, + }, + isInternal: false, + err: nil, + }, + "ServiceAnnotationLoadBalancerInternal is false": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "FALSE", + }, + }, + }, + isInternal: false, + err: nil, + }, + "ServiceAnnotationLoadBalancerInternal is non boolean": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInternal: "yes", + }, + }, + }, + isInternal: false, + err: fmt.Errorf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationLoadBalancerInternal), + }, + "no ServiceAnnotationNetworkLoadBalancerInternal annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + }, + isInternal: false, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerInternal is true": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInternal: "true", + }, + }, + }, + isInternal: true, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerInternal is TRUE": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInternal: "TRUE", + }, + }, + }, + isInternal: true, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerInternal is FALSE": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInternal: "FALSE", + }, + }, + }, + isInternal: false, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerInternal is false": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInternal: "FALSE", + }, + }, + }, + isInternal: false, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerInternal is non boolean": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInternal: "yes", + }, + }, + }, + isInternal: false, + err: fmt.Errorf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationNetworkLoadBalancerInternal), + }, + } + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + internal, err := isInternalLB(tc.service) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected internal LB error\n%+v\nbut got\n%+v", tc.err, err) + } + if internal != tc.isInternal { + t.Errorf("Expected internal LB\n%+v\nbut got\n%+v", tc.isInternal, internal) + } + }) + } +} + +func Test_getNetworkSecurityGroups(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + nsgList []string + err error + }{ + "empty ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "", + }, + }, }, + nsgList: []string{}, + err: nil, }, - { - name: "single node with unassigned IP", - args: args{ - nodes: []*v1.Node{ - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{}, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + "no ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, + }, + nsgList: []string{}, + err: nil, + }, + "ServiceAnnotationLoadBalancerNetworkSecurityGroups update annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", }, }, - nodePort: 80, }, - want: []client.GenericBackend{}, + nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, + err: nil, }, - { - name: "multiple nodes - all with assigned IP", - args: args{ - nodes: []*v1.Node{ - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{ - { - Address: "0.0.0.0", - Type: "InternalIP", - }, - }, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + "ServiceAnnotationLoadBalancerNetworkSecurityGroups Allow maximum NSG OCIDS (Max: 5)": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5", }, - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{ - { - Address: "0.0.0.1", - Type: "InternalIP", - }, - }, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + }, + }, + nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5"}, + err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci.oraclecloud.com/oci-network-security-groups"), + }, + "ServiceAnnotationLoadBalancerNetworkSecurityGroups Exceed maximum NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", }, }, - nodePort: 80, }, - want: []client.GenericBackend{ - {IpAddress: common.String("0.0.0.0"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, - {IpAddress: common.String("0.0.0.1"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + nsgList: nil, + err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci.oraclecloud.com/oci-network-security-groups"), + }, + "ServiceAnnotationLoadBalancerNetworkSecurityGroups Invalid NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;,ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb", + }, + }, }, + nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;", "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb"}, + err: nil, }, - { - name: "multiple nodes - all with unassigned IP", - args: args{ - nodes: []*v1.Node{ - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{}, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + "ServiceAnnotationLoadBalancerNetworkSecurityGroups duplicate NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2, ocid1", }, - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{}, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{}, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + }, + }, + nsgList: []string{"ocid1", "ocid2"}, + err: nil, + }, + "empty ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "", + }, + }, + }, + nsgList: []string{}, + err: nil, + }, + "no ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + }, + nsgList: []string{}, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups update annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + }, + }, + }, + nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Allow maximum NSG OCIDS (Max: 5)": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5", + }, + }, + }, + nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5"}, + err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci-network-load-balancer.oraclecloud.com/oci-network-security-groups"), + }, + "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Exceed maximum NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", }, }, - nodePort: 80, }, - want: []client.GenericBackend{}, + nsgList: nil, + err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci-network-load-balancer.oraclecloud.com/oci-network-security-groups"), }, - { - name: "multiple nodes - one with unassigned IP", - args: args{ - nodes: []*v1.Node{ - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{ - { - Address: "0.0.0.0", - Type: "InternalIP", - }, - }, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, - }, - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{}, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, - }, - { - TypeMeta: metav1.TypeMeta{}, - ObjectMeta: metav1.ObjectMeta{}, - Spec: v1.NodeSpec{ - ProviderID: testNodeString, - }, - Status: v1.NodeStatus{ - Capacity: nil, - Allocatable: nil, - Phase: "", - Conditions: nil, - Addresses: []v1.NodeAddress{ - { - Address: "0.0.0.1", - Type: "InternalIP", - }, - }, - DaemonEndpoints: v1.NodeDaemonEndpoints{}, - NodeInfo: v1.NodeSystemInfo{}, - Images: nil, - VolumesInUse: nil, - VolumesAttached: nil, - Config: nil, - }, + "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Invalid NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;,ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb", }, }, - nodePort: 80, }, - want: []client.GenericBackend{ - {IpAddress: common.String("0.0.0.0"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, - {IpAddress: common.String("0.0.0.1"), Port: common.Int(80), Weight: common.Int(1), TargetId: &testNodeString}, + nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;", "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb"}, + err: nil, + }, + "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups duplicate NSG OCIDS": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1, ocid2, ocid1", + }, + }, }, + nsgList: []string{"ocid1", "ocid2"}, + err: nil, }, } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - logger := zap.L() - if got := getBackends(logger.Sugar(), tt.args.nodes, tt.args.nodePort); !reflect.DeepEqual(got, tt.want) { - t.Errorf("getBackends() = %+v, want %+v", got, tt.want) + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + nsgList, err := getNetworkSecurityGroupIds(tc.service) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected NSG List error\n%+v\nbut got\n%+v", tc.err, err) + } + if !reflect.DeepEqual(nsgList, tc.nsgList) { + t.Errorf("Expected NSG List\n%+v\nbut got\n%+v", tc.nsgList, nsgList) } }) } } -func TestIsInternal(t *testing.T) { +func Test_getLoadBalancerTags(t *testing.T) { + emptyInitialTags := providercfg.InitialTags{} + emptyTags := providercfg.TagConfig{} testCases := map[string]struct { - service *v1.Service - isInternal bool - err error + service *v1.Service + initialTags *providercfg.InitialTags + desiredLBTags *providercfg.TagConfig + err error }{ - "no ServiceAnnotationLoadBalancerInternal annotation": { - service: &v1.Service{}, - isInternal: false, - err: nil, + "no tag annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{}, + }, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationLoadBalancerInternal is true": { + "empty ServiceAnnotationLoadBalancerInitialDefinedTagsOverride annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "true", + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "", }, }, }, - isInternal: true, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationLoadBalancerInternal is TRUE": { + "empty ServiceAnnotationLoadBalancerInitialFreeformTagsOverride annotation": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: "", + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, + }, + "invalid ServiceAnnotationLoadBalancerInitialFreeformTagsOverride annotation value": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: "a", + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New("failed to parse free form tags annotation: invalid character 'a' looking for beginning of value"), + }, + "invalid ServiceAnnotationLoadBalancerInitialDefinedTagsOverride annotation value": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "a", + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New("failed to parse defined tags annotation: invalid character 'a' looking for beginning of value"), + }, + "invalid json in resource level freeform tags": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New(`failed to parse free form tags annotation: invalid character '\'' looking for beginning of object key string`), + }, + "only resource level freeform tags": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"test":"tag"}`, + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"test": "tag"}, + // Defined tags are always present as Oracle-Tags are added by default + }, + err: nil, + }, + "only resource level defined tags": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value"}}`, + }, + }, + }, + initialTags: &emptyInitialTags, + desiredLBTags: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, + }, + err: nil, + }, + "only cluster level defined tags": { + service: &v1.Service{}, + initialTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, + }, + }, + desiredLBTags: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, + }, + err: nil, + }, + "resource and cluster level tags, only resource level tags are added": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + }, + }, + }, + initialTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, + }, + }, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + err: nil, + }, + "no tag annotation for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "TRUE", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - isInternal: true, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationLoadBalancerInternal is FALSE": { + "empty ServiceAnnotationLoadBalancerInitialDefinedTagsOverride NLB annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "FALSE", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: "", }, }, }, - isInternal: false, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationLoadBalancerInternal is false": { + "empty ServiceAnnotationLoadBalancerInitialFreeformTagsOverride NLB annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "FALSE", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: "", }, }, }, - isInternal: false, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationLoadBalancerInternal is non boolean": { + "invalid ServiceAnnotationLoadBalancerInitialFreeformTagsOverride NLB annotation value": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInternal: "yes", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: "a", }, }, }, - isInternal: false, - err: fmt.Errorf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationLoadBalancerInternal), + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New("failed to parse free form tags annotation: invalid character 'a' looking for beginning of value"), }, - "no ServiceAnnotationNetworkLoadBalancerInternal annotation": { + "invalid ServiceAnnotationLoadBalancerInitialDefinedTagsOverride NLB annotation value": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: "a", }, }, }, - isInternal: false, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New("failed to parse defined tags annotation: invalid character 'a' looking for beginning of value"), }, - "ServiceAnnotationNetworkLoadBalancerInternal is true": { + "invalid json in resource level freeform tags for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInternal: "true", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, }, }, }, - isInternal: true, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: nil, + err: errors.New(`failed to parse free form tags annotation: invalid character '\'' looking for beginning of object key string`), }, - "ServiceAnnotationNetworkLoadBalancerInternal is TRUE": { + "should ignore tags if lb tag override annotation is used for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInternal: "TRUE", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, + ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, }, }, }, - isInternal: true, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &emptyTags, + err: nil, }, - "ServiceAnnotationNetworkLoadBalancerInternal is FALSE": { + "only resource level freeform tags for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInternal: "FALSE", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"test":"tag"}`, }, }, }, - isInternal: false, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"test": "tag"}, + // Defined tags are always present as Oracle-Tags are added by default + }, + err: nil, }, - "ServiceAnnotationNetworkLoadBalancerInternal is false": { + "only resource level defined tags for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInternal: "FALSE", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value"}}`, }, }, }, - isInternal: false, - err: nil, + initialTags: &emptyInitialTags, + desiredLBTags: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, + }, + err: nil, }, - "ServiceAnnotationNetworkLoadBalancerInternal is non boolean": { + "resource and cluster level tags, only resource level tags are added for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInternal: "yes", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, }, }, }, - isInternal: false, - err: fmt.Errorf("invalid value: yes provided for annotation: %s: strconv.ParseBool: parsing \"yes\": invalid syntax", ServiceAnnotationNetworkLoadBalancerInternal), + initialTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "cluster"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, + }, + }, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + err: nil, }, - } - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - internal, err := isInternalLB(tc.service) - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected internal LB error\n%+v\nbut got\n%+v", tc.err, err) - } - if internal != tc.isInternal { - t.Errorf("Expected internal LB\n%+v\nbut got\n%+v", tc.isInternal, internal) - } - }) - } -} - -func Test_getNetworkSecurityGroups(t *testing.T) { - testCases := map[string]struct { - service *v1.Service - nsgList []string - err error - }{ - "empty ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { + "reverse compatibility tags test for nlb 1": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, + ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, }, }, }, - nsgList: []string{}, - err: nil, - }, - "no ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, - }, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, }, - nsgList: []string{}, - err: nil, + err: nil, }, - "ServiceAnnotationLoadBalancerNetworkSecurityGroups update annotation": { + "reverse compatibility tags test for nlb 2": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, + ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, }, }, }, - nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, - err: nil, + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource1", "unique": "tag1"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team1", "key": "value1"}}, + }, + err: nil, }, - "ServiceAnnotationLoadBalancerNetworkSecurityGroups Allow maximum NSG OCIDS (Max: 5)": { + "reverse compatibility tags test for nlb 3": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, + ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, + ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, }, }, }, - nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5"}, - err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci.oraclecloud.com/oci-network-security-groups"), + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource1", "unique": "tag1"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + }, + err: nil, }, - "ServiceAnnotationLoadBalancerNetworkSecurityGroups Exceed maximum NSG OCIDS": { + "reverse compatibility tags test for nlb 4": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, + ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, + ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, }, }, }, - nsgList: nil, - err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci.oraclecloud.com/oci-network-security-groups"), + desiredLBTags: &providercfg.TagConfig{ + FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, + DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team1", "key": "value1"}}, + }, + err: nil, }, - "ServiceAnnotationLoadBalancerNetworkSecurityGroups Invalid NSG OCIDS": { + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + actualTags, err := getLoadBalancerTags(tc.service, tc.initialTags) + t.Log("Error:", err) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected error\n%+v\nbut got\n%+v", tc.err, err) + } + if !reflect.DeepEqual(tc.desiredLBTags, actualTags) { + t.Errorf("Expected LB Tags\n%+v\nbut got\n%+v", tc.desiredLBTags, actualTags) + } + }) + } +} + +func Test_getHealthChecker(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + expected *client.GenericHealthChecker + err error + }{ + "defaults": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;,ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb", - }, + Annotations: map[string]string{}, }, }, - nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;", "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb"}, - err: nil, + expected: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + err: nil, }, - "ServiceAnnotationLoadBalancerNetworkSecurityGroups duplicate NSG OCIDS": { + "retries timeout intervals annotations for lb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerNetworkSecurityGroups: "ocid1,ocid2, ocid1", + ServiceAnnotationLoadBalancerHealthCheckTimeout: "3500", + ServiceAnnotationLoadBalancerHealthCheckRetries: "4", + ServiceAnnotationLoadBalancerHealthCheckInterval: "14500", }, }, }, - nsgList: []string{"ocid1", "ocid2"}, - err: nil, + expected: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(4), + TimeoutInMillis: common.Int(3500), + IntervalInMillis: common.Int(14500), + ReturnCode: common.Int(http.StatusOK), + }, + err: nil, }, - "empty ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups annotation": { + "defaults-nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - nsgList: []string{}, - err: nil, + expected: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + err: nil, }, - "no ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups annotation": { + "retries timeout intervals annotations for nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerHealthCheckTimeout: "3500", + ServiceAnnotationNetworkLoadBalancerHealthCheckRetries: "4", + ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "14500", }, }, }, - nsgList: []string{}, - err: nil, + expected: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(4), + TimeoutInMillis: common.Int(3500), + IntervalInMillis: common.Int(14500), + ReturnCode: common.Int(http.StatusOK), + }, + err: nil, }, - "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups update annotation": { + "lb wrong interval value - lesser than min": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", + ServiceAnnotationLoadBalancerHealthCheckInterval: "300", }, }, }, - nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, - err: nil, + expected: nil, + err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", LBHealthCheckIntervalMin, LBHealthCheckIntervalMax), }, - "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Allow maximum NSG OCIDS (Max: 5)": { + "lb wrong interval value - greater than max": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5", + ServiceAnnotationLoadBalancerHealthCheckInterval: "3000000", }, }, }, - nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5"}, - err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci-network-load-balancer.oraclecloud.com/oci-network-security-groups"), + expected: nil, + err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", LBHealthCheckIntervalMin, LBHealthCheckIntervalMax), }, - "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Exceed maximum NSG OCIDS": { + "nlb wrong interval value - lesser than min": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "3000", }, }, }, - nsgList: nil, - err: fmt.Errorf("invalid number of Network Security Groups (Max: 5) provided for annotation: oci-network-load-balancer.oraclecloud.com/oci-network-security-groups"), + expected: nil, + err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", NLBHealthCheckIntervalMin, NLBHealthCheckIntervalMax), }, - "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups Invalid NSG OCIDS": { + "nlb wrong interval value - greater than max": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;,ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "3000000", }, }, }, - nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-;", "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaabbbbbbbbbbbbbbbbbbbbb"}, - err: nil, + expected: nil, + err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", NLBHealthCheckIntervalMin, NLBHealthCheckIntervalMax), }, - "ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups duplicate NSG OCIDS": { + "http healthcheck for https backends": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups: "ocid1, ocid2, ocid1", + ServiceAnnotationLoadBalancerType: "lb", + ServiceAnnotationLoadBalancerTLSBackendSetSecret: "testSecret", }, }, }, - nsgList: []string{"ocid1", "ocid2"}, - err: nil, + expected: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(true), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + err: nil, }, } for name, tc := range testCases { t.Run(name, func(t *testing.T) { - nsgList, err := getNetworkSecurityGroupIds(tc.service) + result, err := getHealthChecker(tc.service) + + if tc.err != nil && err == nil { + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) + } if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected NSG List error\n%+v\nbut got\n%+v", tc.err, err) + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) } - if !reflect.DeepEqual(nsgList, tc.nsgList) { - t.Errorf("Expected NSG List\n%+v\nbut got\n%+v", tc.nsgList, nsgList) + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expected, result) } }) } } -func Test_getLoadBalancerTags(t *testing.T) { - emptyInitialTags := providercfg.InitialTags{} - emptyTags := providercfg.TagConfig{} - testCases := map[string]struct { - service *v1.Service - initialTags *providercfg.InitialTags - desiredLBTags *providercfg.TagConfig - err error +func Test_getListeners(t *testing.T) { + var tests = []struct { + service *v1.Service + listenerBackendIpVersion []string + name string + sslConfig *SSLConfig + want map[string]client.GenericListener }{ - "no tag annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{}, - }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, - }, - "empty ServiceAnnotationLoadBalancerInitialDefinedTagsOverride annotation": { + { + name: "default", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "", + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, }, }, - }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, - }, - "empty ServiceAnnotationLoadBalancerInitialFreeformTagsOverride annotation": { - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: "", - }, + Annotations: map[string]string{}, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, - }, - "invalid ServiceAnnotationLoadBalancerInitialFreeformTagsOverride annotation value": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: "a", - }, + listenerBackendIpVersion: []string{IPv4}, + sslConfig: nil, + want: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), + DefaultBackendSetName: common.String("TCP-80"), }, }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New("failed to parse free form tags annotation: invalid character 'a' looking for beginning of value"), }, - "invalid ServiceAnnotationLoadBalancerInitialDefinedTagsOverride annotation value": { + { + name: "default-nlb", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: "a", + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, }, }, - }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New("failed to parse defined tags annotation: invalid character 'a' looking for beginning of value"), - }, - "invalid json in resource level freeform tags": { - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New(`failed to parse free form tags annotation: invalid character '\'' looking for beginning of object key string`), - }, - "only resource level freeform tags": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"test":"tag"}`, - }, + listenerBackendIpVersion: []string{IPv4}, + sslConfig: nil, + want: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), + DefaultBackendSetName: common.String("TCP-80"), + IpVersion: GenericIpVersion(client.GenericIPv4), }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"test": "tag"}, - // Defined tags are always present as Oracle-Tags are added by default - }, - err: nil, }, - "only resource level defined tags": { + { + name: "ssl configuration and cipher suite", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value"}}`, + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Protocol: v1.Protocol("TCP"), + Port: int32(443), + }, }, }, - }, - initialTags: &emptyInitialTags, - desiredLBTags: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, - }, - err: nil, - }, - "only cluster level defined tags": { - service: &v1.Service{}, - initialTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, - }, - }, - desiredLBTags: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, - }, - err: nil, - }, - "resource and cluster level tags, only resource level tags are added": { - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + ServiceAnnotationLoadbalancerListenerSSLConfig: `{"cipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "protocols":["TLSv1.2"]}`, + ServiceAnnotationLoadBalancerSSLPorts: "443", }, }, }, - initialTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, - }, + listenerBackendIpVersion: []string{IPv4}, + sslConfig: &SSLConfig{ + Ports: sets.NewInt(443), + ListenerSSLSecretName: listenerSecret, + BackendSetSSLSecretName: backendSecret, }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + want: map[string]client.GenericListener{ + "TCP-443": { + Name: common.String("TCP-443"), + Port: common.Int(443), + Protocol: common.String("TCP"), + DefaultBackendSetName: common.String("TCP-443"), + SslConfiguration: &client.GenericSslConfigurationDetails{ + CertificateName: &listenerSecret, + VerifyDepth: common.Int(0), + VerifyPeerCertificate: common.Bool(false), + CipherSuiteName: common.String("oci-default-http2-ssl-cipher-suite-v1"), + Protocols: []string{"TLSv1.2"}, + }, + }, }, - err: nil, }, - "no tag annotation for nlb": { + { + name: "Listeners with ssl configuration information", service: &v1.Service{ + Spec: v1.ServiceSpec{ + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(80), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadbalancerListenerSSLConfig: `{"cipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "protocols":["TLSv1.2"]}`, }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, + listenerBackendIpVersion: []string{IPv4}, + sslConfig: nil, + want: map[string]client.GenericListener{ + "TCP-80": { + Name: common.String("TCP-80"), + Port: common.Int(80), + Protocol: common.String("TCP"), + DefaultBackendSetName: common.String("TCP-80"), + }, + }, }, - "empty ServiceAnnotationLoadBalancerInitialDefinedTagsOverride NLB annotation": { + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + svc := tt.service + if got, err := getListeners(svc, tt.sslConfig, tt.listenerBackendIpVersion); !reflect.DeepEqual(got, tt.want) { + if err != nil { + t.Errorf("Err %v", err.Error()) + } + got, _ := json.Marshal(got) + want, _ := json.Marshal(tt.want) + t.Errorf("getListeners() failed want: %s \n got: %s \n", want, got) + } + }) + } +} + +func Test_getSecurityListManagementMode(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + expected string + }{ + "defaults - lb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: "", - }, + Annotations: map[string]string{}, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, + expected: "All", }, - "empty ServiceAnnotationLoadBalancerInitialFreeformTagsOverride NLB annotation": { + "defaults - nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: "", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, + expected: "None", }, - "invalid ServiceAnnotationLoadBalancerInitialFreeformTagsOverride NLB annotation value": { + "lb mode None": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: "a", + ServiceAnnotationLoadBalancerSecurityListManagementMode: "None", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New("failed to parse free form tags annotation: invalid character 'a' looking for beginning of value"), + expected: "None", }, - "invalid ServiceAnnotationLoadBalancerInitialDefinedTagsOverride NLB annotation value": { + "lb mode all": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: "a", + ServiceAnnotationLoadBalancerSecurityListManagementMode: "All", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New("failed to parse defined tags annotation: invalid character 'a' looking for beginning of value"), + expected: "All", }, - "invalid json in resource level freeform tags for nlb": { + "lb mode frontend": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, + ServiceAnnotationLoadBalancerSecurityListManagementMode: "Frontend", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: nil, - err: errors.New(`failed to parse free form tags annotation: invalid character '\'' looking for beginning of object key string`), + expected: "Frontend", }, - "should ignore tags if lb tag override annotation is used for nlb": { + "defaults-nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationLoadBalancerInitialFreeformTagsOverride: `{'test':'tag'}`, - ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &emptyTags, - err: nil, + expected: "None", }, - "only resource level freeform tags for nlb": { + "nlb mode None": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"test":"tag"}`, + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "None", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"test": "tag"}, - // Defined tags are always present as Oracle-Tags are added by default - }, - err: nil, + expected: "None", }, - "only resource level defined tags for nlb": { + "nlb mode all": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value"}}`, + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", }, }, }, - initialTags: &emptyInitialTags, - desiredLBTags: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"namespace": {"key": "value"}}, - }, - err: nil, + expected: "All", }, - "resource and cluster level tags, only resource level tags are added for nlb": { + "nlb mode frontend": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "Frontend", }, }, }, - initialTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "cluster"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"cluster": "name", "owner": "cluster"}}, - }, - }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, - }, - err: nil, + expected: "Frontend", }, - "reverse compatibility tags test for nlb 1": { + } + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result, err := getSecurityListManagementMode(tc.service) + if err != nil { + t.Error(err) + } + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.expected, result) + } + }) + } +} + +func Test_getRuleManagementMode(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + expected string + nsg *ManagedNetworkSecurityGroup + error error + }{ + "defaults": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, - ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, - }, + Annotations: map[string]string{}, }, }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + expected: "All", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "reverse compatibility tags test for nlb 2": { + "defaults - nlb": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, - ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource1", "unique": "tag1"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team1", "key": "value1"}}, + expected: "None", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "reverse compatibility tags test for nlb 3": { + "lb mode None": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, - ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, - ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: `{"namespace":{"key":"value", "owner":"team"}}`, + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "None", }, }, }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource1", "unique": "tag1"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team", "key": "value"}}, + expected: "None", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "reverse compatibility tags test for nlb 4": { + "lb mode all": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerFreeformTags: `{"cluster":"resource1", "unique":"tag1"}`, - ServiceAnnotationNetworkLoadBalancerDefinedTags: `{"namespace":{"key":"value1", "owner":"team1"}}`, - ServiceAnnotationNetworkLoadBalancerInitialFreeformTagsOverride: `{"cluster":"resource", "unique":"tag"}`, + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-All", }, }, }, - desiredLBTags: &providercfg.TagConfig{ - FreeformTags: map[string]string{"cluster": "resource", "unique": "tag"}, - DefinedTags: map[string]map[string]interface{}{"namespace": {"owner": "team1", "key": "value1"}}, + expected: "All", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - actualTags, err := getLoadBalancerTags(tc.service, tc.initialTags) - t.Log("Error:", err) - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected error\n%+v\nbut got\n%+v", tc.err, err) - } - if !reflect.DeepEqual(tc.desiredLBTags, actualTags) { - t.Errorf("Expected LB Tags\n%+v\nbut got\n%+v", tc.desiredLBTags, actualTags) - } - }) - } -} - -func Test_getHealthChecker(t *testing.T) { - testCases := map[string]struct { - service *v1.Service - expected *client.GenericHealthChecker - err error - }{ - "defaults": { + "lb mode frontend": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-Frontend", + }, }, }, - expected: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(false), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(3), - TimeoutInMillis: common.Int(3000), - IntervalInMillis: common.Int(10000), - ReturnCode: common.Int(http.StatusOK), + expected: "Frontend", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "retries timeout intervals annotations for lb": { + "lb mode nsg frontend": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerHealthCheckTimeout: "3500", - ServiceAnnotationLoadBalancerHealthCheckRetries: "4", - ServiceAnnotationLoadBalancerHealthCheckInterval: "14500", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", }, }, }, - expected: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(false), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(4), - TimeoutInMillis: common.Int(3500), - IntervalInMillis: common.Int(14500), - ReturnCode: common.Int(http.StatusOK), + expected: "NSG", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: "NSG", + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, "defaults-nlb": { service: &v1.Service{ @@ -4663,273 +8520,331 @@ func Test_getHealthChecker(t *testing.T) { }, }, }, - expected: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(false), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(3), - TimeoutInMillis: common.Int(3000), - IntervalInMillis: common.Int(10000), - ReturnCode: common.Int(http.StatusOK), + expected: "None", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "retries timeout intervals annotations for nlb": { + "nlb mode None": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerHealthCheckTimeout: "3500", - ServiceAnnotationNetworkLoadBalancerHealthCheckRetries: "4", - ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "14500", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "None", }, }, }, - expected: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(false), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(4), - TimeoutInMillis: common.Int(3500), - IntervalInMillis: common.Int(14500), - ReturnCode: common.Int(http.StatusOK), + expected: "None", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - "lb wrong interval value - lesser than min": { + "nlb mode all": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerHealthCheckInterval: "300", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-All", }, }, }, - expected: nil, - err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", LBHealthCheckIntervalMin, LBHealthCheckIntervalMax), + expected: "All", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, + }, }, - "lb wrong interval value - greater than max": { + "nlb mode frontend": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerHealthCheckInterval: "3000000", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-Frontend", }, }, }, - expected: nil, - err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", LBHealthCheckIntervalMin, LBHealthCheckIntervalMax), + expected: "Frontend", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, + }, }, - "nlb wrong interval value - lesser than min": { + "nlb mode nsg": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "3000", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", }, }, }, - expected: nil, - err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", NLBHealthCheckIntervalMin, NLBHealthCheckIntervalMax), + expected: "NSG", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: "NSG", + frontendNsgId: "", + backendNsgId: []string{}, + }, }, - "nlb wrong interval value - greater than max": { + "lb mode precedence": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerHealthCheckInterval: "3000000", + ServiceAnnotationLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", }, }, }, - expected: nil, - err: fmt.Errorf("invalid value for health check interval, should be between %v and %v", NLBHealthCheckIntervalMin, NLBHealthCheckIntervalMax), + expected: "NSG", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: "NSG", + frontendNsgId: "", + backendNsgId: []string{}, + }, }, - "http healthcheck for https backends": { + "nlb mode precedence": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "lb", - ServiceAnnotationLoadBalancerTLSBackendSetSecret: "testSecret", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", }, }, }, - expected: &client.GenericHealthChecker{ - Protocol: "HTTP", - IsForcePlainText: common.Bool(true), - Port: common.Int(10256), - UrlPath: common.String("/healthz"), - Retries: common.Int(3), - TimeoutInMillis: common.Int(3000), - IntervalInMillis: common.Int(10000), - ReturnCode: common.Int(http.StatusOK), + expected: "NSG", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: "NSG", + frontendNsgId: "", + backendNsgId: []string{}, }, - err: nil, }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - result, err := getHealthChecker(tc.service) - - if tc.err != nil && err == nil { - t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) - } - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expected, result) - } - }) - } -} - -func Test_getListeners(t *testing.T) { - var tests = []struct { - service *v1.Service - name string - want map[string]client.GenericListener - }{ - { - name: "default", + "case does not matter nsg": { service: &v1.Service{ - Spec: v1.ServiceSpec{ - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolTCP, - Port: int32(80), - }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "nsg", }, }, + }, + expected: "NSG", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: "NSG", + frontendNsgId: "", + backendNsgId: []string{}, + }, + }, + "case does not matter sl-all": { + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "sl-all", + }, }, }, - - want: map[string]client.GenericListener{ - "TCP-80": { - Name: common.String("TCP-80"), - Port: common.Int(80), - Protocol: common.String("TCP"), - DefaultBackendSetName: common.String("TCP-80"), - }, + expected: "All", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, }, - { - name: "default-nlb", + "case does not matter sl-frontend": { service: &v1.Service{ - Spec: v1.ServiceSpec{ - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolTCP, - Port: int32(80), - }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "sl-frontend", }, }, + }, + expected: "Frontend", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, + }, + }, + "invalid values should return none": { + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "random", + ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "random", }, }, }, - - want: map[string]client.GenericListener{ - "TCP-80": { - Name: common.String("TCP-80"), - Port: common.Int(80), - Protocol: common.String("TCP"), - DefaultBackendSetName: common.String("TCP-80"), - }, + expected: "None", + nsg: &ManagedNetworkSecurityGroup{ + nsgRuleManagementMode: ManagementModeNone, + frontendNsgId: "", + backendNsgId: []string{}, }, + error: fmt.Errorf("invalid value: %s provided for annotation: oci.oraclecloud.com/security-rule-management-mode", + "random"), }, } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - svc := tt.service - if got, _ := getListeners(svc, nil); !reflect.DeepEqual(got, tt.want) { - t.Errorf("getListeners() = %+v, \n want %+v", got, tt.want) - + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result, nsg, err := getRuleManagementMode(tc.service) + if err != nil { + if !reflect.DeepEqual(err, tc.error) { + t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.error, err) + } + } + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.expected, result) + } + if !reflect.DeepEqual(nsg, tc.nsg) { + t.Errorf("Expected Nsg values \n%+v\nbut got\n%+v", tc.nsg, nsg) } }) } } -func Test_getSecurityListManagementMode(t *testing.T) { +func Test_getBackendNetworkSecurityGroups(t *testing.T) { testCases := map[string]struct { - service *v1.Service - expected string + service *v1.Service + nsgList []string + err error }{ - "defaults - lb": { + "empty ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + Annotations: map[string]string{ + ServiceAnnotationBackendSecurityRuleManagement: "", + }, }, }, - expected: "All", + nsgList: []string{}, + err: nil, }, - "defaults - nlb": { + "no ServiceAnnotationBackendSecurityRuleManagement annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, + Annotations: map[string]string{}, }, }, - expected: "None", + nsgList: []string{}, + err: nil, }, - "lb mode None": { + "ServiceAnnotationBackendSecurityRuleManagement update annotation": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityListManagementMode: "None", + ServiceAnnotationBackendSecurityRuleManagement: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", }, }, }, - expected: "None", + nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, + err: nil, }, - "lb mode all": { + "ServiceAnnotationBackendSecurityRuleManagement more than 5": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityListManagementMode: "All", + ServiceAnnotationBackendSecurityRuleManagement: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", }, }, }, - expected: "All", + nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5", "ocid6"}, + err: nil, }, - "lb mode frontend": { + "ServiceAnnotationBackendSecurityRuleManagement duplicate NSG OCIDS": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityListManagementMode: "Frontend", + ServiceAnnotationBackendSecurityRuleManagement: "ocid1,ocid2, ocid1", }, }, }, - expected: "Frontend", + nsgList: []string{"ocid1", "ocid2"}, + err: nil, }, - "defaults-nlb": { + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + nsgList, err := getManagedBackendNSG(tc.service) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected NSG List error\n%+v\nbut got\n%+v", tc.err, err) + } + if !reflect.DeepEqual(nsgList, tc.nsgList) { + t.Errorf("Expected NSG List\n%+v\nbut got\n%+v", tc.nsgList, nsgList) + } + }) + } +} + +func Test_validateService(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + err error + }{ + "defaults": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + }, ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, + Annotations: map[string]string{}, }, }, - expected: "None", + err: nil, }, - "nlb mode None": { + "nlb invalid seclist mgmt mode": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "None", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "Neither", }, }, }, - expected: "None", + err: fmt.Errorf("invalid value: Neither provided for annotation: oci-network-load-balancer.oraclecloud.com/security-list-management-mode"), }, - "nlb mode all": { + "lb with protocol udp": { + service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolUDP, + Port: int32(67), + }, + }, + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, + }, + err: fmt.Errorf("OCI load balancers do not support UDP"), + }, + "nlb udp with seclist mgmt not None": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolUDP, + Port: int32(67), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", @@ -4937,1523 +8852,2650 @@ func Test_getSecurityListManagementMode(t *testing.T) { }, }, }, - expected: "All", + err: fmt.Errorf("Security list management mode can only be 'None' for UDP protocol"), }, - "nlb mode frontend": { + "session affinity not none": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityClientIP, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolUDP, + Port: int32(67), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "Frontend", + ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "None", }, }, }, - expected: "Frontend", + err: fmt.Errorf("OCI only supports SessionAffinity \"None\" currently"), }, } for name, tc := range testCases { t.Run(name, func(t *testing.T) { - result, err := getSecurityListManagementMode(tc.service) - if err != nil { - t.Error(err) + err := validateService(tc.service) + if tc.err != nil && err == nil { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) } - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.expected, result) + if err != nil && tc.err == nil { + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) + } + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) } }) } } -func Test_getRuleManagementMode(t *testing.T) { +func Test_getListenersNetworkLoadBalancer(t *testing.T) { + testOneListenerName := "TCP_AND_UDP-67" + testOneBackendSetName := "TCP_AND_UDP-67" + testOneProtocol := "TCP_AND_UDP" + testOnePort := 67 + + testTwoListenerNameOne := "TCP-67" + testTwoBackendSetNameOne := "TCP-67" + testTwoProtocolOne := "TCP" + testTwoPortOne := 67 + + testTwoListenerNameTwo := "UDP-68" + testTwoBackendSetNameTwo := "UDP-68" + testTwoProtocolTwo := "UDP" + testTwoPortTwo := 68 + + testThreeListenerName := "TCP-67" + testThreeBackendSetName := "TCP-67" + testThreeProtocol := "TCP" + testThreePort := 67 + + testFourListenerName := "UDP-67" + testFourBackendSetName := "UDP-67" + testFourProtocol := "UDP" + testFourPort := 67 + + IPFamilyPolicyPreferDualStack := v1.IPFamilyPolicyPreferDualStack + IPFamilyPolicySingleStack := v1.IPFamilyPolicySingleStack + testThreeListenerNameIPv6 := "TCP-67-IPv6" + testThreeBackendSetNameIPv6 := "TCP-67-IPv6" + testCases := map[string]struct { - service *v1.Service - expected string - nsg *ManagedNetworkSecurityGroup - error error + service *v1.Service + listenerBackendIpVersion []string + wantListeners map[string]client.GenericListener + err error }{ - "defaults": { + "NLB_with_mixed_protocol_on_same_port": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, + { + Protocol: v1.ProtocolUDP, + Port: int32(67), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, - expected: "All", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "TCP_AND_UDP-67": { + Name: &testOneListenerName, + DefaultBackendSetName: common.String(testOneBackendSetName), + Protocol: &testOneProtocol, + Port: &testOnePort, + }, }, + err: nil, }, - "defaults - nlb": { + "NLB_with_mixed_protocol_on_different_port": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, + { + Protocol: v1.ProtocolUDP, + Port: int32(68), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "None", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "TCP-67": { + Name: &testTwoListenerNameOne, + DefaultBackendSetName: common.String(testTwoBackendSetNameOne), + Protocol: &testTwoProtocolOne, + Port: &testTwoPortOne, + }, + "UDP-68": { + Name: &testTwoListenerNameTwo, + DefaultBackendSetName: common.String(testTwoBackendSetNameTwo), + Protocol: &testTwoProtocolTwo, + Port: &testTwoPortTwo, + }, }, + err: nil, }, - "lb mode None": { + "NLB_with_only_TCP_protocol": { service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "None", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, }, }, - }, - expected: "None", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, - }, - }, - "lb mode all": { - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-All", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "All", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "TCP-67": { + Name: &testThreeListenerName, + DefaultBackendSetName: common.String(testThreeBackendSetName), + Protocol: &testThreeProtocol, + Port: &testThreePort, + }, }, + err: nil, }, - "lb mode frontend": { + "NLB_with_only_UDP_protocol": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolUDP, + Port: int32(67), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-Frontend", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "Frontend", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "UDP-67": { + Name: &testFourListenerName, + DefaultBackendSetName: common.String(testFourBackendSetName), + Protocol: &testFourProtocol, + Port: &testFourPort, + }, }, + err: nil, }, - "lb mode nsg frontend": { + "NLB_with_only_TCP_protocol_IPv4_IPv6": { service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: &IPFamilyPolicyPreferDualStack, }, }, - expected: "NSG", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: "NSG", - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4, IPv6}, + wantListeners: map[string]client.GenericListener{ + "TCP-67-IPv6": { + Name: &testThreeListenerNameIPv6, + DefaultBackendSetName: common.String(testThreeBackendSetNameIPv6), + Protocol: &testThreeProtocol, + Port: &testThreePort, + }, + "TCP-67": { + Name: &testThreeListenerName, + DefaultBackendSetName: common.String(testThreeBackendSetName), + Protocol: &testThreeProtocol, + Port: &testThreePort, + }, }, + err: nil, }, - "defaults-nlb": { + "NLB_with_only_TCP_protocol_IPv6": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, + }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: &IPFamilyPolicySingleStack, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "None", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv6}, + wantListeners: map[string]client.GenericListener{ + "TCP-67-IPv6": { + Name: &testThreeListenerNameIPv6, + DefaultBackendSetName: common.String(testThreeBackendSetNameIPv6), + Protocol: &testThreeProtocol, + Port: &testThreePort, + }, }, + err: nil, }, - "nlb mode None": { + "NLB_with_Ppv2_Enabled": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, + { + Protocol: v1.ProtocolUDP, + Port: int32(68), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "None", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPpv2Enabled: "true", }, }, }, - expected: "None", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "TCP-67": { + Name: &testTwoListenerNameOne, + DefaultBackendSetName: common.String(testTwoBackendSetNameOne), + Protocol: &testTwoProtocolOne, + Port: &testTwoPortOne, + IsPpv2Enabled: pointer.Bool(true), + }, + "UDP-68": { + Name: &testTwoListenerNameTwo, + DefaultBackendSetName: common.String(testTwoBackendSetNameTwo), + Protocol: &testTwoProtocolTwo, + Port: &testTwoPortTwo, + IsPpv2Enabled: pointer.Bool(true), + }, }, + err: nil, }, - "nlb mode all": { + + "NLB_with_Ppv2_Disabled": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + }, + { + Protocol: v1.ProtocolUDP, + Port: int32(68), + }, + }, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-All", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPpv2Enabled: "xyz", }, }, }, - expected: "All", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + listenerBackendIpVersion: []string{IPv4}, + wantListeners: map[string]client.GenericListener{ + "TCP-67": { + Name: &testTwoListenerNameOne, + DefaultBackendSetName: common.String(testTwoBackendSetNameOne), + Protocol: &testTwoProtocolOne, + Port: &testTwoPortOne, + IsPpv2Enabled: pointer.Bool(true), + }, + "UDP-68": { + Name: &testTwoListenerNameTwo, + DefaultBackendSetName: common.String(testTwoBackendSetNameTwo), + Protocol: &testTwoProtocolTwo, + Port: &testTwoPortTwo, + IsPpv2Enabled: pointer.Bool(false), + }, }, + err: nil, }, - "nlb mode frontend": { + } + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + gotListeners, err := getListenersNetworkLoadBalancer(tc.service, tc.listenerBackendIpVersion) + if tc.err != nil && err == nil { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) + } + if err != nil && tc.err == nil { + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) + } + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) + } + if len(gotListeners) != len(tc.wantListeners) { + t.Errorf("Number of excpected listeners \n%+v\nbut got\n%+v", len(tc.wantListeners), len(gotListeners)) + } + if len(gotListeners) != 0 { + for name, listener := range tc.wantListeners { + gotListener, ok := gotListeners[name] + if !ok { + t.Errorf("Expected listener with name \n%+v\nbut listener not present", *listener.Name) + } + if *gotListener.Name != *listener.Name { + t.Errorf("Expected listener name \n%+v\nbut got listener name \n%+v", *listener.Name, *gotListener.Name) + } + if *gotListener.DefaultBackendSetName != *listener.DefaultBackendSetName { + t.Errorf("Expected default backend set name \n%+v\nbut got default backend set name \n%+v", *listener.DefaultBackendSetName, *gotListener.DefaultBackendSetName) + } + if *gotListener.Protocol != *listener.Protocol { + t.Errorf("Expected protocol \n%+v\nbut got protocol \n%+v", *listener.Protocol, *gotListener.Protocol) + } + if *gotListener.Port != *listener.Port { + t.Errorf("Expected port number \n%+v\nbut got port number \n%+v", *listener.Port, *gotListener.Port) + } + } + } + }) + } +} + +func Test_getPreserveSourceDestination(t *testing.T) { + testCases := map[string]struct { + service *v1.Service + expectedBool bool + err error + }{ + "oci LB default": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + }, ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "SL-Frontend", - }, + Annotations: map[string]string{}, }, }, - expected: "Frontend", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, + expectedBool: false, + err: nil, + }, + "oci LB, externalTrafficPolicy Local": { + service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, + }, }, + expectedBool: false, + err: nil, }, - "nlb mode nsg": { + "oci NLB default": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "NSG", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: "NSG", - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: false, + err: nil, }, - "lb mode precedence": { + "oci NLB, externalTrafficPolicy Local": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSecurityListManagementMode: "All", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expected: "NSG", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: "NSG", - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: true, + err: nil, }, - "nlb mode precedence": { + "oci NLB, externalTrafficPolicy Local, disabled by annotation": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "NSG", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "false", }, }, }, - expected: "NSG", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: "NSG", - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: false, + err: nil, }, - "case does not matter nsg": { + "oci NLB, externalTrafficPolicy Local, enabled via annotation": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "nsg", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "true", }, }, }, - expected: "NSG", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: "NSG", - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: true, + err: nil, }, - "case does not matter sl-all": { + "oci NLB, externalTrafficPolicy Local, bad annotation value": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "sl-all", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "disable", }, }, }, - expected: "All", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: false, + err: fmt.Errorf("failed to to parse oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation value - disable"), }, - "case does not matter sl-frontend": { + "oci NLB, externalTrafficPolicy Cluster, enabled via annotation": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "sl-frontend", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "true", }, }, }, - expected: "Frontend", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, - }, + expectedBool: false, + err: fmt.Errorf("oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation cannot be set when externalTrafficPolicy is set to Cluster"), }, - "invalid values should return none": { + "oci NLB, externalTrafficPolicy Cluster, disabled via annotation": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "random", - ServiceAnnotationLoadBalancerSecurityRuleManagementMode: "random", + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "false", }, }, }, - expected: "None", - nsg: &ManagedNetworkSecurityGroup{ - nsgRuleManagementMode: ManagementModeNone, - frontendNsgId: "", - backendNsgId: []string{}, - }, - error: fmt.Errorf("invalid value: %s provided for annotation: oci.oraclecloud.com/security-rule-management-mode", - "random"), + expectedBool: false, + err: fmt.Errorf("oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation cannot be set when externalTrafficPolicy is set to Cluster"), }, } for name, tc := range testCases { + logger := zap.L() t.Run(name, func(t *testing.T) { - result, nsg, err := getRuleManagementMode(tc.service) - if err != nil { - if !reflect.DeepEqual(err, tc.error) { - t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.error, err) - } + enable, err := getPreserveSource(logger.Sugar(), tc.service) + if tc.err != nil && err == nil { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) } - if !reflect.DeepEqual(result, tc.expected) { - t.Errorf("Expected Security List Mode \n%+v\nbut got\n%+v", tc.expected, result) + if err != nil && tc.err == nil { + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) } - if !reflect.DeepEqual(nsg, tc.nsg) { - t.Errorf("Expected Nsg values \n%+v\nbut got\n%+v", tc.nsg, nsg) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) } + if enable != tc.expectedBool { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedBool, enable) + } + }) } } -func Test_getBackendNetworkSecurityGroups(t *testing.T) { - testCases := map[string]struct { - service *v1.Service - nsgList []string - err error - }{ - "empty ServiceAnnotationLoadBalancerNetworkSecurityGroups annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationBackendSecurityRuleManagement: "", - }, +var getLBShapeTestCases = []struct { + name string + existingLb *client.GenericLoadBalancer + service *v1.Service + expectedShape string + expectedMinBandwidth int + expectedMaxBandwidth int + expectedError error +}{ + { + "default spec, no existing LB", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{}, + }, + }, + "100Mbps", + 0, + 0, + nil, + }, + { + "flexible spec, no existing LB", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "1", + ServiceAnnotationLoadBalancerShapeFlexMax: "10000000", }, }, - nsgList: []string{}, - err: nil, }, - "no ServiceAnnotationBackendSecurityRuleManagement annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + "flexible", + 10, + 8192, + nil, + }, + { + "default shape in spec, existing LB converted to flexible", + &client.GenericLoadBalancer{ + ShapeName: common.String("flexible"), + ShapeDetails: &client.GenericShapeDetails{ + MinimumBandwidthInMbps: common.Int(12), + MaximumBandwidthInMbps: common.Int(13), + }, + }, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{}, + }, + }, + "flexible", + 12, + 13, + nil, + }, + { + "bad flexible spec", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "1AB", + ServiceAnnotationLoadBalancerShapeFlexMax: "2AB", + }, + }, + }, + "", + 10, + 8192, + errors.New("invalid format for service.beta.kubernetes.io/oci-load-balancer-shape-flex-min annotation : 1AB"), + }, + { + "bad flexible max bandwidth", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "10", + ServiceAnnotationLoadBalancerShapeFlexMax: "2AB", }, }, - nsgList: []string{}, - err: nil, }, - "ServiceAnnotationBackendSecurityRuleManagement update annotation": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationBackendSecurityRuleManagement: "ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - }, + "", + 10, + 0, + errors.New("invalid format for service.beta.kubernetes.io/oci-load-balancer-shape-flex-max annotation : 2AB"), + }, + { + "flexible max bandwidth lower than min bandwidth", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "100", + ServiceAnnotationLoadBalancerShapeFlexMax: "10", }, }, - nsgList: []string{"ocid1.networksecuritygroup.oc1.iad.aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"}, - err: nil, }, - "ServiceAnnotationBackendSecurityRuleManagement more than 5": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationBackendSecurityRuleManagement: "ocid1,ocid2,ocid3,ocid4,ocid5,ocid6", - }, + "flexible", + 100, + 100, + nil, + }, + { + "bad flexible min and max bandwidth", + nil, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "100000", + ServiceAnnotationLoadBalancerShapeFlexMax: "1", }, }, - nsgList: []string{"ocid1", "ocid2", "ocid3", "ocid4", "ocid5", "ocid6"}, - err: nil, }, - "ServiceAnnotationBackendSecurityRuleManagement duplicate NSG OCIDS": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationBackendSecurityRuleManagement: "ocid1,ocid2, ocid1", - }, - }, + "flexible", + 8192, + 8192, + nil, + }, + { + "existing LB converted to flex outside of OKE", + &client.GenericLoadBalancer{ + ShapeName: common.String("flexible"), + ShapeDetails: &client.GenericShapeDetails{ + MinimumBandwidthInMbps: common.Int(10), + MaximumBandwidthInMbps: common.Int(100), }, - nsgList: []string{"ocid1", "ocid2"}, - err: nil, }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - nsgList, err := getManagedBackendNSG(tc.service) - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected NSG List error\n%+v\nbut got\n%+v", tc.err, err) - } - if !reflect.DeepEqual(nsgList, tc.nsgList) { - t.Errorf("Expected NSG List\n%+v\nbut got\n%+v", tc.nsgList, nsgList) - } - }) - } -} - -func Test_validateService(t *testing.T) { - testCases := map[string]struct { - service *v1.Service - err error - }{ - "defaults": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, - }, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{}, }, - err: nil, }, - "nlb invalid seclist mgmt mode": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "Neither", - }, - }, + "flexible", + 10, + 100, + nil, + }, + { + "existing LB converted to flex outside of OKE, but dynamic shape annotation still present", + &client.GenericLoadBalancer{ + ShapeName: common.String("flexible"), + ShapeDetails: &client.GenericShapeDetails{ + MinimumBandwidthInMbps: common.Int(10), + MaximumBandwidthInMbps: common.Int(100), }, - err: fmt.Errorf("invalid value: Neither provided for annotation: oci-network-load-balancer.oraclecloud.com/security-list-management-mode"), }, - "lb with protocol udp": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolUDP, - Port: int32(67), - }, - }, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "100Mbps", }, }, - err: fmt.Errorf("OCI load balancers do not support UDP"), }, - "nlb udp with seclist mgmt not None": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolUDP, - Port: int32(67), - }, - }, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", - }, - }, + "100Mbps", + 0, + 0, + nil, + }, + { + "existing LB converted to flex outside of OKE, but flexible annotations have different value", + &client.GenericLoadBalancer{ + ShapeName: common.String("flexible"), + ShapeDetails: &client.GenericShapeDetails{ + MinimumBandwidthInMbps: common.Int(10), + MaximumBandwidthInMbps: common.Int(100), }, - err: fmt.Errorf("Security list management mode can only be 'None' for UDP protocol"), }, - "session affinity not none": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityClientIP, - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolUDP, - Port: int32(67), - }, - }, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "None", - }, + &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: "kube-system", + Name: "testservice", + UID: "test-uid", + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerShape: "flexible", + ServiceAnnotationLoadBalancerShapeFlexMin: "100", + ServiceAnnotationLoadBalancerShapeFlexMax: "200", }, }, - err: fmt.Errorf("OCI only supports SessionAffinity \"None\" currently"), }, - } - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - err := validateService(tc.service) - if tc.err != nil && err == nil { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && tc.err == nil { - t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) - } - }) + "flexible", + 100, + 200, + nil, + }, +} + +func Test_getLBShape(t *testing.T) { + for _, tc := range getLBShapeTestCases { + actualShapeName, minBandwidth, maxBandwidth, err := getLBShape(tc.service, tc.existingLb) + if actualShapeName != tc.expectedShape { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedShape, actualShapeName) + } + if minBandwidth != nil && *minBandwidth != tc.expectedMinBandwidth { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedMinBandwidth, minBandwidth) + } + if maxBandwidth != nil && *maxBandwidth != tc.expectedMaxBandwidth { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedMaxBandwidth, maxBandwidth) + } + if err != nil && err.Error() != tc.expectedError.Error() { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedError, err) + } } } -func Test_getListenersNetworkLoadBalancer(t *testing.T) { - testOneListenerName := "TCP_AND_UDP-67" - testOneBackendSetName := "TCP_AND_UDP-67" - testOneProtocol := "TCP_AND_UDP" - testOnePort := 67 - - testTwoListenerNameOne := "TCP-67" - testTwoBackendSetNameOne := "TCP-67" - testTwoProtocolOne := "TCP" - testTwoPortOne := 67 - - testTwoListenerNameTwo := "UDP-68" - testTwoBackendSetNameTwo := "UDP-68" - testTwoProtocolTwo := "UDP" - testTwoPortTwo := 68 - - testThreeListenerName := "TCP-67" - testThreeBackendSetName := "TCP-67" - testThreeProtocol := "TCP" - testThreePort := 67 - - testFourListenerName := "UDP-67" - testFourBackendSetName := "UDP-67" - testFourProtocol := "UDP" - testFourPort := 67 - +func Test_getBackendSetNamePortMap(t *testing.T) { testCases := map[string]struct { - service *v1.Service - wantListeners map[string]client.GenericListener - err error + in *v1.Service + out map[string]v1.ServicePort }{ - "NLB_with_mixed_protocol_on_same_port": { - service: &v1.Service{ + "single port": { + in: &v1.Service{ Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: int32(67), - }, - { - Protocol: v1.ProtocolUDP, - Port: int32(67), + Port: 80, }, }, }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, - }, }, - wantListeners: map[string]client.GenericListener{ - "TCP_AND_UDP-67": { - Name: &testOneListenerName, - DefaultBackendSetName: common.String(testOneBackendSetName), - Protocol: &testOneProtocol, - Port: &testOnePort, + out: map[string]v1.ServicePort{ + "TCP-80": { + Protocol: v1.ProtocolTCP, + Port: 80, }, }, - err: nil, }, - "NLB_with_mixed_protocol_on_different_port": { - service: &v1.Service{ + "multiple ports": { + in: &v1.Service{ Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: int32(67), + Port: 80, }, { - Protocol: v1.ProtocolUDP, - Port: int32(68), + Protocol: v1.ProtocolTCP, + Port: 81, }, }, }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, - }, }, - wantListeners: map[string]client.GenericListener{ - "TCP-67": { - Name: &testTwoListenerNameOne, - DefaultBackendSetName: common.String(testTwoBackendSetNameOne), - Protocol: &testTwoProtocolOne, - Port: &testTwoPortOne, + out: map[string]v1.ServicePort{ + "TCP-80": { + Protocol: v1.ProtocolTCP, + Port: 80, }, - "UDP-68": { - Name: &testTwoListenerNameTwo, - DefaultBackendSetName: common.String(testTwoBackendSetNameTwo), - Protocol: &testTwoProtocolTwo, - Port: &testTwoPortTwo, + "TCP-81": { + Protocol: v1.ProtocolTCP, + Port: 81, }, }, - err: nil, }, - "NLB_with_only_TCP_protocol": { - service: &v1.Service{ + "multiple ports with different protocols": { + in: &v1.Service{ Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: int32(67), + Port: 80, + }, + { + Protocol: v1.ProtocolUDP, + Port: 81, }, - }, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - wantListeners: map[string]client.GenericListener{ - "TCP-67": { - Name: &testThreeListenerName, - DefaultBackendSetName: common.String(testThreeBackendSetName), - Protocol: &testThreeProtocol, - Port: &testThreePort, + out: map[string]v1.ServicePort{ + "TCP-80": { + Protocol: v1.ProtocolTCP, + Port: 80, + }, + "UDP-81": { + Protocol: v1.ProtocolUDP, + Port: 81, }, }, - err: nil, }, - "NLB_with_only_UDP_protocol": { - service: &v1.Service{ + "multiple ports with mixed protocols": { + in: &v1.Service{ Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: 80, + }, { Protocol: v1.ProtocolUDP, - Port: int32(67), + Port: 81, + }, + { + Protocol: v1.ProtocolTCP, + Port: 82, + }, + { + Protocol: v1.ProtocolUDP, + Port: 82, }, - }, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - wantListeners: map[string]client.GenericListener{ - "UDP-67": { - Name: &testFourListenerName, - DefaultBackendSetName: common.String(testFourBackendSetName), - Protocol: &testFourProtocol, - Port: &testFourPort, + out: map[string]v1.ServicePort{ + "TCP-80": { + Protocol: v1.ProtocolTCP, + Port: 80, + }, + "UDP-81": { + Protocol: v1.ProtocolUDP, + Port: 81, + }, + "TCP_AND_UDP-82": { + Protocol: v1.ProtocolTCP, + Port: 82, }, }, - err: nil, }, } + for name, tc := range testCases { t.Run(name, func(t *testing.T) { - gotListeners, err := getListenersNetworkLoadBalancer(tc.service) - if tc.err != nil && err == nil { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && tc.err == nil { - t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) - } - if len(gotListeners) != len(tc.wantListeners) { - t.Errorf("Number of excpected listeners \n%+v\nbut got\n%+v", len(tc.wantListeners), len(gotListeners)) - } - if len(gotListeners) != 0 { - for name, listener := range tc.wantListeners { - gotListener, ok := gotListeners[name] - if !ok { - t.Errorf("Expected listener with name \n%+v\nbut listener not present", *listener.Name) - } - if *gotListener.Name != *listener.Name { - t.Errorf("Expected listener name \n%+v\nbut got listener name \n%+v", *listener.Name, *gotListener.Name) - } - if *gotListener.DefaultBackendSetName != *listener.DefaultBackendSetName { - t.Errorf("Expected default backend set name \n%+v\nbut got default backend set name \n%+v", *listener.DefaultBackendSetName, *gotListener.DefaultBackendSetName) - } - if *gotListener.Protocol != *listener.Protocol { - t.Errorf("Expected protocol \n%+v\nbut got protocol \n%+v", *listener.Protocol, *gotListener.Protocol) - } - if *gotListener.Port != *listener.Port { - t.Errorf("Expected port number \n%+v\nbut got port number \n%+v", *listener.Port, *gotListener.Port) - } - } + ipFamilies := []v1.IPFamily{v1.IPFamily(IPv4)} + tc.in.Spec.IPFamilies = ipFamilies + got := getBackendSetNamePortMap(tc.in) + if !reflect.DeepEqual(got, tc.out) { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.out, got) } }) } } -func Test_getPreserveSourceDestination(t *testing.T) { +func Test_getOciLoadBalancerSubnets(t *testing.T) { testCases := map[string]struct { - service *v1.Service - expectedBool bool - err error + defaultSubnetOne string + defaultSubnetTwo string + service *v1.Service + expectedErrMsg string + subnets []string }{ - "oci LB default": { + "empty subnets": { service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{}, }, }, - expectedBool: false, - err: nil, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "oci LB, externalTrafficPolicy Local": { + "empty strings for subnets": { + defaultSubnetOne: "", + defaultSubnetTwo: "", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{}, }, }, - expectedBool: false, - err: nil, - }, - "oci NLB default": { - service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, - }, - }, - expectedBool: false, - err: nil, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "oci NLB, externalTrafficPolicy Local": { + "empty string for subnet1 annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "annotation-two", }, }, }, - expectedBool: true, - err: nil, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "oci NLB, externalTrafficPolicy Local, disabled by annotation": { + "default string for cloud config subnet2": { + defaultSubnetOne: "", + defaultSubnetTwo: "random", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "false", + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "", }, }, }, - expectedBool: false, - err: nil, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "oci NLB, externalTrafficPolicy Local, enabled via annotation": { + "regional string for subnet2 annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "true", + ServiceAnnotationLoadBalancerSubnet1: "", + ServiceAnnotationLoadBalancerSubnet2: "", }, }, }, - expectedBool: true, - err: nil, + expectedErrMsg: "a subnet must be specified for creating a load balancer", }, - "oci NLB, externalTrafficPolicy Local, bad annotation value": { + "subnets passed via cloud config": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeLocal, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{}, }, + }, + subnets: []string{"one", "two"}, + }, + "subnets passed via annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "disable", + ServiceAnnotationLoadBalancerSubnet1: "annotation-one", + ServiceAnnotationLoadBalancerSubnet2: "annotation-two", }, }, }, - expectedBool: false, - err: fmt.Errorf("failed to to parse oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation value - disable"), + subnets: []string{"annotation-one", "annotation-two"}, }, - "oci NLB, externalTrafficPolicy Cluster, enabled via annotation": { + "regional subnet passed via subnet1 annotation": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "true", + ServiceAnnotationLoadBalancerSubnet1: "regional-subnet", + ServiceAnnotationLoadBalancerSubnet2: "annotation-two", }, }, }, - expectedBool: false, - err: fmt.Errorf("oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation cannot be set when externalTrafficPolicy is set to Cluster"), + subnets: []string{"regional-subnet"}, }, - "oci NLB, externalTrafficPolicy Cluster, disabled via annotation": { + "regional subnet passed via subnet2 annotation": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", service: &v1.Service{ - Spec: v1.ServiceSpec{ - SessionAffinity: v1.ServiceAffinityNone, - ExternalTrafficPolicy: v1.ServiceExternalTrafficPolicyTypeCluster, - }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "false", + ServiceAnnotationLoadBalancerSubnet1: "annotation-one", + ServiceAnnotationLoadBalancerSubnet2: "regional-subnet", }, }, }, - expectedBool: false, - err: fmt.Errorf("oci-network-load-balancer.oraclecloud.com/is-preserve-source annotation cannot be set when externalTrafficPolicy is set to Cluster"), + subnets: []string{"regional-subnet"}, }, } + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + } + for name, tc := range testCases { logger := zap.L() t.Run(name, func(t *testing.T) { - enable, err := getPreserveSource(logger.Sugar(), tc.service) - if tc.err != nil && err == nil { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) - } - if err != nil && tc.err == nil { - t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) + cp.config = &providercfg.Config{ + LoadBalancer: &providercfg.LoadBalancerConfig{ + Subnet1: tc.defaultSubnetOne, + Subnet2: tc.defaultSubnetTwo, + }, } - if err != nil && err.Error() != tc.err.Error() { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) + subnets, err := cp.getOciLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) + if !reflect.DeepEqual(subnets, tc.subnets) { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.subnets, subnets) } - if enable != tc.expectedBool { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedBool, enable) + if err != nil && err.Error() != tc.expectedErrMsg { + t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) } - }) } } -var getLBShapeTestCases = []struct { - name string - existingLb *client.GenericLoadBalancer - service *v1.Service - expectedShape string - expectedMinBandwidth int - expectedMaxBandwidth int - expectedError error -}{ - { - "default spec, no existing LB", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{}, - }, - }, - "100Mbps", - 0, - 0, - nil, - }, - { - "flexible spec, no existing LB", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "1", - ServiceAnnotationLoadBalancerShapeFlexMax: "10000000", - }, - }, - }, - "flexible", - 10, - 8192, - nil, - }, - { - "default shape in spec, existing LB converted to flexible", - &client.GenericLoadBalancer{ - ShapeName: common.String("flexible"), - ShapeDetails: &client.GenericShapeDetails{ - MinimumBandwidthInMbps: common.Int(12), - MaximumBandwidthInMbps: common.Int(13), - }, - }, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{}, - }, - }, - "flexible", - 12, - 13, - nil, - }, - { - "bad flexible spec", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "1AB", - ServiceAnnotationLoadBalancerShapeFlexMax: "2AB", +func Test_getNetworkLoadbalancerSubnets(t *testing.T) { + testCases := map[string]struct { + defaultSubnetOne string + defaultSubnetTwo string + service *v1.Service + expectedErrMsg string + subnets []string + }{ + "empty subnets": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, + expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "", - 10, - 8192, - errors.New("invalid format for service.beta.kubernetes.io/oci-load-balancer-shape-flex-min annotation : 1AB"), - }, - { - "bad flexible max bandwidth", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "10", - ServiceAnnotationLoadBalancerShapeFlexMax: "2AB", + "empty strings for subnets": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, + expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "", - 10, - 0, - errors.New("invalid format for service.beta.kubernetes.io/oci-load-balancer-shape-flex-max annotation : 2AB"), - }, - { - "flexible max bandwidth lower than min bandwidth", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "100", - ServiceAnnotationLoadBalancerShapeFlexMax: "10", + "empty string for nlb subnet annotation": { + defaultSubnetOne: "", + defaultSubnetTwo: "", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSubnet: "", + }, }, }, + expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "flexible", - 100, - 100, - nil, - }, - { - "bad flexible min and max bandwidth", - nil, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "100000", - ServiceAnnotationLoadBalancerShapeFlexMax: "1", + "default string for cloud config subnet2": { + defaultSubnetOne: "", + defaultSubnetTwo: "random", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, + expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "flexible", - 8192, - 8192, - nil, - }, - { - "existing LB converted to flex outside of OKE", - &client.GenericLoadBalancer{ - ShapeName: common.String("flexible"), - ShapeDetails: &client.GenericShapeDetails{ - MinimumBandwidthInMbps: common.Int(10), - MaximumBandwidthInMbps: common.Int(100), + "subnet for nlb annotation": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + ServiceAnnotationNetworkLoadBalancerSubnet: "annotation-one", + }, + }, }, + subnets: []string{"annotation-one"}, }, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{}, + "subnets passed via cloud config": { + defaultSubnetOne: "one", + defaultSubnetTwo: "two", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, }, + subnets: []string{"one"}, }, - "flexible", - 10, - 100, - nil, - }, - { - "existing LB converted to flex outside of OKE, but dynamic shape annotation still present", - &client.GenericLoadBalancer{ - ShapeName: common.String("flexible"), - ShapeDetails: &client.GenericShapeDetails{ - MinimumBandwidthInMbps: common.Int(10), - MaximumBandwidthInMbps: common.Int(100), + "subnets passed via annotation": { + defaultSubnetOne: "one", + defaultSubnetTwo: "", + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, }, + subnets: []string{"one"}, }, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "100Mbps", + } + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + } + + for name, tc := range testCases { + logger := zap.L() + t.Run(name, func(t *testing.T) { + cp.config = &providercfg.Config{ + LoadBalancer: &providercfg.LoadBalancerConfig{ + Subnet1: tc.defaultSubnetOne, + Subnet2: tc.defaultSubnetTwo, }, - }, + } + subnets, err := cp.getNetworkLoadbalancerSubnets(context.Background(), logger.Sugar(), tc.service) + if !reflect.DeepEqual(subnets, tc.subnets) { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.subnets, subnets) + } + if err != nil && err.Error() != tc.expectedErrMsg { + t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) + } + }) + } +} + +func Test_getResourceTrackingSysTagsFromConfig(t *testing.T) { + tests := map[string]struct { + initialTags *providercfg.InitialTags + wantTag map[string]map[string]interface{} + }{ + "expect an empty system tag when has no common tags": { + initialTags: &providercfg.InitialTags{}, + wantTag: nil, }, - "100Mbps", - 0, - 0, - nil, - }, - { - "existing LB converted to flex outside of OKE, but flexible annotations have different value", - &client.GenericLoadBalancer{ - ShapeName: common.String("flexible"), - ShapeDetails: &client.GenericShapeDetails{ - MinimumBandwidthInMbps: common.Int(10), - MaximumBandwidthInMbps: common.Int(100), + "expect an empty system tag when resource tracking tags are not in common tags": { + initialTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"ns": {"key": "val"}}, + }, + Common: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"orcl-not-a-tracking-tag": {"Cluster": "ocid1.cluster.aa..."}}, + }, }, + wantTag: nil, }, - &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Namespace: "kube-system", - Name: "testservice", - UID: "test-uid", - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerShape: "flexible", - ServiceAnnotationLoadBalancerShapeFlexMin: "100", - ServiceAnnotationLoadBalancerShapeFlexMax: "200", + "extract tracking system tag from config": { + initialTags: &providercfg.InitialTags{ + LoadBalancer: &providercfg.TagConfig{ + DefinedTags: map[string]map[string]interface{}{"ns": {"key": "val"}}, + }, + Common: &providercfg.TagConfig{ + FreeformTags: map[string]string{"Cluster": "ocid1.cluster.aa..."}, + DefinedTags: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "ocid1.cluster.aa..."}}, }, }, + wantTag: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "ocid1.cluster.aa..."}}, }, - "flexible", - 100, - 200, - nil, - }, + } + for name, test := range tests { + t.Run(name, func(t *testing.T) { + tag := getResourceTrackingSystemTagsFromConfig(zap.S(), test.initialTags) + t.Logf("%#v", tag) + if !reflect.DeepEqual(test.wantTag, tag) { + t.Errorf("wanted %v but got %v", test.wantTag, tag) + } + }) + } } -func Test_getLBShape(t *testing.T) { - for _, tc := range getLBShapeTestCases { - actualShapeName, minBandwidth, maxBandwidth, err := getLBShape(tc.service, tc.existingLb) - if actualShapeName != tc.expectedShape { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedShape, actualShapeName) - } - if minBandwidth != nil && *minBandwidth != tc.expectedMinBandwidth { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedMinBandwidth, minBandwidth) - } - if maxBandwidth != nil && *maxBandwidth != tc.expectedMaxBandwidth { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedMaxBandwidth, maxBandwidth) - } - if err != nil && err.Error() != tc.expectedError.Error() { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.expectedError, err) - } +func Test_getRequireIpVersions(t *testing.T) { + + testCases := map[string]struct { + listenerBackendSetIpVersion []string + requireIPv6 bool + requireIPv4 bool + }{ + "IPv4": { + listenerBackendSetIpVersion: []string{IPv4}, + requireIPv4: true, + requireIPv6: false, + }, + "IPv6": { + listenerBackendSetIpVersion: []string{IPv6}, + requireIPv4: false, + requireIPv6: true, + }, + "IPv4 and IPv6": { + listenerBackendSetIpVersion: []string{IPv4, IPv6}, + requireIPv4: true, + requireIPv6: true, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + requireIPv4, requireIPv6 := getRequireIpVersions(tc.listenerBackendSetIpVersion) + if requireIPv6 != tc.requireIPv6 { + t.Errorf("Expected requireIPv6:%+v\nbut requireIPv6:%+v", tc.requireIPv6, requireIPv6) + } + if requireIPv4 != tc.requireIPv4 { + t.Errorf("Expected requireIPv4:%+v\nbut got requireIPv4:%+v", tc.requireIPv4, requireIPv4) + } + }) } } -func Test_getBackendSetNamePortMap(t *testing.T) { +func Test_getBackendSets(t *testing.T) { + testThreeBackendSetNameIPv6 := "TCP-67-IPv6" + testThreeBackendSetNameIPv4 := "TCP-67" + testCases := map[string]struct { - in *v1.Service - out map[string]v1.ServicePort + service *v1.Service + provisionedNodes []*v1.Node + virtualPods []*v1.Pod + sslCfg *SSLConfig + isPreserveSource bool + listenerBackendIpVersion []string + wantBackendSets map[string]client.GenericBackendSetDetails + err error }{ - "single port": { - in: &v1.Service{ + "IpFamilies IPv4 ListenerBackendSetIpVersion IPv4": { + service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, + }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + }, + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + virtualPods: []*v1.Pod{}, + sslCfg: nil, + listenerBackendIpVersion: []string{IPv4}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67": { + Name: &testThreeBackendSetNameIPv4, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("10.0.0.1"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("10.0.0.2"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv4), + IsPreserveSource: common.Bool(false), + }, + }, + err: nil, + }, + "IpFamilies IPv4IPv6 ListenerBackendSetIpVersion IPv4": { + service: &v1.Service{ Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: 80, + Port: int32(67), + NodePort: 36667, }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, }, - }, - out: map[string]v1.ServicePort{ - "TCP-80": { - Protocol: v1.ProtocolTCP, - Port: 80, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, - }, - "multiple ports": { - in: &v1.Service{ - Spec: v1.ServiceSpec{ - Ports: []v1.ServicePort{ - { - Protocol: v1.ProtocolTCP, - Port: 80, + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, }, - { - Protocol: v1.ProtocolTCP, - Port: 81, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, }, - out: map[string]v1.ServicePort{ - "TCP-80": { - Protocol: v1.ProtocolTCP, - Port: 80, - }, - "TCP-81": { - Protocol: v1.ProtocolTCP, - Port: 81, + virtualPods: []*v1.Pod{}, + sslCfg: nil, + listenerBackendIpVersion: []string{IPv4}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67": { + Name: &testThreeBackendSetNameIPv4, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("10.0.0.1"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("10.0.0.2"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv4), + IsPreserveSource: common.Bool(false), }, }, + err: nil, }, - "multiple ports with different protocols": { - in: &v1.Service{ + "IpFamilies IPv4IPv6 ListenerBackendSetIpVersion IPv6": { + service: &v1.Service{ Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: 80, - }, - { - Protocol: v1.ProtocolUDP, - Port: 81, + Port: int32(67), + NodePort: 36667, }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, }, - }, - out: map[string]v1.ServicePort{ - "TCP-80": { - Protocol: v1.ProtocolTCP, - Port: 80, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, - "UDP-81": { - Protocol: v1.ProtocolUDP, - Port: 81, + }, + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + virtualPods: []*v1.Pod{}, + sslCfg: nil, + listenerBackendIpVersion: []string{IPv6}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67-IPv6": { + Name: &testThreeBackendSetNameIPv6, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), Port: common.Int(36667), Weight: common.Int(1)}, + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:1300"), Port: common.Int(36667), Weight: common.Int(1)}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv6), + IsPreserveSource: common.Bool(false), }, }, + err: nil, }, - "multiple ports with mixed protocols": { - in: &v1.Service{ + "IpFamilies IPv4IPv6 ListenerBackendSetIpVersion IPv4IPv6": { + service: &v1.Service{ Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, Ports: []v1.ServicePort{ { Protocol: v1.ProtocolTCP, - Port: 80, - }, - { - Protocol: v1.ProtocolUDP, - Port: 81, - }, - { - Protocol: v1.ProtocolTCP, - Port: 82, - }, - { - Protocol: v1.ProtocolUDP, - Port: 82, + Port: int32(67), + NodePort: 36667, }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, }, - }, - out: map[string]v1.ServicePort{ - "TCP-80": { - Protocol: v1.ProtocolTCP, - Port: 80, - }, - "UDP-81": { - Protocol: v1.ProtocolUDP, - Port: 81, - }, - "TCP_AND_UDP-82": { - Protocol: v1.ProtocolTCP, - Port: 82, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, }, }, - }, - } - - for name, tc := range testCases { - t.Run(name, func(t *testing.T) { - got := getBackendSetNamePortMap(tc.in) - if !reflect.DeepEqual(got, tc.out) { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.out, got) - } - }) - } -} - -func Test_getOciLoadBalancerSubnets(t *testing.T) { - testCases := map[string]struct { - defaultSubnetOne string - defaultSubnetTwo string - service *v1.Service - expectedErrMsg string - subnets []string - }{ - "empty subnets": { - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, }, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "empty strings for subnets": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + virtualPods: []*v1.Pod{}, + sslCfg: nil, + listenerBackendIpVersion: []string{IPv4, IPv6}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67": { + Name: &testThreeBackendSetNameIPv4, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("10.0.0.1"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("10.0.0.2"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv4), + IsPreserveSource: common.Bool(false), + }, + "TCP-67-IPv6": { + Name: &testThreeBackendSetNameIPv6, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), Port: common.Int(36667), Weight: common.Int(1)}, + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:1300"), Port: common.Int(36667), Weight: common.Int(1)}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv6), + IsPreserveSource: common.Bool(false), }, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", + err: nil, }, - "empty string for subnet1 annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", + "IpFamilies IPv6 ListenerBackendSetIpVersion IPv6": { service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "annotation-two", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, }, - }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "default string for cloud config subnet2": { - defaultSubnetOne: "", - defaultSubnetTwo: "random", - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "", + ServiceAnnotationLoadBalancerType: "nlb", }, }, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", - }, - "regional string for subnet2 annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "", - ServiceAnnotationLoadBalancerSubnet2: "", + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + virtualPods: []*v1.Pod{}, + sslCfg: nil, + listenerBackendIpVersion: []string{IPv6}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67-IPv6": { + Name: &testThreeBackendSetNameIPv6, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(false), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), Port: common.Int(36667), Weight: common.Int(1)}, + {IpAddress: common.String("2001:0000:130F:0000:0000:09C0:876A:1300"), Port: common.Int(36667), Weight: common.Int(1)}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: nil, + IpVersion: GenericIpVersion(client.GenericIPv6), + IsPreserveSource: common.Bool(false), }, }, - expectedErrMsg: "a subnet must be specified for creating a load balancer", + err: nil, }, - "subnets passed via cloud config": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", + "IpFamilies IPv4 BackendSet cipher suite configuration": { service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{}, + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, + }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, }, - }, - subnets: []string{"one", "two"}, - }, - "subnets passed via annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "annotation-one", - ServiceAnnotationLoadBalancerSubnet2: "annotation-two", + ServiceAnnotationLoadbalancerBackendSetSSLConfig: `{"CipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "Protocols": ["TLSv1.2"]}`, + ServiceAnnotationLoadBalancerTLSBackendSetSecret: "example", }, }, }, - subnets: []string{"annotation-one", "annotation-two"}, - }, - "regional subnet passed via subnet1 annotation": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "regional-subnet", - ServiceAnnotationLoadBalancerSubnet2: "annotation-two", + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, }, }, }, - subnets: []string{"regional-subnet"}, + virtualPods: []*v1.Pod{}, + sslCfg: &SSLConfig{ + Ports: sets.NewInt(67), + ListenerSSLSecretName: listenerSecret, + BackendSetSSLSecretName: backendSecret, + }, + listenerBackendIpVersion: []string{IPv4}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67": { + Name: &testThreeBackendSetNameIPv4, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(true), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("10.0.0.1"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("10.0.0.2"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: &client.GenericSslConfigurationDetails{ + VerifyDepth: common.Int(0), + VerifyPeerCertificate: common.Bool(false), + CertificateName: common.String(backendSecret), + CipherSuiteName: common.String("oci-default-http2-ssl-cipher-suite-v1"), + Protocols: []string{"TLSv1.2"}, + }, + IpVersion: GenericIpVersion(client.GenericIPv4), + IsPreserveSource: common.Bool(false), + }, + }, + err: nil, }, - "regional subnet passed via subnet2 annotation": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", + "IpFamilies IPv4 BackendSet protocols is null ": { service: &v1.Service{ + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, + }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ - ServiceAnnotationLoadBalancerSubnet1: "annotation-one", - ServiceAnnotationLoadBalancerSubnet2: "regional-subnet", + ServiceAnnotationLoadbalancerBackendSetSSLConfig: `{"cipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "protocols": ["TLSv1.2"]}`, + ServiceAnnotationLoadBalancerTLSBackendSetSecret: "example", }, }, }, - subnets: []string{"regional-subnet"}, + provisionedNodes: []*v1.Node{ + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:130B", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "2001:0000:130F:0000:0000:09C0:876A:1300", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.1", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + { + TypeMeta: metav1.TypeMeta{}, + ObjectMeta: metav1.ObjectMeta{}, + Spec: v1.NodeSpec{ + ProviderID: testNodeString, + }, + Status: v1.NodeStatus{ + Capacity: nil, + Allocatable: nil, + Phase: "", + Conditions: nil, + Addresses: []v1.NodeAddress{ + { + Address: "10.0.0.2", + Type: "InternalIP", + }, + }, + DaemonEndpoints: v1.NodeDaemonEndpoints{}, + NodeInfo: v1.NodeSystemInfo{}, + Images: nil, + VolumesInUse: nil, + VolumesAttached: nil, + Config: nil, + }, + }, + }, + virtualPods: []*v1.Pod{}, + sslCfg: &SSLConfig{ + Ports: sets.NewInt(67), + ListenerSSLSecretName: listenerSecret, + BackendSetSSLSecretName: backendSecret, + }, + listenerBackendIpVersion: []string{IPv4}, + wantBackendSets: map[string]client.GenericBackendSetDetails{ + "TCP-67": { + Name: &testThreeBackendSetNameIPv4, + Policy: common.String("FIVE_TUPLE"), + HealthChecker: &client.GenericHealthChecker{ + Protocol: "HTTP", + IsForcePlainText: common.Bool(true), + Port: common.Int(10256), + UrlPath: common.String("/healthz"), + Retries: common.Int(3), + TimeoutInMillis: common.Int(3000), + IntervalInMillis: common.Int(10000), + ReturnCode: common.Int(http.StatusOK), + }, + Backends: []client.GenericBackend{ + {IpAddress: common.String("10.0.0.1"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + {IpAddress: common.String("10.0.0.2"), Port: common.Int(36667), Weight: common.Int(1), TargetId: &testNodeString}, + }, + SessionPersistenceConfiguration: nil, + SslConfiguration: &client.GenericSslConfigurationDetails{ + VerifyDepth: common.Int(0), + VerifyPeerCertificate: common.Bool(false), + CertificateName: common.String(backendSecret), + CipherSuiteName: common.String("oci-default-http2-ssl-cipher-suite-v1"), + Protocols: []string{"TLSv1.2"}, + }, + IpVersion: GenericIpVersion(client.GenericIPv4), + IsPreserveSource: common.Bool(false), + }, + }, + err: nil, }, } - cp := &CloudProvider{ - client: MockOCIClient{}, - config: &providercfg.Config{CompartmentID: "testCompartment"}, - } - for name, tc := range testCases { logger := zap.L() t.Run(name, func(t *testing.T) { - cp.config = &providercfg.Config{ - LoadBalancer: &providercfg.LoadBalancerConfig{ - Subnet1: tc.defaultSubnetOne, - Subnet2: tc.defaultSubnetTwo, - }, + gotBackendSets, err := getBackendSets(logger.Sugar(), tc.service, tc.provisionedNodes, tc.sslCfg, tc.isPreserveSource, tc.listenerBackendIpVersion) + if tc.err != nil && err == nil { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) } - subnets, err := cp.getOciLoadBalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if !reflect.DeepEqual(subnets, tc.subnets) { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.subnets, subnets) + if err != nil && tc.err == nil { + t.Errorf("Error: expected\n%+v\nbut got\n%+v", tc.err, err) } - if err != nil && err.Error() != tc.expectedErrMsg { - t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) + if err != nil && err.Error() != tc.err.Error() { + t.Errorf("Expected \n%+v\nbut got\n%+v", tc.err, err) + } + if len(gotBackendSets) != len(tc.wantBackendSets) { + t.Errorf("Number of excpected listeners \n%+v\nbut got\n%+v", len(tc.wantBackendSets), len(gotBackendSets)) + } + if len(gotBackendSets) != 0 { + for name, backendSetDetails := range tc.wantBackendSets { + gotBackendSet, ok := gotBackendSets[name] + if !ok { + t.Errorf("Expected backendSetDetails with name \n%+v\nbut backendSetDetails not present", *backendSetDetails.Name) + } + if *gotBackendSet.Name != *backendSetDetails.Name { + t.Errorf("Expected backendSetDetails name \n%+v\nbut got backendSetDetails name \n%+v", *backendSetDetails.Name, *gotBackendSet.Name) + } + if *gotBackendSet.IpVersion != *backendSetDetails.IpVersion { + t.Errorf("Expected backendSetDetails IpVersion \n%+v\nbut got backendSetDetails IpVersion \n%+v", *backendSetDetails.IpVersion, *gotBackendSet.IpVersion) + } + if !reflect.DeepEqual(backendSetDetails.Backends, gotBackendSet.Backends) { + t.Errorf("Expected backendSetDetails backends \n%+v\nbut got backendSetDetails backends \n%+v", backendSetDetails.Backends, gotBackendSet.Backends) + } + if !reflect.DeepEqual(backendSetDetails.HealthChecker, gotBackendSet.HealthChecker) { + want, _ := json.Marshal(backendSetDetails.HealthChecker) + got, _ := json.Marshal(gotBackendSet.HealthChecker) + t.Errorf("backendSetDetails HealthChecker failed want: %s \n got: %s \n", want, got) + } + if !reflect.DeepEqual(backendSetDetails.SslConfiguration, gotBackendSet.SslConfiguration) { + want, _ := json.Marshal(backendSetDetails.SslConfiguration) + got, _ := json.Marshal(gotBackendSet.SslConfiguration) + t.Errorf("backendSetDetails SslConfiguration failed want: %s \n got: %s \n", want, got) + } + } } }) } } -func Test_getNetworkLoadbalancerSubnets(t *testing.T) { - testCases := map[string]struct { - defaultSubnetOne string - defaultSubnetTwo string - service *v1.Service - expectedErrMsg string - subnets []string +func Test_getPorts(t *testing.T) { + var tests = []struct { + name string + service *v1.Service + ipVersions []string + err error + ports map[string]portSpec }{ - "empty subnets": { + { + name: "IpFamilies IPv4 ListenerBackendSetIpVersion IPv4", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, }, }, - expectedErrMsg: "a subnet must be specified for a network load balancer", - }, - "empty strings for subnets": { - defaultSubnetOne: "", - defaultSubnetTwo: "", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, + err: nil, + ipVersions: []string{IPv4}, + ports: map[string]portSpec{ + "TCP-67": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, }, }, - expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "empty string for nlb subnet annotation": { - defaultSubnetOne: "", - defaultSubnetTwo: "", + { + name: "IpFamilies IPv6 ListenerBackendSetIpVersion IPv6", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSubnet: "", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, }, }, - expectedErrMsg: "a subnet must be specified for a network load balancer", - }, - "default string for cloud config subnet2": { - defaultSubnetOne: "", - defaultSubnetTwo: "random", - service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - }, + err: nil, + ipVersions: []string{IPv6}, + ports: map[string]portSpec{ + "TCP-67-IPv6": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, }, }, - expectedErrMsg: "a subnet must be specified for a network load balancer", }, - "subnet for nlb annotation": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", + { + name: "IpFamilies IPv4, IPv6 ListenerBackendSetIpVersion IPv4", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", - ServiceAnnotationNetworkLoadBalancerSubnet: "annotation-one", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + }, + }, + err: nil, + ipVersions: []string{IPv4}, + ports: map[string]portSpec{ + "TCP-67": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, }, }, - subnets: []string{"annotation-one"}, }, - "subnets passed via cloud config": { - defaultSubnetOne: "one", - defaultSubnetTwo: "two", + { + name: "IpFamilies IPv4, IPv6 ListenerBackendSetIpVersion IPv6", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + }, + }, + err: nil, + ipVersions: []string{IPv6}, + ports: map[string]portSpec{ + "TCP-67-IPv6": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, }, }, - subnets: []string{"one"}, }, - "subnets passed via annotation": { - defaultSubnetOne: "one", - defaultSubnetTwo: "", + { + name: "IpFamilies IPv4 IPv6 ListenerBackendSetIpVersion IPv4 IPv6", service: &v1.Service{ - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - ServiceAnnotationLoadBalancerType: "nlb", + Spec: v1.ServiceSpec{ + SessionAffinity: v1.ServiceAffinityNone, + Ports: []v1.ServicePort{ + { + Protocol: v1.ProtocolTCP, + Port: int32(67), + NodePort: 36667, + }, }, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + }, + }, + err: nil, + ipVersions: []string{IPv4, IPv6}, + ports: map[string]portSpec{ + "TCP-67": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, + }, + "TCP-67-IPv6": { + ListenerPort: 67, + BackendPort: 36667, + HealthCheckerPort: 10256, }, }, - subnets: []string{"one"}, }, } - cp := &CloudProvider{ - client: MockOCIClient{}, - config: &providercfg.Config{CompartmentID: "testCompartment"}, - } - - for name, tc := range testCases { - logger := zap.L() - t.Run(name, func(t *testing.T) { - cp.config = &providercfg.Config{ - LoadBalancer: &providercfg.LoadBalancerConfig{ - Subnet1: tc.defaultSubnetOne, - Subnet2: tc.defaultSubnetTwo, - }, - } - subnets, err := cp.getNetworkLoadbalancerSubnets(context.Background(), logger.Sugar(), tc.service) - if !reflect.DeepEqual(subnets, tc.subnets) { - t.Errorf("Expected \n%+v\nbut got\n%+v", tc.subnets, subnets) + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result, err := getPorts(tt.service, tt.ipVersions) + if !reflect.DeepEqual(result, tt.ports) { + t.Errorf("getPorts() = %+v, want %+v", result, tt.ports) } - if err != nil && err.Error() != tc.expectedErrMsg { - t.Errorf("Expected error with message %q but got %q", tc.expectedErrMsg, err) + if err != nil { + if !reflect.DeepEqual(err, tt.err) { + t.Errorf("getPorts() = %+v, want %+v", err, tt.err) + } } }) } } -func Test_getResourceTrackingSysTagsFromConfig(t *testing.T) { - tests := map[string]struct { - initialTags *providercfg.InitialTags - wantTag map[string]map[string]interface{} +func Test_getLoadBalancerSourceRanges(t *testing.T) { + var tests = []struct { + name string + service *v1.Service + sourceCIDRs []string }{ - "expect an empty system tag when has no common tags": { - initialTags: &providercfg.InitialTags{}, - wantTag: nil, + { + name: "IpFamilies IPv4 SingleStack", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + sourceCIDRs: []string{"0.0.0.0/0"}, }, - "expect an empty system tag when resource tracking tags are not in common tags": { - initialTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"ns": {"key": "val"}}, + { + name: "IpFamilies IPv6 SingleStack", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), }, - Common: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"orcl-not-a-tracking-tag": {"Cluster": "ocid1.cluster.aa..."}}, + }, + sourceCIDRs: []string{"::/0"}, + }, + { + name: "IpFamilies IPv4, IPv6 PreferDualStack", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), }, }, - wantTag: nil, + sourceCIDRs: []string{"0.0.0.0/0", "::/0"}, }, - "extract tracking system tag from config": { - initialTags: &providercfg.InitialTags{ - LoadBalancer: &providercfg.TagConfig{ - DefinedTags: map[string]map[string]interface{}{"ns": {"key": "val"}}, + { + name: "IpFamilies IPv4, IPv6 RequireDualStack", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyRequireDualStack))), }, - Common: &providercfg.TagConfig{ - FreeformTags: map[string]string{"Cluster": "ocid1.cluster.aa..."}, - DefinedTags: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "ocid1.cluster.aa..."}}, + }, + sourceCIDRs: []string{"0.0.0.0/0", "::/0"}, + }, + { + name: "IpFamilies IPv4 IPv6 Custom Cidr provided in spec", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + LoadBalancerSourceRanges: []string{"2.2.2.0/24"}, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String("PreferDualStack")), }, }, - wantTag: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "ocid1.cluster.aa..."}}, + sourceCIDRs: []string{"2.2.2.0/24"}, + }, + { + name: "IpFamilies IPv6 Custom Cidr provided in spec", + service: &v1.Service{ + Spec: v1.ServiceSpec{ + LoadBalancerSourceRanges: []string{"1.1.1.0/24", "2603:c120:000f:8b99:0000:0000:0000:0000/64"}, + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + sourceCIDRs: []string{"1.1.1.0/24", "2603:c120:f:8b99::/64"}, }, } - for name, test := range tests { - t.Run(name, func(t *testing.T) { - tag := getResourceTrackingSysTagsFromConfig(zap.S(), test.initialTags) - t.Logf("%#v", tag) - if !reflect.DeepEqual(test.wantTag, tag) { - t.Errorf("wanted %v but got %v", test.wantTag, tag) + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + result, _ := getLoadBalancerSourceRanges(tt.service) + for _, cidr := range result { + if !contains(tt.sourceCIDRs, cidr) { + t.Errorf("getLoadBalancerSourceRanges() = %+v, want %+v", result, tt.sourceCIDRs) + } } }) } diff --git a/pkg/cloudprovider/providers/oci/load_balancer_test.go b/pkg/cloudprovider/providers/oci/load_balancer_test.go index 9c70787c1a..3de1fe8f7d 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_test.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_test.go @@ -35,6 +35,7 @@ import ( "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-go-sdk/v65/common" "github.com/oracle/oci-go-sdk/v65/core" + errors1 "github.com/pkg/errors" ) func newNodeObj(name string, labels map[string]string) *v1.Node { @@ -287,13 +288,13 @@ func Test_filterNodes(t *testing.T) { for name, tc := range testCases { t.Run(name, func(t *testing.T) { - nodes, err := filterNodes(tc.service, tc.nodes) + provisionedNodes, err := filterNodes(tc.service, tc.nodes) if err != nil { t.Fatal(err) } - if !reflect.DeepEqual(nodes, tc.expected) { - t.Errorf("expected: %+v got %+v", tc.expected, nodes) + if !reflect.DeepEqual(provisionedNodes, tc.expected) { + t.Errorf("expected: %+v got %+v", tc.expected, provisionedNodes) } }) } @@ -561,7 +562,7 @@ func TestGetSubnetsForNodes(t *testing.T) { nodes: []*v1.Node{ { Spec: v1.NodeSpec{ - ProviderID: "basic-complete", + ProviderID: "ocid1.basic-complete", }, ObjectMeta: metav1.ObjectMeta{ Annotations: map[string]string{ @@ -585,7 +586,7 @@ func TestGetSubnetsForNodes(t *testing.T) { nodes: []*v1.Node{ { Spec: v1.NodeSpec{ - ProviderID: "basic-complete", + ProviderID: "ocid1.basic-complete", }, ObjectMeta: metav1.ObjectMeta{ Name: "testnode", @@ -622,6 +623,82 @@ func TestGetSubnetsForNodes(t *testing.T) { subnets: nil, err: errors.New(`.spec.providerID was not present on node "testnode"`), }, + "Ipv6 subnets return subnet without any error GUA": { + nodes: []*v1.Node{ + { + Spec: v1.NodeSpec{ + ProviderID: "ocid1.ipv6-instance", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compID1", + }, + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeExternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + }, + }, + }, + }, + subnets: []*core.Subnet{subnets["IPv6-subnet"]}, + err: nil, + }, + "Ipv6 subnets return subnet without any error ULA": { + nodes: []*v1.Node{ + { + Spec: v1.NodeSpec{ + ProviderID: "ocid1.ipv6-instance", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compID1", + }, + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeInternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + }, + }, + }, + }, + subnets: []*core.Subnet{subnets["IPv6-subnet"]}, + err: nil, + }, + "Private IPv4 and GUA IPv6": { + nodes: []*v1.Node{ + { + Spec: v1.NodeSpec{ + ProviderID: "ocid1.ipv6-gua-ipv4-instance", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "compID1", + }, + }, + Status: v1.NodeStatus{ + Addresses: []v1.NodeAddress{ + { + Type: v1.NodeExternalIP, + Address: "2001:0db8:85a3:0000:0000:8a2e:0370:7334", + }, + { + Type: v1.NodeInternalIP, + Address: "10.0.0.1", + }, + }, + }, + }, + }, + subnets: []*core.Subnet{subnets["ipv6-gua-ipv4-instance"]}, + err: nil, + }, } client := MockOCIClient{} for name, tc := range testCases { @@ -937,6 +1014,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "Security List Management mode 'None' - no err", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -952,6 +1032,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "Security List Management mode 'None' - delete err", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -975,6 +1058,10 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { ServiceAnnotationLoadBalancerSecurityListManagementMode: "All", }, }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + Selector: map[string]string{"hello": "world"}, + }, }, err: "", wantErr: false, @@ -982,6 +1069,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "Security List Management mode 'All' - fetch node failure", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -997,6 +1087,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "Security List Management mode 'NSG' - no err", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -1012,6 +1105,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "no management mode provided in annotation - no err", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -1024,6 +1120,9 @@ func TestCloudProvider_EnsureLoadBalancerDeleted(t *testing.T) { { name: "no management mode provided in annotation - delete err", service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + }, ObjectMeta: metav1.ObjectMeta{ Namespace: "kube-system", Name: "testservice", @@ -1072,7 +1171,9 @@ func Test_addLoadBalancerOkeSystemTags(t *testing.T) { lb: &client.GenericLoadBalancer{ Id: common.String("ocid1.loadbalancer."), }, - spec: &LBSpec{}, + spec: &LBSpec{ + service: &v1.Service{}, + }, wantErr: errors.New("oke system tag is not found in LB spec. ignoring.."), }, "expect an error when spec system tag is empty map": { @@ -1081,6 +1182,7 @@ func Test_addLoadBalancerOkeSystemTags(t *testing.T) { }, spec: &LBSpec{ SystemTags: map[string]map[string]interface{}{}, + service: &v1.Service{}, }, wantErr: errors.New("oke system tag namespace is not found in LB spec"), }, @@ -1090,7 +1192,9 @@ func Test_addLoadBalancerOkeSystemTags(t *testing.T) { DefinedTags: make(map[string]map[string]interface{}), }, spec: &LBSpec{ + Type: LB, SystemTags: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "val"}}, + service: &v1.Service{}, }, wantErr: errors.New("max limit of defined tags for lb is reached. skip adding tags. sending metric"), }, @@ -1102,9 +1206,28 @@ func Test_addLoadBalancerOkeSystemTags(t *testing.T) { }, spec: &LBSpec{ SystemTags: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "val"}}, + service: &v1.Service{}, }, wantErr: errors.New("UpdateLoadBalancer request failed: internal server error"), }, + "expect an error when using workload identity": { + lb: &client.GenericLoadBalancer{ + Id: common.String("service using workload identity"), + FreeformTags: map[string]string{"key": "val"}, + DefinedTags: map[string]map[string]interface{}{"ns1": {"key1": "val1"}}, + }, + spec: &LBSpec{ + SystemTags: map[string]map[string]interface{}{"orcl-containerengine": {"Cluster": "val"}}, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationServiceAccountName: "test-service-account", + }, + }, + }, + }, + wantErr: errors.New("principal type is workload identity. skip addition of oke system tags."), + }, } for name, testcase := range tests { @@ -1183,3 +1306,875 @@ func assertError(actual, expected error) bool { } return actual.Error() == expected.Error() } + +func Test_checkIfSubnetIPv6Compatible(t *testing.T) { + tests := map[string]struct { + subnets []*core.Subnet + ipVersion string + expectedErr error + }{ + "Subnet with IPv4 cidrs only": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + }, + }, + ipVersion: IPv6, + expectedErr: errors1.Errorf("subnet with id IPv4-subnet does not have an ipv6 cidr block"), + }, + "Subnet with both IPv4 & IPv6 cidrs": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv4-IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlocks: []string{}, + Ipv6CidrBlock: common.String("IPv6Cidr"), + }, + }, + ipVersion: IPv6, + expectedErr: nil, + }, + "Subnet with IPv6 cidrs only": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + }, + }, + ipVersion: IPv6, + expectedErr: nil, + }, + "Subnet with IPv6 cidrs only IPv4 error": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + AvailabilityDomain: nil, + }, + }, + ipVersion: IPv4, + expectedErr: errors1.Errorf("subnet with id IPv6-subnet does not have an ipv4 cidr block"), + }, + "multiple subnets with single IPv6 cidr": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + }, + { + Id: common.String("IPv6-subnet-1"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + }, + }, + ipVersion: IPv6, + expectedErr: nil, + }, + "multiple subnets with single IPv6 cidr check for IPv4": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + }, + { + Id: common.String("IPv6-subnet-1"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + }, + }, + ipVersion: IPv4, + expectedErr: errors1.Errorf("subnet with id IPv6-subnet-1 does not have an ipv4 cidr block"), + }, + "multiple subnets with single IPv6 cidr check for IPv6": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + }, + { + Id: common.String("IPv6-subnet-1"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}, + }, + }, + ipVersion: IPv6, + expectedErr: nil, + }, + "multiple subnets with single IPv4 check for IPv4": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + }, + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + }, + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + }, + }, + ipVersion: IPv4, + expectedErr: nil, + }, + "multiple subnets with single IPv6 check for IPv6": { + subnets: []*core.Subnet{ + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.0.0/16"), + }, + { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("IPv6Cidr"), + Ipv6CidrBlocks: []string{"IPv6Cidr"}}, + { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + }, + }, + ipVersion: IPv6, + expectedErr: nil, + }, + } + + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + err := checkSubnetIpFamilyCompatibility(tt.subnets, tt.ipVersion) + if err != nil { + if !reflect.DeepEqual(err.Error(), tt.expectedErr.Error()) { + t.Errorf("checkIfSubnetIPv6Compatible() expected error = %v,\n but got %v", tt.expectedErr, err) + return + } + } + }) + } +} + +func Test_getLbEndpointVersion(t *testing.T) { + var tests = map[string]struct { + ipFamilies []string + ipFamilyPolicy string + subnets []*core.Subnet + lbEndpointVersion string + wantErr error + }{ + "SingleStack IPv4": { + ipFamilies: []string{IPv4}, + ipFamilyPolicy: string(v1.IPFamilyPolicySingleStack), + subnets: []*core.Subnet{ + {CidrBlock: common.String("10.0.1.0/24")}, + }, + lbEndpointVersion: IPv4, + wantErr: nil, + }, + "SingleStack IPv6": { + ipFamilies: []string{IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicySingleStack), + subnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + lbEndpointVersion: IPv6, + wantErr: nil, + }, + "SingleStack IPv6 - wrong subnet": { + ipFamilies: []string{IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicySingleStack), + subnets: []*core.Subnet{ + { + Id: common.String("ocid1.subnet"), + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + lbEndpointVersion: "", + wantErr: errors.New("subnet does not have IPv6 CIDR blocks: subnet with id ocid1.subnet does not have an ipv6 cidr block"), + }, + "RequireDualStack IPv4/IPv6": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyRequireDualStack), + subnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + lbEndpointVersion: IPv4AndIPv6, + wantErr: nil, + }, + "RequireDualStack IPv4/IPv6 - wrong subnet": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyRequireDualStack), + subnets: []*core.Subnet{ + { + Id: common.String("ocid1.subnet"), + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + lbEndpointVersion: "", + wantErr: errors.New("subnet does not have IPv6 CIDR blocks: subnet with id ocid1.subnet does not have an ipv6 cidr block"), + }, + "PreferDualStack IPv4/IPv6": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + subnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + lbEndpointVersion: IPv4AndIPv6, + wantErr: nil, + }, + "PreferDualStack IPv4/IPv6 - wrong subnet": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + subnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + lbEndpointVersion: IPv4, + wantErr: nil, + }, + "PreferDualStack IPv4": { + ipFamilies: []string{IPv4}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + subnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + lbEndpointVersion: IPv4AndIPv6, + wantErr: nil, + }, + } + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + NodeLister: &mockNodeLister{}, + kubeclient: testclient.NewSimpleClientset(), + logger: zap.L().Sugar(), + } + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + lbEndpointVersion, err := cp.getLbEndpointIpVersion(tt.ipFamilies, tt.ipFamilyPolicy, tt.subnets) + if lbEndpointVersion != tt.lbEndpointVersion { + t.Errorf("Expected lbEndpointVersion = %s, but got %s", tt.lbEndpointVersion, lbEndpointVersion) + } + if err != nil && err.Error() != tt.wantErr.Error() { + t.Errorf("Expected error = %s,\n but got %s", tt.wantErr.Error(), err.Error()) + return + } + }) + } +} + +func Test_getLbListenerBackendSetIpVersion(t *testing.T) { + var tests = map[string]struct { + ipFamilies []string + ipFamilyPolicy string + nodeSubnets []*core.Subnet + listenerBackendSetIpVersions []string + wantErr error + }{ + "SingleStack IPv4": { + ipFamilies: []string{IPv4}, + ipFamilyPolicy: string(v1.IPFamilyPolicySingleStack), + nodeSubnets: []*core.Subnet{ + {CidrBlock: common.String("10.0.1.0/24")}, + }, + listenerBackendSetIpVersions: []string{IPv4}, + wantErr: nil, + }, + "SingleStack IPv6 - wrong subnet": { + ipFamilies: []string{IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicySingleStack), + nodeSubnets: []*core.Subnet{ + { + Id: common.String("ocid1.subnet"), + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + listenerBackendSetIpVersions: []string{}, + wantErr: errors.New("subnet does not have IPv6 CIDR blocks: subnet with id ocid1.subnet does not have an ipv6 cidr block"), + }, + "RequireDualStack IPv4/IPv6": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyRequireDualStack), + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + listenerBackendSetIpVersions: []string{IPv4, IPv6}, + wantErr: nil, + }, + "RequireDualStack IPv4/IPv6 - wrong subnet": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyRequireDualStack), + nodeSubnets: []*core.Subnet{ + { + Id: common.String("ocid1.subnet"), + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + listenerBackendSetIpVersions: []string{}, + wantErr: errors.New("subnet does not have IPv6 CIDR blocks: subnet with id ocid1.subnet does not have an ipv6 cidr block"), + }, + "PreferDualStack IPv4/IPv6": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + listenerBackendSetIpVersions: []string{IPv4, IPv6}, + wantErr: nil, + }, + "PreferDualStack IPv4/IPv6 - wrong subnet": { + ipFamilies: []string{IPv4, IPv6}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + listenerBackendSetIpVersions: []string{IPv4}, + wantErr: nil, + }, + "PreferDualStack IPv4": { + ipFamilies: []string{IPv4}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + listenerBackendSetIpVersions: []string{IPv4, IPv6}, + wantErr: nil, + }, + "PreferDualStack IPv4 multiple subnets": { + ipFamilies: []string{IPv4}, + ipFamilyPolicy: string(v1.IPFamilyPolicyPreferDualStack), + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + listenerBackendSetIpVersions: []string{IPv4, IPv6}, + wantErr: nil, + }, + } + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + NodeLister: &mockNodeLister{}, + kubeclient: testclient.NewSimpleClientset(), + logger: zap.L().Sugar(), + } + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + result, err := cp.getLbListenerBackendSetIpVersion(tt.ipFamilies, tt.ipFamilyPolicy, tt.nodeSubnets) + if !reflect.DeepEqual(result, tt.listenerBackendSetIpVersions) { + t.Errorf("Expected listenerBackendSetIpVersions\n%+v\nbut got\n%+v", tt.listenerBackendSetIpVersions, result) + } + if err != nil && err.Error() != tt.wantErr.Error() { + t.Errorf("Expected error = %s,\n but got %s", tt.wantErr.Error(), err.Error()) + return + } + }) + } +} + +func Test_getOciIpVersions(t *testing.T) { + var tests = map[string]struct { + nodeSubnets []*core.Subnet + lbSubnets []*core.Subnet + service *v1.Service + result *IpVersions + wantErr error + }{ + "SingleStack IPv4": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.2.0/24"), + }, + }, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + {CidrBlock: common.String("10.0.1.0/24")}, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + wantErr: nil, + }, + "SingleStack IPv6 for NLB GUA prefix": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv6}, + }, + wantErr: nil, + }, + "SingleStack IPv6 for NLB ULA prefix": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicySingleStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv6}, + }, + wantErr: nil, + }, + "SingleStack IPv6 LB": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "lb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicySingleStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: nil, + wantErr: errors.New("SingleStack IPv6 is not supported for OCI LBaaS"), + }, + "RequireDualStack IPv4/IPv6 - LB": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String("RequireDualStack")), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyRequireDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + wantErr: nil, + }, + "RequireDualStack IPv4/IPv6 - NLB": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String("RequireDualStack")), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyRequireDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, + }, + wantErr: nil, + }, + "PreferDualStack IPv4 LB - IPv4 Subnet cidrs only": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + }, + }, + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + wantErr: nil, + }, + "PreferDualStack IPv4 NLB - IPv4 Subnet cidrs only": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + wantErr: nil, + }, + "PreferDualStack IPv6 LB - IPv6 Subnet cidrs only": { + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}}, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: nil, + wantErr: errors.New("SingleStack IPv6 is not supported for OCI LBaaS"), + }, + "PreferDualStack IPv6 NLB - IPv6 Subnet cidrs only": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}}, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String(""), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv6}, + }, + wantErr: nil, + }, + "PreferDualStack IPv4/IPv6 LB": { + service: &v1.Service{ + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4}, + }, + wantErr: nil, + }, + "PreferDualStack IPv4/IPv6 NLB": { + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlock: common.String("2001:0000:130F:0000:0000:09C0:876A:130B"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, + }, + wantErr: nil, + }, + "PreferDualStack IPv4/IPv6 multiple subnets": { + lbSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.0.0/16"), + }, + { + CidrBlock: common.String("10.0.0.0/16"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + service: &v1.Service{ + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + ServiceAnnotationLoadBalancerType: "nlb", + }, + }, + Spec: v1.ServiceSpec{ + IPFamilies: []v1.IPFamily{v1.IPFamily(IPv4), v1.IPFamily(IPv6)}, + IPFamilyPolicy: (*v1.IPFamilyPolicy)(common.String(string(v1.IPFamilyPolicyPreferDualStack))), + }, + }, + nodeSubnets: []*core.Subnet{ + { + CidrBlock: common.String("10.0.1.0/24"), + }, + { + CidrBlock: common.String("10.0.1.0/24"), + Ipv6CidrBlocks: []string{"2001:0000:130F:0000:0000:09C0:876A:130B"}, + }, + }, + result: &IpVersions{ + IpFamilies: []string{IPv4, IPv6}, + IpFamilyPolicy: common.String(string(v1.IPFamilyPolicyPreferDualStack)), + LbEndpointIpVersion: GenericIpVersion(client.GenericIPv4AndIPv6), + ListenerBackendIpVersion: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, + }, + wantErr: nil, + }, + } + cp := &CloudProvider{ + client: MockOCIClient{}, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + NodeLister: &mockNodeLister{}, + kubeclient: testclient.NewSimpleClientset(), + logger: zap.L().Sugar(), + } + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + result, err := cp.getOciIpVersions(tt.lbSubnets, tt.nodeSubnets, tt.service) + if !reflect.DeepEqual(result, tt.result) { + t.Errorf("Expected IpVersions\n%+v\nbut got\n%+v", tt.result, result) + } + if err != nil && err.Error() != tt.wantErr.Error() { + t.Errorf("Expected error = %s,\n but got %s", tt.wantErr.Error(), err.Error()) + return + } + }) + } +} diff --git a/pkg/cloudprovider/providers/oci/load_balancer_util.go b/pkg/cloudprovider/providers/oci/load_balancer_util.go index 3108055ca2..6f4f985e54 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_util.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_util.go @@ -18,17 +18,17 @@ import ( "context" "fmt" "os" + "reflect" "regexp" "sort" "strconv" "strings" - "github.com/oracle/oci-cloud-controller-manager/pkg/metrics" - "go.uber.org/zap" api "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/sets" + "github.com/oracle/oci-cloud-controller-manager/pkg/metrics" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-go-sdk/v65/loadbalancer" ) @@ -168,6 +168,12 @@ func contains(s []string, e string) bool { return false } +// removeAtPosition is a helper method to remove an element from remove and return it given the index +func removeAtPosition(slice []string, position int) []string { + slice[position] = slice[len(slice)-1] + return slice[:len(slice)-1] +} + func getHealthCheckerChanges(actual *client.GenericHealthChecker, desired *client.GenericHealthChecker) []string { var healthCheckerChanges []string @@ -244,6 +250,7 @@ func hasBackendSetChanged(logger *zap.SugaredLogger, actual client.GenericBacken backendSetChanges = append(backendSetChanges, fmt.Sprintf(changeFmtStr, "BackEndSet:IsPreserveSource", toBool(actual.IsPreserveSource), toBool(desired.IsPreserveSource))) } + backendSetChanges = append(backendSetChanges, getSSLConfigurationChanges(actual.SslConfiguration, desired.SslConfiguration)...) nameFormat := "%s:%d" desiredSet := sets.NewString() @@ -302,9 +309,15 @@ func sslConfigurationToDetails(sc *client.GenericSslConfigurationDetails) *clien return nil } return &client.GenericSslConfigurationDetails{ - CertificateName: sc.CertificateName, - VerifyDepth: sc.VerifyDepth, - VerifyPeerCertificate: sc.VerifyPeerCertificate, + VerifyDepth: sc.VerifyDepth, + VerifyPeerCertificate: sc.VerifyPeerCertificate, + HasSessionResumption: sc.HasSessionResumption, + TrustedCertificateAuthorityIds: sc.TrustedCertificateAuthorityIds, + CertificateIds: sc.CertificateIds, + CertificateName: sc.CertificateName, + Protocols: sc.Protocols, + CipherSuiteName: sc.CipherSuiteName, + ServerOrderPreference: sc.ServerOrderPreference, } } @@ -314,10 +327,10 @@ func backendsToBackendDetails(bs []client.GenericBackend) []client.GenericBacken backends[i] = client.GenericBackend{ IpAddress: backend.IpAddress, Port: backend.Port, - //Backup: backend.Backup, - //Drain: backend.Drain, - //Offline: backend.Offline, - Weight: backend.Weight, + Backup: backend.Backup, + Drain: backend.Drain, + Offline: backend.Offline, + Weight: backend.Weight, } } return backends @@ -368,6 +381,7 @@ func getBackendSetChanges(logger *zap.SugaredLogger, actual map[string]client.Ge Backends: backendsToBackendDetails(actualBackendSet.Backends), SessionPersistenceConfiguration: actualBackendSet.SessionPersistenceConfiguration, SslConfiguration: sslConfigurationToDetails(actualBackendSet.SslConfiguration), + IpVersion: actualBackendSet.IpVersion, }, Ports: portsFromBackendSet(logger, *actualBackendSet.Name, &actualBackendSet), actionType: Delete, @@ -426,6 +440,13 @@ func getSSLConfigurationChanges(actual *client.GenericSslConfigurationDetails, d if toBool(actual.VerifyPeerCertificate) != toBool(desired.VerifyPeerCertificate) { sslConfigurationChanges = append(sslConfigurationChanges, fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:VerifyPeerCertificate", toBool(actual.VerifyPeerCertificate), toBool(desired.VerifyPeerCertificate))) } + if toString(actual.CipherSuiteName) != toString(desired.CipherSuiteName) { + sslConfigurationChanges = append(sslConfigurationChanges, fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:CipherSuiteName", toString(actual.CipherSuiteName), toString(desired.CipherSuiteName))) + } + if !reflect.DeepEqual(actual.Protocols, desired.Protocols) { + sslConfigurationChanges = append(sslConfigurationChanges, fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:Protocols", strings.Join(actual.Protocols, ","), strings.Join(desired.Protocols, ","))) + } + return sslConfigurationChanges } @@ -441,6 +462,10 @@ func hasListenerChanged(logger *zap.SugaredLogger, actual client.GenericListener if toString(actual.Protocol) != toString(desired.Protocol) { listenerChanges = append(listenerChanges, fmt.Sprintf(changeFmtStr, "Listener:Protocol", toString(actual.Protocol), toString(desired.Protocol))) } + if toBool(actual.IsPpv2Enabled) != toBool(desired.IsPpv2Enabled) { + listenerChanges = append(listenerChanges, fmt.Sprintf(changeFmtStr, "Listener:IsPpv2Enabled", toBool(actual.IsPpv2Enabled), toBool(desired.IsPpv2Enabled))) + } + listenerChanges = append(listenerChanges, getSSLConfigurationChanges(actual.SslConfiguration, desired.SslConfiguration)...) listenerChanges = append(listenerChanges, getConnectionConfigurationChanges(actual.ConnectionConfiguration, desired.ConnectionConfiguration)...) @@ -557,6 +582,11 @@ func hasLoadBalancerNetworkSecurityGroupsChanged(ctx context.Context, actualNetw return !DeepEqualLists(actualNetworkSecurityGroup, desiredNetworkSecurityGroup) } +// hasIpVersionChanged checks if the IP version has changed +func hasIpVersionChanged(previousIpVersion, currentIpVersion string) bool { + return !strings.EqualFold(previousIpVersion, currentIpVersion) +} + func sslEnabled(sslConfigMap map[int]*loadbalancer.SslConfiguration) bool { return len(sslConfigMap) > 0 } @@ -571,6 +601,9 @@ func getSanitizedName(name string) string { name = fmt.Sprintf(strings.Join(fields, "-")) } if len(fields) > 2 { + if contains(fields, IPv6) { + return fmt.Sprintf(strings.Join(fields[:3], "-")) + } return fmt.Sprintf(strings.Join(fields[:2], "-")) } return name @@ -634,6 +667,12 @@ func validateProtocols(servicePorts []api.ServicePort, lbType string, secListMgm return nil } +// GetSSLEnabledPorts returns a list of port numbers for which we need to enable +// SSL on the corresponding listener. +func GetSSLEnabledPorts(svc *api.Service) ([]int, error) { + return getSSLEnabledPorts(svc) +} + // getSSLEnabledPorts returns a list of port numbers for which we need to enable // SSL on the corresponding listener. func getSSLEnabledPorts(svc *api.Service) ([]int, error) { @@ -760,3 +799,43 @@ func parseFlexibleShapeBandwidth(shape, annotation string) (int, error) { } return parsedIntFlexibleShape, nil } + +// GenericIpVersion returns the address of the value client.GenericIpVersion +func GenericIpVersion(value client.GenericIpVersion) *client.GenericIpVersion { + return &value +} + +// convertK8sIpFamiliesToOciIpVersion helper method to convert ipFamily string to GenericIpVersion +func convertK8sIpFamiliesToOciIpVersion(ipFamily string) client.GenericIpVersion { + switch ipFamily { + case IPv4: + return client.GenericIPv4 + case IPv6: + return client.GenericIPv6 + case IPv4AndIPv6: + return client.GenericIPv4AndIPv6 + default: + return client.GenericIPv4 + } +} + +// convertOciIpVersionsToOciIpFamilies helper method to convert ociIpVersions slice to string slice +func convertOciIpVersionsToOciIpFamilies(ipVersions []client.GenericIpVersion) []string { + if len(ipVersions) == 0 { + return []string{IPv4} + } + k8sIpFamily := []string{} + for _, ipVersion := range ipVersions { + switch ipVersion { + case client.GenericIPv4: + k8sIpFamily = append(k8sIpFamily, IPv4) + case client.GenericIPv6: + k8sIpFamily = append(k8sIpFamily, IPv6) + case client.GenericIPv4AndIPv6: + k8sIpFamily = append(k8sIpFamily, IPv4AndIPv6) + default: + k8sIpFamily = append(k8sIpFamily, IPv4) + } + } + return k8sIpFamily +} diff --git a/pkg/cloudprovider/providers/oci/load_balancer_util_test.go b/pkg/cloudprovider/providers/oci/load_balancer_util_test.go index c7e1de75d0..16a1cf86ba 100644 --- a/pkg/cloudprovider/providers/oci/load_balancer_util_test.go +++ b/pkg/cloudprovider/providers/oci/load_balancer_util_test.go @@ -27,6 +27,7 @@ import ( "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-go-sdk/v65/common" + "github.com/stretchr/testify/assert" ) func TestSortAndCombineActions(t *testing.T) { @@ -719,6 +720,12 @@ func TestGetListenerChanges(t *testing.T) { Protocol: common.String("TCP"), Port: common.Int(80), }, + "TCP-80-IPv6": client.GenericListener{ + Name: common.String("TCP-80-IPv6"), + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, }, actual: map[string]client.GenericListener{ "TCP-80": client.GenericListener{ @@ -727,6 +734,12 @@ func TestGetListenerChanges(t *testing.T) { Protocol: common.String("TCP"), Port: common.Int(80), }, + "TCP-80-IPv6": client.GenericListener{ + Name: common.String("TCP-80-IPv6"), + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, }, expected: []Action{}, }, @@ -866,6 +879,74 @@ func TestGetListenerChanges(t *testing.T) { }, }, }, + { + name: "proxy protocol version switch to true - NLB", + desired: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: common.Bool(true), + }, + }, + actual: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: common.Bool(false), + }, + }, + expected: []Action{ + &ListenerAction{ + name: "TCP-80", + actionType: Update, + Listener: client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: common.Bool(true), + }, + }, + }, + }, + { + name: "proxy protocol version change - NLB", + desired: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: common.Bool(true), + }, + }, + actual: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: nil, + }, + }, + expected: []Action{ + &ListenerAction{ + name: "TCP-80", + actionType: Update, + Listener: client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + IsPpv2Enabled: common.Bool(true), + }, + }, + }, + }, { name: "ssl config change [legacy listeners]", desired: map[string]client.GenericListener{ @@ -962,6 +1043,95 @@ func TestGetListenerChanges(t *testing.T) { }, }, }, + { + name: "create listener IPv6", + desired: map[string]client.GenericListener{"TCP-443-IPv6": client.GenericListener{ + DefaultBackendSetName: common.String("TCP-443-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(443), + }}, + actual: map[string]client.GenericListener{}, + expected: []Action{ + &ListenerAction{ + name: "TCP-443-IPv6", + actionType: Create, + Listener: client.GenericListener{ + DefaultBackendSetName: common.String("TCP-443-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(443), + }, + }, + }, + }, + { + name: "add listener IPv6", + desired: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + "TCP-80-IPv6": client.GenericListener{ + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + actual: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + expected: []Action{ + &ListenerAction{ + name: "TCP-80-IPv6", + actionType: Create, + Listener: client.GenericListener{ + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + }, + }, + { + name: "remove listener IPv6", + desired: map[string]client.GenericListener{ + "TCP-80": client.GenericListener{ + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + actual: map[string]client.GenericListener{ + "TCP-80-IPv6": client.GenericListener{ + Name: common.String("TCP-80-IPv6"), + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + "TCP-80": client.GenericListener{ + Name: common.String("TCP-80"), + DefaultBackendSetName: common.String("TCP-80"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + expected: []Action{ + &ListenerAction{ + name: "TCP-80-IPv6", + actionType: Delete, + Listener: client.GenericListener{ + DefaultBackendSetName: common.String("TCP-80-IPv6"), + Protocol: common.String("TCP"), + Port: common.Int(80), + }, + }, + }, + }, } for _, tt := range testCases { @@ -1137,6 +1307,16 @@ func TestGetSanitizedName(t *testing.T) { "HTTP-80", "TCP-80", }, + { + "Name has Ipv6", + "TCP-80-IPv6", + "TCP-80-IPv6", + }, + { + "Name has HTTP", + "HTTP-80-IPv6", + "TCP-80-IPv6", + }, } for _, tc := range testCases { @@ -1358,6 +1538,23 @@ func TestHasListenerChanged(t *testing.T) { }, expected: false, }, + { + name: "Compare IPv6 listeners", + desired: client.GenericListener{ + Name: common.String("TCP-443-IPv6"), + DefaultBackendSetName: common.String("TCP-443-IPv6"), + Port: common.Int(443), + Protocol: common.String("TCP"), + }, + actual: client.GenericListener{ + Name: common.String("TCP-443-IPv6"), + DefaultBackendSetName: common.String("TCP-443-IPv6"), + Port: common.Int(443), + Protocol: common.String("TCP"), + }, + + expected: false, + }, } for _, tt := range testCases { @@ -1832,6 +2029,25 @@ func TestHasBackendSetChanged(t *testing.T) { }, expected: false, }, + { + name: "IPv6 backend added", + desired: client.GenericBackendSetDetails{ + Name: common.String("TCP-80-IPv6"), + Policy: common.String("policy"), + Backends: []client.GenericBackend{ + { + IpAddress: common.String("2001:0db8:85a3:0000:0000:8a2e:0370:7334"), + Port: &testBackendPort, + }, + }, + }, + actual: client.GenericBackendSetDetails{ + Name: common.String("TCP-80-IPv6"), + Policy: common.String("policy"), + Backends: []client.GenericBackend{}, + }, + expected: true, + }, } for _, tt := range testCases { @@ -1920,6 +2136,28 @@ func TestGetSSLConfigurationChanges(t *testing.T) { fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:CertificateName", false, true), }, }, + { + name: "Protocol Changed", + desired: client.GenericSslConfigurationDetails{ + Protocols: []string{"TLSv1.2"}, + }, + actual: client.GenericSslConfigurationDetails{}, + expected: []string{ + fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:Protocols", "", "TLSv1.2"), + }, + }, + { + name: "TLS Protocol Changed", + desired: client.GenericSslConfigurationDetails{ + Protocols: []string{"TLSv1.1", "TLSv1.2"}, + }, + actual: client.GenericSslConfigurationDetails{ + Protocols: []string{"TLSv1.1", "TLSv1.2", "TLSv1.3"}, + }, + expected: []string{ + fmt.Sprintf(changeFmtStr, "Listener:SSLConfiguration:Protocols", "", "TLSv1.2"), + }, + }, } for _, tt := range testCases { @@ -2088,6 +2326,67 @@ func TestHasLoadBalancerNetworkSecurityGroupsChanged(t *testing.T) { } } +func TestHasIpVersionChanged(t *testing.T) { + var testCases = []struct { + name string + actualIpVersion string + desiredIpVersion string + expected bool + }{ + { + name: "No Changes IPv4", + actualIpVersion: string(client.GenericIPv4), + desiredIpVersion: IPv4, + expected: false, + }, + { + name: "No Changes IPv6", + actualIpVersion: string(client.GenericIPv6), + desiredIpVersion: IPv6, + expected: false, + }, + { + name: "Has Changes", + actualIpVersion: string(client.GenericIPv4), + desiredIpVersion: IPv6, + expected: true, + }, + { + name: "No Changes DualStack", + actualIpVersion: string(client.GenericIPv4AndIPv6), + desiredIpVersion: IPv4AndIPv6, + expected: false, + }, + { + name: "DualStack to SingleStack", + actualIpVersion: string(client.GenericIPv4AndIPv6), + desiredIpVersion: IPv6, + expected: true, + }, + { + name: "SingleStack to DualStack", + actualIpVersion: string(client.GenericIPv4), + desiredIpVersion: IPv4AndIPv6, + expected: true, + }, + { + name: "SingleStack IPv6 to DualStack", + actualIpVersion: string(client.GenericIPv6), + desiredIpVersion: IPv4AndIPv6, + expected: true, + }, + } + + for _, tt := range testCases { + t.Run(tt.name, func(t *testing.T) { + changed := hasIpVersionChanged(tt.actualIpVersion, tt.desiredIpVersion) + if changed != tt.expected { + t.Errorf("expected hasIpVersionChanged to be %+v\nbut got\n%+v", tt.expected, changed) + } + }) + } +} + func Test_parseFlexibleShapeBandwidth(t *testing.T) { var testCases = []struct { name string @@ -2183,3 +2482,100 @@ func Test_parseFlexibleShapeBandwidth(t *testing.T) { }) } } + +func Test_convertOciIpVersionsToOciIpFamilies(t *testing.T) { + type args struct { + ipVersions []client.GenericIpVersion + } + tests := []struct { + name string + args args + want []string + }{ + { + name: "nil", + args: args{ + ipVersions: nil, + }, + want: []string{IPv4}, + }, + { + name: "default", + args: args{ + ipVersions: []client.GenericIpVersion{}, + }, + want: []string{IPv4}, + }, + { + name: "IPv4 and IPv6", + args: args{ + ipVersions: []client.GenericIpVersion{client.GenericIPv4, client.GenericIPv6}, + }, + want: []string{IPv4, IPv6}, + }, + { + name: "IPv4", + args: args{ + ipVersions: []client.GenericIpVersion{client.GenericIPv4}, + }, + want: []string{IPv4}, + }, + { + name: "IPv6", + args: args{ + ipVersions: []client.GenericIpVersion{client.GenericIPv6}, + }, + want: []string{IPv6}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + assert.Equalf(t, tt.want, convertOciIpVersionsToOciIpFamilies(tt.args.ipVersions), "convertOciIpVersionsToOciIpFamilies(%v)", tt.args.ipVersions) + }) + } +} + +func Test_convertK8sIpFamiliesToOciIpVersion(t *testing.T) { + type args struct { + ipFamily string + } + tests := []struct { + name string + args args + want client.GenericIpVersion + }{ + { + name: "Base case", + args: args{ + ipFamily: "", + }, + want: client.GenericIPv4, + }, + { + name: "IPv4", + args: args{ + ipFamily: IPv4, + }, + want: client.GenericIPv4, + }, + { + name: "IPv6", + args: args{ + ipFamily: IPv6, + }, + want: client.GenericIPv6, + }, + { + name: "IPv4 and IPv6", + args: args{ + ipFamily: IPv4AndIPv6, + }, + want: client.GenericIPv4AndIPv6, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + assert.Equalf(t, tt.want, convertK8sIpFamiliesToOciIpVersion(tt.args.ipFamily), "convertK8sIpFamiliesToOciIpVersion(%v)", tt.args.ipFamily) + }) + } +} diff --git a/pkg/cloudprovider/providers/oci/node_info_controller.go b/pkg/cloudprovider/providers/oci/node_info_controller.go index 69c9b00f14..1c64698585 100644 --- a/pkg/cloudprovider/providers/oci/node_info_controller.go +++ b/pkg/cloudprovider/providers/oci/node_info_controller.go @@ -175,7 +175,7 @@ func (nic *NodeInfoController) processItem(key string) error { return err } - nodePatchBytes := getPatchBytes(cacheNode, instance, logger) + nodePatchBytes := getNodePatchBytes(cacheNode, instance, logger) if nodePatchBytes == nil { return nil @@ -193,7 +193,7 @@ func (nic *NodeInfoController) processItem(key string) error { return nil } -func getPatchBytes(cacheNode *v1.Node, instance *core.Instance, logger *zap.SugaredLogger) []byte { +func getNodePatchBytes(cacheNode *v1.Node, instance *core.Instance, logger *zap.SugaredLogger) []byte { if validateNodeHasRequiredLabels(cacheNode) { return nil } diff --git a/pkg/cloudprovider/providers/oci/node_info_controller_test.go b/pkg/cloudprovider/providers/oci/node_info_controller_test.go index af21a8fb7c..fde29ebf9f 100644 --- a/pkg/cloudprovider/providers/oci/node_info_controller_test.go +++ b/pkg/cloudprovider/providers/oci/node_info_controller_test.go @@ -18,22 +18,21 @@ import ( "reflect" "testing" - "github.com/oracle/oci-go-sdk/v65/common" - "go.uber.org/zap" - - "github.com/oracle/oci-go-sdk/v65/core" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + + "github.com/oracle/oci-go-sdk/v65/common" + "github.com/oracle/oci-go-sdk/v65/core" ) var ( instanceCompID = "instanceCompID" instanceFD = "instanceFD" - instanceID = "instanceID" + instanceID = "ocid1.instanceID" ) -func TestGetPatchBytes(t *testing.T) { +func TestGetNodePatchBytes(t *testing.T) { testCases := map[string]struct { node *v1.Node instance *core.Instance @@ -98,7 +97,7 @@ func TestGetPatchBytes(t *testing.T) { logger := zap.L() for name, tc := range testCases { t.Run(name, func(t *testing.T) { - patchedBytes := getPatchBytes(tc.node, tc.instance, logger.Sugar()) + patchedBytes := getNodePatchBytes(tc.node, tc.instance, logger.Sugar()) if !reflect.DeepEqual(patchedBytes, tc.expectedPatchBytes) { t.Errorf("Expected PatchBytes \n%+v\nbut got\n%+v", tc.expectedPatchBytes, patchedBytes) } diff --git a/pkg/cloudprovider/providers/oci/util.go b/pkg/cloudprovider/providers/oci/util.go index 07a5b824e2..1e9c605f5c 100644 --- a/pkg/cloudprovider/providers/oci/util.go +++ b/pkg/cloudprovider/providers/oci/util.go @@ -15,14 +15,34 @@ package oci import ( - "k8s.io/apimachinery/pkg/util/sets" + "os" + "strconv" "strings" "sync" "github.com/pkg/errors" + "go.uber.org/zap" api "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/util/sets" + listersv1 "k8s.io/client-go/listers/core/v1" + "k8s.io/utils/net" + + "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" + "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" + "github.com/oracle/oci-cloud-controller-manager/pkg/util" ) +const ( + OkeSystemTagNamesapce = "orcl-containerengine" + // MaxDefinedTagPerResource is the maximum number of defined tags that be can be associated with the resource + //https://docs.oracle.com/en-us/iaas/Content/Tagging/Concepts/taggingoverview.htm#limits + MaxDefinedTagPerResource = 64 + resourceTrackingFeatureFlagName = "CPO_ENABLE_RESOURCE_ATTRIBUTION" +) + +var MaxDefinedTagErrMessage = "max limit of defined tags for %s is reached. skip adding tags. sending metric" + // Protects Load Balancers against multiple updates in parallel type loadBalancerLocks struct { locks sets.String @@ -59,19 +79,52 @@ func MapProviderIDToResourceID(providerID string) (string, error) { if strings.HasPrefix(providerID, providerPrefix) { return strings.TrimPrefix(providerID, providerPrefix), nil } + // can't process if provider ID does not have ocid1 prefix which are present + // for all OCI resource identifiers + if !strings.HasPrefix(providerID, "ocid1") { + return providerID, errors.New("provider ID '" + providerID + "' is not valid for oci") + } return providerID, nil } // NodeInternalIP returns the nodes internal ip // A node managed by the CCM will always have an internal ip // since it's not possible to deploy an instance without a private ip. -func NodeInternalIP(node *api.Node) string { +func NodeInternalIP(node *api.Node) client.IpAddresses { + ipAddresses := client.IpAddresses{ + V4: "", + V6: "", + } for _, addr := range node.Status.Addresses { if addr.Type == api.NodeInternalIP { - return addr.Address + if net.IsIPv6String(addr.Address) { + ipAddresses.V6 = addr.Address + } else { + ipAddresses.V4 = addr.Address + } + } + } + return ipAddresses +} + +// NodeExternalIp returns the nodes external ip +// A node managed by the CCM may have an external ip +// in case of IPv6, it could be possible that a compute instance has only GUA IPv6 +func NodeExternalIp(node *api.Node) client.IpAddresses { + ipAddresses := client.IpAddresses{ + V4: "", + V6: "", + } + for _, addr := range node.Status.Addresses { + if addr.Type == api.NodeExternalIP { + if net.IsIPv6String(addr.Address) { + ipAddresses.V6 = addr.Address + } else { + ipAddresses.V4 = addr.Address + } } } - return "" + return ipAddresses } // RemoveDuplicatesFromList takes Slice and returns new Slice with no duplicate elements @@ -85,3 +138,49 @@ func RemoveDuplicatesFromList(list []string) []string { func DeepEqualLists(listA, listB []string) bool { return sets.NewString(listA...).Equal(sets.NewString(listB...)) } + +// GetNodeMap returns a map of nodes in the cluster indexed by node name +func GetNodesMap(nodeLister listersv1.NodeLister) (nodeMap map[string]*api.Node, err error) { + nodeList, err := nodeLister.List(labels.Everything()) + if err != nil { + return + } + nodeMap = make(map[string]*api.Node) + for _, node := range nodeList { + nodeMap[node.Name] = node + } + return +} + +func GetIsFeatureEnabledFromEnv(logger *zap.SugaredLogger, featureName string, defaultValue bool) bool { + enableFeature := defaultValue + enableFeatureEnvVar, ok := os.LookupEnv(featureName) + if ok { + var err error + enableFeature, err = strconv.ParseBool(enableFeatureEnvVar) + if err != nil { + logger.With(zap.Error(err)).Errorf("failed to parse %s envvar, defaulting to %t", featureName, defaultValue) + return defaultValue + } + } + return enableFeature +} + +// getResourceTrackingSystemTagsFromConfig reads resource tracking tags from config +// which are specified under common tags +func getResourceTrackingSystemTagsFromConfig(logger *zap.SugaredLogger, initialTags *config.InitialTags) (resourceTrackingTags map[string]map[string]interface{}) { + resourceTrackingTags = make(map[string]map[string]interface{}) + // TODO: Fix the double negative + if !(util.IsCommonTagPresent(initialTags) && initialTags.Common.DefinedTags != nil) { + logger.Warn("oke resource tracking system tags are not present in cloud-config.yaml") + return nil + } + + if tag, exists := initialTags.Common.DefinedTags[OkeSystemTagNamesapce]; exists { + resourceTrackingTags[OkeSystemTagNamesapce] = tag + return + } + + logger.Warn("tag config doesn't consist resource tracking tags") + return nil +} diff --git a/pkg/cloudprovider/providers/oci/util_test.go b/pkg/cloudprovider/providers/oci/util_test.go index 2b6925d331..03e7fa7755 100644 --- a/pkg/cloudprovider/providers/oci/util_test.go +++ b/pkg/cloudprovider/providers/oci/util_test.go @@ -18,20 +18,20 @@ import ( "testing" ) -func TestMapProviderIDToResourceID(t *testing.T) { +func TestMapProviderIDToInstanceID(t *testing.T) { testCases := map[string]struct { providerID string instanceID string error bool }{ "no cloud prefix": { - providerID: "testid", - instanceID: "testid", + providerID: "ocid1.testid", + instanceID: "ocid1.testid", error: false, }, "cloud prefix": { - providerID: providerPrefix + "testid", - instanceID: "testid", + providerID: providerPrefix + "ocid1.testid", + instanceID: "ocid1.testid", error: false, }, "empty string": { diff --git a/pkg/cloudprovider/providers/oci/zones_test.go b/pkg/cloudprovider/providers/oci/zones_test.go index 4674fcba24..40bb31d853 100644 --- a/pkg/cloudprovider/providers/oci/zones_test.go +++ b/pkg/cloudprovider/providers/oci/zones_test.go @@ -51,7 +51,7 @@ func TestGetZoneByProviderID(t *testing.T) { }{ { name: "provider id without provider prefix", - in: "instance_zone_test", + in: "ocid1.instance_zone_test", out: cloudprovider.Zone{ FailureDomain: "PHX-AD-1", Region: "PHX", @@ -60,7 +60,7 @@ func TestGetZoneByProviderID(t *testing.T) { }, { name: "provider id with provider prefix", - in: providerPrefix + "instance_zone_test", + in: providerPrefix + "ocid1.instance_zone_test", out: cloudprovider.Zone{ FailureDomain: "PHX-AD-1", Region: "PHX", @@ -69,7 +69,7 @@ func TestGetZoneByProviderID(t *testing.T) { }, { name: "provider id with provider prefix and instance not in cache", - in: providerPrefix + "instance_zone_test_noncache", + in: providerPrefix + "ocid1.instance_zone_test_noncache", out: cloudprovider.Zone{ FailureDomain: "PHX-AD-1", Region: "PHX", diff --git a/pkg/csi-util/lustre_lnet_helper.go b/pkg/csi-util/lustre_lnet_helper.go new file mode 100644 index 0000000000..8691cc3bb2 --- /dev/null +++ b/pkg/csi-util/lustre_lnet_helper.go @@ -0,0 +1,345 @@ +package csi_util + +import ( + "fmt" + "net" + "os/exec" + "strings" + + "go.uber.org/zap" + "gopkg.in/yaml.v3" + + "github.com/oracle/oci-cloud-controller-manager/pkg/util/osinfo" +) + +const ( + CHROOT_BASH_COMMAND = "chroot-bash" + LOAD_LNET_KERNEL_MODULE_COMMAND = "modprobe lnet" + CONFIGURE_LNET_KERNEL_SERVICE_COMMAND = "lnetctl lnet configure" + SHOW_CONFIGURED_LNET = "lnetctl net show --net %s" + DELETE_LNET_INTERFACE = "lnetctl net del --net %s" + CONFIGURE_LNET_INTERFACE = "lnetctl net add --net %s --if %s --peer-timeout 180 --peer-credits 120 --credits 1024" + RPM_PACKAGE_QUERY = "rpm -q %s" + DPKG_PACKAGE_QEURY = "dpkg -s %s" +) + +type NetInfo struct { + Net []struct { + NetType string `yaml:"net type"` + LocalNI []struct { + NID string `yaml:"nid"` + Status string `yaml:"status"` + Interfaces map[int]string `yaml:"interfaces"` + } `yaml:"local NI(s)"` + } `yaml:"net"` +} + +type NetInterface struct { + InterfaceIPv4 string + InterfaceName string + LnetConfigured bool +} + +/* +ValidateLustreVolumeId takes lustreVolumeId as input and returns if its valid or not along with lnetLabel +Ex. volume handle : 10.112.10.6@tcp1:/fsname + volume handle : [:]:/ + */ +func ValidateLustreVolumeId(lusterVolumeId string) (bool, string) { + const minNumOfParamsFromVolumeHandle = 2 + const numOfParamsForMGSNID = 2 + + lnetLabel := "" + splits := strings.Split(lusterVolumeId, ":") + if len(splits) < minNumOfParamsFromVolumeHandle { + return false, lnetLabel + } + for i := 0; i < len(splits)-1; i++ { + //Ex. split[i] will be 10.112.10.6@tcp1 + parts := strings.Split(splits[i], "@") + + if len(parts) != numOfParamsForMGSNID { + return false, lnetLabel + } + ip := parts[0] + if net.ParseIP(ip) == nil { + return false, lnetLabel + } + lnetLabel = parts[1] + } + //last part in volume handle which is fsname should start with "/" + if !strings.HasPrefix(splits[len(splits)-1], "/") { + return false, lnetLabel + } + return true, lnetLabel +} + +func SetupLnet(logger *zap.SugaredLogger, lustreSubnetCIDR string, lnetLabel string) error { + + logger.With("LustreSubnetCidr", lustreSubnetCIDR).With("LnetLabel", lnetLabel).Info("Lnet setup started.") + + //Find net interfaces in lnet subnet on worker node + interfacesInLustreSubnet, err := getNetInterfacesInSubnet(lustreSubnetCIDR) + if err != nil { + return err + } + if len(interfacesInLustreSubnet) == 0 { + return fmt.Errorf("No VNIC identified on worker node to configure lnet.") + } + logger.Infof("Net interfaces are identified for lnet configuration: %v", interfacesInLustreSubnet) + + //Lustre client installation state is kept non breaking currently and we still go ahead and try loading kernel module and start lnet kernel service + //If any of these fail then we provide information to customer on missing packages. + missingLustrePackages, lustreClientPacakagesInstalled := isLustreClientPackagesInstalled(logger) + + //Load lnet kernel module + _, err = executeCommandOnWorkerNode(LOAD_LNET_KERNEL_MODULE_COMMAND) + if err != nil { + if !lustreClientPacakagesInstalled { + return fmt.Errorf("Failed to load lnet kernel module with error : %v. Please make sure that following lustre client packages are installed on worker nodes : %v", err, missingLustrePackages) + } + return fmt.Errorf("Failed to load lnet kernel module with error %v", err) + } + + //Configure lnet kernel service + _, err = executeCommandOnWorkerNode(CONFIGURE_LNET_KERNEL_SERVICE_COMMAND) + if err != nil { + if !lustreClientPacakagesInstalled { + return fmt.Errorf("Failed to configure lnet kernel service with error : %v. Please make sure that following lustre client packages are installed on worker nodes : %v",err, missingLustrePackages) + } + return fmt.Errorf("Failed to configure lnet kernel service with error : %v", err) + } + + //get existing lnet configuration + var netInfo NetInfo + netInfo, err = getLnetInfoByLnetLabel(lnetLabel) + if err != nil { + return err + } + + //Configure lnet if its not configured already for requried interfaces + err = configureLnet(logger, interfacesInLustreSubnet, lnetLabel, netInfo) + if err != nil { + return err + } + + //Verify lnet configuration + err = verifyLnetConfiguration(logger, interfacesInLustreSubnet, lnetLabel, netInfo, err) + if err != nil { + return err + } + + return nil +} + + +func getNetInterfacesInSubnet(subnetCIDR string) ([]NetInterface, error) { + _, subnet, err := net.ParseCIDR(subnetCIDR) + + if err != nil { + return nil, fmt.Errorf("Failed to parse subnetCIDR %v with error : %v",subnetCIDR, err) + } + var matchingInterfaces []NetInterface + + // Get all network interfaces + interfaces, err := net.Interfaces() + if err != nil { + return nil, fmt.Errorf("Failed to get net interfaces on host with error : %v", err) + } + + for _, intf := range interfaces { + // If some problem is there with interface, we will continue to check others + addrs, err := intf.Addrs() + if err != nil { + continue + } + + for _, addr := range addrs { + ip,_,_ := net.ParseCIDR(addr.String()) + // Check if the IP address falls within the specified subnet + if ip.To4() != nil && subnet.Contains(ip) { + matchingInterfaces = append(matchingInterfaces, NetInterface{ + InterfaceName: intf.Name, + InterfaceIPv4: ip.String(), + }) + } + } + } + + return matchingInterfaces, nil +} + +func getLnetInfoByLnetLabel(lnetLabel string) (NetInfo, error) { + var netInfo NetInfo + existingConfiguredLnetInfo, err := executeCommandOnWorkerNode(fmt.Sprintf(SHOW_CONFIGURED_LNET, lnetLabel)) + if err != nil { + return netInfo, fmt.Errorf("Failed to get existing configured lnet information with error : %v", err) + } + + err = yaml.Unmarshal([]byte(existingConfiguredLnetInfo), &netInfo) + if err != nil { + return netInfo, fmt.Errorf("Failed to parse lnet information with error : %v", err) + } + return netInfo, nil +} + +func configureLnet(logger *zap.SugaredLogger, interfacesInLustreSubnet []NetInterface, lnetLabel string, netInfo NetInfo) (error) { + logger.Infof("Existing lnet information : %v", netInfo) + + //Find Already active and stale interfaces + var staleLnetInterfaces []string + + for i, interfaceInLustreSubnet := range interfacesInLustreSubnet { + for _, net := range netInfo.Net { + for _, localNI := range net.LocalNI { + if existingInterfaceName, ok := localNI.Interfaces[0]; ok && localNI.Status == "up" && + existingInterfaceName == interfaceInLustreSubnet.InterfaceName { + + if localNI.NID == fmt.Sprintf("%s@%s", interfaceInLustreSubnet.InterfaceIPv4, lnetLabel) { + interfacesInLustreSubnet[i].LnetConfigured = true + } else { + //interface name matches but NIDS dont match, this needs to be deleted before new entry can be added with correct nid + staleLnetInterfaces = append(staleLnetInterfaces, existingInterfaceName) + } + + } else if existingInterfaceName, ok = localNI.Interfaces[0]; ok && localNI.Status == "down" { + //Lnet interface is down, can happen when VNIC is detached + staleLnetInterfaces = append(staleLnetInterfaces, existingInterfaceName) + } + } + } + } + + + if len(staleLnetInterfaces) > 0 { + logger.Infof("Deleting stale lnet interfaces identified : %v", staleLnetInterfaces) + + _, err := executeCommandOnWorkerNode(fmt.Sprintf(DELETE_LNET_INTERFACE, lnetLabel)) + if err != nil { + return fmt.Errorf("Failed to delete stale lnet interface %v", staleLnetInterfaces) + } + } + for _, interfaceInLustreSubnet := range interfacesInLustreSubnet { + //Lnet configuration is needed if its not already configured or we have deleted lnet in previous step because of stale interfaces. + if !interfaceInLustreSubnet.LnetConfigured || len(staleLnetInterfaces) > 0 { + _, err := executeCommandOnWorkerNode(fmt.Sprintf(CONFIGURE_LNET_INTERFACE, lnetLabel, interfaceInLustreSubnet.InterfaceName)) + if err != nil { + return fmt.Errorf("Lnet configuration failed for interface %s.", interfaceInLustreSubnet.InterfaceName) + } + } + } + return nil +} + +func verifyLnetConfiguration(logger *zap.SugaredLogger, interfacesInLustreSubnet []NetInterface, lnetLabel string, netInfo NetInfo, err error) error { + logger.Infof("Verifying lnet configuration.") + //Get already configured lnet interfaces + netInfo, err = getLnetInfoByLnetLabel(lnetLabel) + if err != nil { + return err + } + + logger.Infof("Lnet information post configuration : %v", netInfo) + + var idenfiedActiveInterface bool + for _, interfaceInLustreSubnet := range interfacesInLustreSubnet { + for _, net := range netInfo.Net { + for _, localNI := range net.LocalNI { + if interfaceName, ok := localNI.Interfaces[0]; ok && + interfaceName == interfaceInLustreSubnet.InterfaceName { + if localNI.Status == "up" { + idenfiedActiveInterface = true + } else { + logger.With(zap.Error(err)).Errorf("Lnet for nid %v , interface %v is in %v status.", localNI.NID, interfaceName, localNI.Status) + } + } + } + } + } + + //Verification step is kept non breaking currently and will provide information in case of issues during verification + //we will allow flow to continue, if lnet doesn't become active till mount then mount will fail and retry will happen + if idenfiedActiveInterface { + logger.Infof("Lnet configuration completed & Verified.") + } else { + logger.Error("No active lnet interface is identified.") + } + return nil +} + +func isLustreClientPackagesInstalled(logger *zap.SugaredLogger) ([]string, bool) { + + lustrePackages := []string{ "lustre-client-modules-dkms", "lustre-client-utils"} + + var missingLustrePackages []string + + for _, pkgName := range lustrePackages { + if !checkPackageInstalled(pkgName) { + missingLustrePackages = append(missingLustrePackages, pkgName) + } + } + if len(missingLustrePackages) > 0 { + logger.Error("Following lustre packages are not installed on worker ndoes : %v", missingLustrePackages) + return missingLustrePackages, false + } + return nil, true +} + +func checkPackageInstalled(pkgName string) bool { + var err error + var result string + + if osinfo.IsDebianOrUbuntu() { + result, err = executeCommandOnWorkerNode(fmt.Sprintf(DPKG_PACKAGE_QEURY, pkgName)) + if err == nil && !strings.Contains(result,"Status: install ok installed") { + return false + } + } else { + _, err = executeCommandOnWorkerNode(fmt.Sprintf(RPM_PACKAGE_QUERY, pkgName)) + } + // When packages are not found command fails with non zero exit code and err will not be nil. + return err == nil +} + +/* +IsLnetActive takes lnetLabel (ex. tcp0, tcp1) as input and tries to check if at leaset one lnet interface is active to consider lnet as active. +It returns true when active lnet interface is identified else returns false singling down lnet. + */ +func IsLnetActive(logger *zap.SugaredLogger, lnetLabel string) bool { + logger.Debugf("Trying to check status of lnet") + //Get already configured lnet interfaces + netInfo, err := getLnetInfoByLnetLabel(lnetLabel) + if err != nil { + logger.With(zap.Error(err)).Errorf("Failed to get lnet info for lnet : %v", lnetLabel) + return false + } + + logger.Infof("Identified lnet information : %v", netInfo) + + var idenfiedActiveInterface bool + for _, net := range netInfo.Net { + for _, localNI := range net.LocalNI { + if localNI.Status == "up" { + idenfiedActiveInterface = true + } else { + logger.With(zap.Error(err)).Errorf("Lnet for nid %v is in %v status.", localNI.NID, localNI.Status) + } + } + } + if !idenfiedActiveInterface { + logger.Error("No active lnet interface is identified.") + } + + return idenfiedActiveInterface +} + +func executeCommandOnWorkerNode(args ...string) (string, error) { + command := exec.Command(CHROOT_BASH_COMMAND, args...) + + output, err := command.CombinedOutput() + + if err != nil { + return string(output), fmt.Errorf("Command failed: %v\nOutput: %v\n", args, string(output)) + } + return string(output), nil +} diff --git a/pkg/csi-util/lustre_lnet_helper_test.go b/pkg/csi-util/lustre_lnet_helper_test.go new file mode 100644 index 0000000000..be160ae576 --- /dev/null +++ b/pkg/csi-util/lustre_lnet_helper_test.go @@ -0,0 +1,36 @@ +package csi_util + +import "testing" + +func TestValidateLustreVolumeId(t *testing.T) { + tests := []struct { + input string + expectedValidationResult bool + expectedLnetLable string + }{ + // Valid cases + {"192.168.227.11@tcp1:192.168.227.12@tcp1:/demo", true, "tcp1"}, + {"192.168.227.11@tcp1:/demo", true,"tcp1"}, + // Invalid cases + {"192.168.227.11@tcp1:192.168.227.12@tcp1", false,"tcp1"}, // No fsname provided + {"192.168.227.11@tcp1:192.168.227.12@tcp1:demo", false,"tcp1"}, // fsname not starting with "/" + {"invalidip@tcp1:192.168.227.12@tcp1:/demo", false,""}, // Invalid IP address + {"192.168.227.11@tcp1:invalidip@tcp1:/demo", false,"tcp1"}, // Invalid IP address + {"192.168.227.11@:192.168.227.12@:tcp1/demo", false, ""}, // No Lnet label provided + {"192.168.227.11@tcp1:192.168.227.12:/demo", false, "tcp1"}, // No Lnet label provided in 2nd MGS NID + // Empty input + {"", false,""}, + + // Single IP + {"192.168.227.11", false,""}, // Missing ":" in the input + } + + for _, test := range tests { + t.Run(test.input, func(t *testing.T) { + validationResult, lnetLabel := ValidateLustreVolumeId(test.input) + if validationResult != test.expectedValidationResult || lnetLabel != test.expectedLnetLable { + t.Errorf("For input '%s', expected validationResult : %v & lnetLable : %v but got validationResult : %v & lnetLable : %v", test.input, test.expectedValidationResult, test.expectedLnetLable, validationResult, lnetLabel) + } + }) + } +} diff --git a/pkg/csi-util/utils.go b/pkg/csi-util/utils.go index f4290b1c17..32f13b4d2b 100644 --- a/pkg/csi-util/utils.go +++ b/pkg/csi-util/utils.go @@ -20,12 +20,15 @@ import ( "net" "os" "os/exec" + "path/filepath" + "regexp" "strconv" "strings" "sync" "time" "github.com/container-storage-interface/spec/lib/go/csi" + "github.com/oracle/oci-go-sdk/v65/core" "go.uber.org/zap" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" @@ -67,9 +70,18 @@ const ( InTransitEncryptionPackageName = "oci-fss-utils" FIPS_ENABLED_FILE_PATH = "/host/proc/sys/crypto/fips_enabled" - FINDMNT_COMMAND = "findmnt" CAT_COMMAND = "cat" RPM_COMMAND = "rpm-host" + LabelIpFamilyPreferred = "oci.oraclecloud.com/ip-family-preferred" + LabelIpFamilyIpv4 = "oci.oraclecloud.com/ip-family-ipv4" + LabelIpFamilyIpv6 = "oci.oraclecloud.com/ip-family-ipv6" + IscsiIpv6Prefix = "fd00:00c1::" + + Ipv6Stack = "IPv6" + Ipv4Stack = "IPv4" + + // For Raw Block Volumes, the name of the bind-mounted file inside StagingTargetPath + RawBlockStagingFile = "mountfile" ) // Util interface @@ -79,7 +91,7 @@ type Util struct { var ( DiskByPathPatternPV = `/dev/disk/by-path/pci-\w{4}:\w{2}:\w{2}\.\d+-scsi-\d+:\d+:\d+:\d+$` - DiskByPathPatternISCSI = `/dev/disk/by-path/ip-[\w\.]+:\d+-iscsi-[\w\.\-:]+-lun-\d+$` + DiskByPathPatternISCSI = `/dev/disk/by-path/ip-[[?\w\.\:]+]?:\d+-iscsi-[\w\.\-:]+-lun-\d+$` ) type FSSVolumeHandler struct { @@ -88,6 +100,12 @@ type FSSVolumeHandler struct { FsExportPath string } +type NodeIpFamily struct { + PreferredNodeIpFamily string + Ipv4Enabled bool + Ipv6Enabled bool +} + func (u *Util) LookupNodeID(k kubernetes.Interface, nodeName string) (string, error) { n, err := k.CoreV1().Nodes().Get(context.Background(), nodeName, metav1.GetOptions{}) if err != nil { @@ -154,18 +172,14 @@ func (u *Util) GetAvailableDomainInNodeLabel(fullAD string) string { return "" } -func GetDevicePath(sd *disk.Disk) string { - return fmt.Sprintf("/dev/disk/by-path/ip-%s:%d-iscsi-%s-lun-1", sd.IPv4, sd.Port, sd.IQN) -} - func ExtractISCSIInformation(attributes map[string]string) (*disk.Disk, error) { iqn, ok := attributes[disk.ISCSIIQN] if !ok { return nil, fmt.Errorf("unable to get the IQN from the attribute list") } - ipv4, ok := attributes[disk.ISCSIIP] + iSCSIIp, ok := attributes[disk.ISCSIIP] if !ok { - return nil, fmt.Errorf("unable to get the ipv4 from the attribute list") + return nil, fmt.Errorf("unable to get the iSCSIIp from the attribute list") } port, ok := attributes[disk.ISCSIPORT] if !ok { @@ -178,9 +192,9 @@ func ExtractISCSIInformation(attributes map[string]string) (*disk.Disk, error) { } return &disk.Disk{ - IQN: iqn, - IPv4: ipv4, - Port: nPort, + IQN: iqn, + IscsiIp: iSCSIIp, + Port: nPort, }, nil } @@ -212,11 +226,11 @@ func ExtractISCSIInformationFromMountPath(logger *zap.SugaredLogger, diskPath [] return nil, err } - logger.With("IQN", m[3], "IPv4", m[1], "Port", port).Info("Found ISCSIInfo for the mount path: ", diskPath) + logger.With("IQN", m[3], "IscsiIP", m[1], "Port", port).Info("Found ISCSIInfo for the mount path: ", diskPath) return &disk.Disk{ - IQN: m[3], - IPv4: m[1], - Port: port, + IQN: m[3], + IscsiIp: m[1], + Port: port, }, nil } @@ -244,6 +258,37 @@ func GetKubeClient(logger *zap.SugaredLogger, master, kubeconfig string) *kubern return kubeClientSet } +// Get the staging target filepath inside the given stagingTargetPath, to be used for raw block volume support +func GetPathForBlock(volumePath string) string { + pathForBlock := filepath.Join(volumePath, RawBlockStagingFile) + return pathForBlock +} + +// Creates a file on the specified path after creating the containing directory +func CreateFilePath(logger *zap.SugaredLogger, path string) error { + pathDir := filepath.Dir(path) + + err := os.MkdirAll(pathDir, 0750) + if err != nil { + logger.With(zap.Error(err)).Fatal("failed to create surrounding directory") + return err + } + + file, fileErr := os.OpenFile(path, os.O_CREATE, 0640) + if fileErr != nil && !os.IsExist(fileErr) { + logger.With(zap.Error(err)).Fatal("failed to create/open the target file") + return fileErr + } + + fileErr = file.Close() + if fileErr != nil { + logger.With(zap.Error(err)).Fatal("failed to close the target file") + return fileErr + } + + return nil +} + func MaxOfInt(a, b int64) int64 { if a > b { return a @@ -406,18 +451,6 @@ func IsInTransitEncryptionPackageInstalled() (bool, error) { return false, nil } -func FindMount(target string) ([]string, error) { - mountArgs := []string{"-n", "-o", "SOURCE", "-T", target} - command := exec.Command(FINDMNT_COMMAND, mountArgs...) - output, err := command.CombinedOutput() - if err != nil { - return nil, fmt.Errorf("findmnt failed: %v\narguments: %s\nOutput: %v\n", err, mountArgs, string(output)) - } - - sources := strings.Fields(string(output)) - return sources, nil -} - func GetBlockSizeBytes(logger *zap.SugaredLogger, devicePath string) (int64, error) { args := []string{"--getsize64", devicePath} cmd := exec.Command("blockdev", args...) @@ -434,21 +467,28 @@ func GetBlockSizeBytes(logger *zap.SugaredLogger, devicePath string) (int64, err return gotSizeBytes, nil } +func ValidateDNSName(name string) bool { + pattern := `^([a-zA-Z0-9]+(-[a-zA-Z0-9]+)*\.)+[a-zA-Z]{2,}$` + match, _ := regexp.MatchString(pattern, name) + return match +} + func ValidateFssId(id string) *FSSVolumeHandler { volumeHandler := &FSSVolumeHandler{"", "", ""} if id == "" { return volumeHandler } - volumeHandlerSlice := strings.Split(id, ":") - const numOfParamsFromVolumeHandle = 3 - if len(volumeHandlerSlice) == numOfParamsFromVolumeHandle { - if net.ParseIP(volumeHandlerSlice[1]) != nil { - volumeHandler.FilesystemOcid = volumeHandlerSlice[0] - volumeHandler.MountTargetIPAddress = volumeHandlerSlice[1] - volumeHandler.FsExportPath = volumeHandlerSlice[2] + //As ipv6 mount target address contains colons we need to find index of first and last colon to get the three parts + firstColon := strings.Index(id, ":") + lastColon := strings.LastIndex(id, ":") + if firstColon > 0 && lastColon < len(id)-1 && firstColon != lastColon { + //To handle ipv6 ex.[fd00:00c1::a9fe:202] trim brackets to get fd00:00c1::a9fe:202 which is parsable + if net.ParseIP(strings.Trim(id[firstColon+1:lastColon], "[]")) != nil || ValidateDNSName(id[firstColon+1:lastColon]) { + volumeHandler.FilesystemOcid = id[:firstColon] + volumeHandler.MountTargetIPAddress = id[firstColon+1 : lastColon] + volumeHandler.FsExportPath = id[lastColon+1:] return volumeHandler } - return volumeHandler } return volumeHandler } @@ -466,3 +506,88 @@ func GetIsFeatureEnabledFromEnv(logger *zap.SugaredLogger, featureName string, d } return enableFeature } + +func GetNodeIpFamily(k kubernetes.Interface, nodeID string, logger *zap.SugaredLogger) (*NodeIpFamily, error) { + n, err := k.CoreV1().Nodes().Get(context.Background(), nodeID, metav1.GetOptions{}) + + if err != nil { + logger.With(zap.Error(err)).With("nodeId", nodeID).Error("Failed to get Node information from kube api server, Please check if kube api server is accessible.") + return nil, fmt.Errorf("Failed to get node information from kube api server, please check if kube api server is accessible.") + } + + nodeIpFamily := &NodeIpFamily{} + + if n.Labels != nil { + if preferredIpFamily, ok := n.Labels[LabelIpFamilyPreferred]; ok { + nodeIpFamily.PreferredNodeIpFamily = FormatValidIpStackInK8SConvention(preferredIpFamily) + } + if ipv4Enabled, ok := n.Labels[LabelIpFamilyIpv4]; ok && strings.EqualFold(ipv4Enabled, "true") { + nodeIpFamily.Ipv4Enabled = true + } + if ipv6Enabled, ok := n.Labels[LabelIpFamilyIpv6]; ok && strings.EqualFold(ipv6Enabled, "true") { + nodeIpFamily.Ipv6Enabled = true + } + } + if !nodeIpFamily.Ipv4Enabled && !nodeIpFamily.Ipv6Enabled { + nodeIpFamily.PreferredNodeIpFamily = Ipv4Stack + nodeIpFamily.Ipv4Enabled = true + logger.With("nodeId", nodeID, "nodeIpFamily", *nodeIpFamily).Info("No IP family labels identified on node, defaulting to ipv4.") + } else { + logger.With("nodeId", nodeID, "nodeIpFamily", *nodeIpFamily).Info("Node IP family identified.") + } + + return nodeIpFamily, nil +} +func ConvertIscsiIpFromIpv4ToIpv6(ipv4IscsiIp string) (string, error) { + ipv4IscsiIP := net.ParseIP(ipv4IscsiIp).To4() + if ipv4IscsiIP == nil { + return "", fmt.Errorf("invalid iSCSIIp identified %s", ipv4IscsiIp) + } + ipv6IscsiIp := net.ParseIP(IscsiIpv6Prefix) + ipv6IscsiIpBytes := ipv6IscsiIp.To16() + copy(ipv6IscsiIpBytes[12:], ipv4IscsiIP.To4()) + return ipv6IscsiIpBytes.String(), nil +} + +func FormatValidIp(ipAddress string) string { + if net.ParseIP(ipAddress).To4() != nil { + return ipAddress + } else if net.ParseIP(ipAddress).To16() != nil { + return fmt.Sprintf("[%s]", strings.Trim(ipAddress, "[]")) + } + return ipAddress +} + +func FormatValidIpStackInK8SConvention(ipStack string) string { + if strings.EqualFold(ipStack, Ipv4Stack) { + return Ipv4Stack + } else if strings.EqualFold(ipStack, Ipv6Stack) { + return Ipv6Stack + } + return ipStack +} + +func IsIpv4(ipAddress string) bool { + return net.ParseIP(ipAddress).To4() != nil +} + +func IsIpv6(ipAddress string) bool { + return net.ParseIP(ipAddress).To4() == nil && net.ParseIP(strings.Trim(ipAddress, "[]")).To16() != nil +} + +func IsIpv4SingleStackSubnet(subnet *core.Subnet) bool { + return !IsDualStackSubnet(subnet) && subnet.CidrBlock != nil && len(*subnet.CidrBlock) > 0 && !strings.Contains(*subnet.CidrBlock, "null") +} + +func IsIpv6SingleStackSubnet(subnet *core.Subnet) bool { + return !IsDualStackSubnet(subnet) && !IsIpv4SingleStackSubnet(subnet) +} + +func IsDualStackSubnet(subnet *core.Subnet) bool { + return subnet.CidrBlock != nil && len(*subnet.CidrBlock) > 0 && !strings.Contains(*subnet.CidrBlock, "null") && + ((subnet.Ipv6CidrBlock != nil && len(*subnet.Ipv6CidrBlock) > 0) || len(subnet.Ipv6CidrBlocks) > 0) +} + +func IsValidIpFamilyPresentInClusterIpFamily(clusterIpFamily string) bool { + return len(clusterIpFamily) > 0 && (strings.Contains(clusterIpFamily, Ipv4Stack) || strings.Contains(clusterIpFamily, Ipv6Stack)) +} diff --git a/pkg/csi-util/utils_test.go b/pkg/csi-util/utils_test.go index 4184effbb8..54a039afe0 100644 --- a/pkg/csi-util/utils_test.go +++ b/pkg/csi-util/utils_test.go @@ -15,9 +15,15 @@ package csi_util import ( + "fmt" + "regexp" + "strings" "testing" + "github.com/oracle/oci-cloud-controller-manager/pkg/util" + "github.com/oracle/oci-go-sdk/v65/core" "go.uber.org/zap" + "k8s.io/utils/pointer" ) func TestUtil_getAvailableDomainInNodeLabel(t *testing.T) { @@ -121,3 +127,619 @@ func Test_validateFsType(t *testing.T) { }) } } + +func Test_ValidateFssId(t *testing.T) { + tests := []struct { + name string + volumeHandle string + wantFssVolumeHandler *FSSVolumeHandler + }{ + { + name: "Filesystem exposed Ipv4 Mount Target", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:10.0.2.44:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{ + FilesystemOcid: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa", + MountTargetIPAddress: "10.0.2.44", + FsExportPath: "/FileSystem-Test", + }, + }, + { + name: "Filesystem exposed by Mount Target having dns", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:myhostname.subnet123.dnslabel.oraclevcn.com:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{ + FilesystemOcid: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa", + MountTargetIPAddress: "myhostname.subnet123.dnslabel.oraclevcn.com", + FsExportPath: "/FileSystem-Test", + }, + }, + { + name: "Invalid Ipv4 provided in volume handle", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:10.0.2:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Filesystem ocid not provided", + volumeHandle: "10.0.2:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Mount target Ip Address not provided", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:10.0.2", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Empty volume handle provided", + volumeHandle: "", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Filesystem exposed over Ipv6 Mount Target", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:[fd00:c1::a9fe:504]:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{ + FilesystemOcid: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa", + MountTargetIPAddress: "[fd00:c1::a9fe:504]", + FsExportPath: "/FileSystem-Test", + }, + }, + { + name: "Filesystem exposed over Ipv6 Mount Target", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:fd00:c1::a9fe:504:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{ + FilesystemOcid: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa", + MountTargetIPAddress: "fd00:c1::a9fe:504", + FsExportPath: "/FileSystem-Test", + }, + }, + { + name: "Invalid volumeHandle ::", + volumeHandle: "::", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Invalid input", + volumeHandle: ":", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Just export provided", + volumeHandle: ":/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Export not provided", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:fd00:c1::a9fe:504:", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + { + name: "Invalid dns name provided in volume handle", + volumeHandle: "ocid1.filesystem.oc1.phx.aaaaaaaaaahjpdudobuhqllqojxwiotqnb4c2ylefuzaaaaa:Invalid Dns:/FileSystem-Test", + wantFssVolumeHandler: &FSSVolumeHandler{}, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotFssVolumeHandler := ValidateFssId(tt.volumeHandle) + if gotFssVolumeHandler.MountTargetIPAddress != tt.wantFssVolumeHandler.MountTargetIPAddress || + gotFssVolumeHandler.FsExportPath != tt.wantFssVolumeHandler.FsExportPath || + gotFssVolumeHandler.FilesystemOcid != tt.wantFssVolumeHandler.FilesystemOcid { + t.Errorf("ValidateFssId() = %v, want %v", gotFssVolumeHandler, tt.wantFssVolumeHandler) + } + }) + } +} + +func Test_ConvertIscsiIpFromIpv4ToIpv6(t *testing.T) { + + tests := []struct { + name string + ipv4IscsiIp string + want string + err error + }{ + { + name: "Return Icsci Ipv6 from valid Iscsi Ipv4", + ipv4IscsiIp: "169.254.2.2", + want: "fd00:c1::a9fe:202", + }, + { + name: "Return Icsci Ipv6 from valid Iscsi Ipv4", + ipv4IscsiIp: "169.254.5.4", + want: "fd00:c1::a9fe:504", + }, + { + name: "Invalid Iscsi Ipv4 should error", + ipv4IscsiIp: "169.254.2", + want: "", + err: fmt.Errorf("invalid iSCSIIp identified %s", "169.254.2"), + }, + { + name: "Invalid Iscsi Ipv4 should error", + ipv4IscsiIp: "", + want: "", + err: fmt.Errorf("invalid iSCSIIp identified %s", ""), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := ConvertIscsiIpFromIpv4ToIpv6(tt.ipv4IscsiIp) + if got != tt.want { + t.Errorf("ConvertIscsiIpFromIpv4ToIpv6() = %v, want %v", got, tt.want) + } + + if err != nil && !strings.EqualFold(err.Error(), tt.err.Error()) { + t.Errorf("ConvertIscsiIpFromIpv4ToIpv6() = %v, want %v", err.Error(), tt.err.Error()) + } + }) + } +} + +func Test_DiskByPathPatternForIscsi(t *testing.T) { + + tests := []struct { + name string + diskByPathValue string + want bool + err error + }{ + { + name: "DiskByPathPatternForIscsi is Able to match ipv6 disk path", + diskByPathValue: "/dev/disk/by-path/ip-fd00:00c1::a9fe:202:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2", + want: true, + }, + { + name: "DiskByPathPatternForIscsi is Able to match ipv4 disk path", + diskByPathValue: "/dev/disk/by-path/ip-169.254.2.2:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2", + want: true, + }, + { + name: "DiskByPathPatternForIscsi does to match invalid ipv6 disk path", + diskByPathValue: "/dev/disk/by-path/ip-@3#:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2", + want: false, + }, + { + name: "DiskByPathPatternForIscsi does to match invalid ipv4 disk path", + diskByPathValue: "/dev/disk/by-path/ip-16@9.25#4.2.2:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2", + want: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, _ := regexp.MatchString(DiskByPathPatternISCSI, tt.diskByPathValue) + if got != tt.want { + t.Errorf("DiskByPathPatternForIscsi() = %v, want %v", got, tt.want) + } + + }) + } +} + +func Test_DiskByPathPatternForPV(t *testing.T) { + + tests := []struct { + name string + diskByPathValue string + want bool + err error + }{ + { + name: "DiskByPathPatternForPV is Able to valid pv disk path", + diskByPathValue: "/dev/disk/by-path/pci-0000:00:04.0-scsi-0:0:0:4", + want: true, + }, + { + name: "DiskByPathPatternForPV does to match invalid pv disk path", + diskByPathValue: "/dev/disk/by-path/pci-00@#0:00:04.0-scsi-0:0:4", + want: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, _ := regexp.MatchString(DiskByPathPatternPV, tt.diskByPathValue) + if got != tt.want { + t.Errorf("DiskByPathPatternPV() = %v, want %v", got, tt.want) + } + + }) + } +} + +func Test_GetNodeIpFamily(t *testing.T) { + + tests := []struct { + name string + nodeName string + want *NodeIpFamily + err error + }{ + { + name: "should return ipv6 for ipv6 preferred node", + nodeName: "ipv6Preferred", + want: &NodeIpFamily{ + PreferredNodeIpFamily: Ipv6Stack, + Ipv4Enabled: true, + Ipv6Enabled: true, + }, + }, + { + name: "should return ipv4 for ipv4 preferred node", + nodeName: "ipv4Preferred", + want: &NodeIpFamily{ + PreferredNodeIpFamily: Ipv4Stack, + Ipv4Enabled: true, + Ipv6Enabled: true, + }, + }, + { + name: "should return default IPv4 family for no ip preference", + nodeName: "noIpPreference", + want: &NodeIpFamily{ + PreferredNodeIpFamily: Ipv4Stack, + Ipv4Enabled: true, + Ipv6Enabled: false, + }, + }, + { + name: "should return error for invalid node", + nodeName: "InvalidNode", + want: nil, + err: fmt.Errorf("Failed to get node information from kube api server, please check if kube api server is accessible."), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := GetNodeIpFamily(&util.MockKubeClient{ + CoreClient: &util.MockCoreClient{}, + }, tt.nodeName, zap.S()) + if (tt.want != got) && (tt.want.PreferredNodeIpFamily != got.PreferredNodeIpFamily || + tt.want.Ipv6Enabled != got.Ipv6Enabled || tt.want.Ipv4Enabled != got.Ipv4Enabled) { + t.Errorf("GetNodeIpFamily() = %v, want %v", got, tt.want) + } + if err != nil && !strings.EqualFold(tt.err.Error(), err.Error()) { + t.Errorf("GetNodeIpFamily() = %v, want %v", err, tt.err) + } + + }) + } + +} + +func Test_ExtractISCSIInformationFromMountPath(t *testing.T) { + + tests := []struct { + name string + diskPath []string + target string + iqn string + err error + }{ + { + name: "Valid Ipv6 Disk By Path returns valid Iscsi Target", + diskPath: []string{"/dev/disk/by-path/ip-fd00:00c1::a9fe:202:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2"}, + target: "[fd00:00c1::a9fe:202]:3260", + iqn: "iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca", + }, + { + name: "Invalid Ipv6 Disk By Path returns error", + diskPath: []string{"/dev/disk/by-path/ip-fd$%00:00c1::a9fe:202:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2"}, + err: fmt.Errorf("iSCSI information not found for mount point"), + }, + { + name: "Valid Ipv4 Disk By Path returns valid Iscsi Target", + diskPath: []string{"/dev/disk/by-path/ip-169.254.2.2:3260-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2"}, + target: "169.254.2.2:3260", + iqn: "iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca", + }, + { + name: "Invalid Ipv4 Disk By Path returns error", + diskPath: []string{"/dev/disk/by-path/ip-16#$9.254.2.2:326@#0-iscsi-iqn.2015-12.com.oracleiaas:63a2e76c-5353-4a75-82d0-ee31a39471ca-lun-2"}, + err: fmt.Errorf("iSCSI information not found for mount point"), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + disk, err := ExtractISCSIInformationFromMountPath(zap.S(), tt.diskPath) + + if err != nil && !strings.EqualFold(tt.err.Error(), err.Error()) { + t.Errorf("ExtractISCSIInformationFromMountPath() = %v, want %v", err, tt.err) + } + if err == nil { + if disk.Target() != tt.target { + t.Errorf("ExtractISCSIInformationFromMountPath() Target = %v, want %v", disk.Target(), tt.target) + } + if disk.IQN != tt.iqn { + t.Errorf("ExtractISCSIInformationFromMountPath() IQN = %v, want %v", disk.Target(), tt.target) + } + } + + }) + } +} + +func Test_Ip_Util_Methods(t *testing.T) { + + tests := []struct { + name string + ipAddress string + formattedIpAddress string + isIpv4 bool + isIpv6 bool + }{ + { + name: "Valid ipv4", + ipAddress: "10.0.0.10", + formattedIpAddress: "10.0.0.10", + isIpv4: true, + isIpv6: false, + }, + { + name: "Valid ipv6", + ipAddress: "fd00:00c1::a9fe:202", + formattedIpAddress: "[fd00:00c1::a9fe:202]", + isIpv4: false, + isIpv6: true, + }, + { + name: "Valid formatted ipv6", + ipAddress: "[fd00:00c1::a9fe:202]", + formattedIpAddress: "[fd00:00c1::a9fe:202]", + isIpv4: false, + isIpv6: true, + }, + { + name: "Invalid ipv4", + ipAddress: "10.0.0.", + formattedIpAddress: "10.0.0.", + isIpv4: false, + isIpv6: false, + }, + { + name: "Invalid ipv6", + ipAddress: "zxf0:00c1::a9fe", + formattedIpAddress: "zxf0:00c1::a9fe", + isIpv4: false, + isIpv6: false, + }, + { + name: "dns name", + ipAddress: "mtwithdns.subc7a90bc13.cluster1.oraclevcn.com", + formattedIpAddress: "mtwithdns.subc7a90bc13.cluster1.oraclevcn.com", + isIpv4: false, + isIpv6: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + + got := IsIpv4(tt.ipAddress) + if tt.isIpv4 != got { + t.Errorf("IsIpv4() = %v, want %v", got, tt.isIpv4) + } + + got = IsIpv6(tt.ipAddress) + if tt.isIpv6 != got { + t.Errorf("IsIpv6() = %v, want %v", got, tt.isIpv6) + } + + gotStr := FormatValidIp(tt.ipAddress) + if tt.formattedIpAddress != gotStr { + t.Errorf("FormatValidIp() = %v, want %v", gotStr, tt.isIpv6) + } + }) + } + +} + +func Test_FormatValidIpStackInK8SConvention(t *testing.T) { + + tests := []struct { + name string + ipStack string + want string + }{ + { + name: "ipv4 stack name in non k8s convention i.e IPv4 ", + ipStack: "ipv4", + want: "IPv4", + }, + { + name: "ipv6 stack name in non k8s convention i.e IPv6 ", + ipStack: "ipv6", + want: "IPv6", + }, + { + name: "invalid ip stack ", + ipStack: "invalid", + want: "invalid", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got := FormatValidIpStackInK8SConvention(tt.ipStack) + if got != tt.want { + t.Errorf("FormatValidIpStackInK8SConvention() = %v, want %v", got, tt.want) + } + }) + } +} + +func Test_IsValidIpFamilyPresentInClusterIpFamily(t *testing.T) { + + tests := []struct { + name string + clusterIpFamily string + isValid bool + }{ + { + name: "Single stack ipv4 clusters", + clusterIpFamily: "IPv4", + isValid: true, + }, + { + name: "Single stack ipv6 clusters", + clusterIpFamily: "IPv6", + isValid: true, + }, + { + name: "Dual stack IPv6 preferred cluster", + clusterIpFamily: "IPv6,IPv4", + isValid: true, + }, + { + name: "Dual stack IPv4 preferred cluster", + clusterIpFamily: "IPv4,IPv6", + isValid: true, + }, + { + name: "Invalid Ip Family", + clusterIpFamily: "Invalid", + isValid: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got := IsValidIpFamilyPresentInClusterIpFamily(tt.clusterIpFamily) + if got != tt.isValid { + t.Errorf("IsValidIpFamilyPresentInClusterIpFamily() = %v, want %v", got, tt.isValid) + } + }) + } +} + +func Test_SubnetStack(t *testing.T) { + tests := []struct { + name string + subnet *core.Subnet + isIpv4SingleStackSubnet bool + isIpv6SingleStackSubnet bool + IsDualStackSubnet bool + }{ + { + name: "IPv4 Single stack subnet", + subnet: &core.Subnet{ + CidrBlock: pointer.String("10.0.0.1/24"), + }, + isIpv4SingleStackSubnet: true, + isIpv6SingleStackSubnet: false, + IsDualStackSubnet: false, + }, + { + name: "IPv6 Single stack subnet", + subnet: &core.Subnet{ + CidrBlock: pointer.String(""), + Ipv6CidrBlock: pointer.String("2603:c020:e:897e::/64"), + Ipv6CidrBlocks: []string{"2603:c020:e:897e::/64"}, + }, + isIpv4SingleStackSubnet: false, + isIpv6SingleStackSubnet: true, + IsDualStackSubnet: false, + }, + { + name: "IPv6 Single stack subnet with CidrBlock nil", + subnet: &core.Subnet{ + CidrBlock: nil, + Ipv6CidrBlock: pointer.String("2603:c020:e:897e::/64"), + Ipv6CidrBlocks: []string{"2603:c020:e:897e::/64"}, + }, + isIpv4SingleStackSubnet: false, + isIpv6SingleStackSubnet: true, + IsDualStackSubnet: false, + }, + { + name: "IPv6 Single stack subnet with ULA local address cidr", + subnet: &core.Subnet{ + CidrBlock: pointer.String(""), + Ipv6CidrBlocks: []string{"fc00:0000:0000:0000:0000:0000:0000:0000/64"}, + }, + isIpv4SingleStackSubnet: false, + isIpv6SingleStackSubnet: true, + IsDualStackSubnet: false, + }, + { + name: "Dual stack subnet", + subnet: &core.Subnet{ + CidrBlock: pointer.String("10.0.2.0/24"), + Ipv6CidrBlock: pointer.String("2603:c020:e:897e::/64"), + Ipv6CidrBlocks: []string{"2603:c020:e:897e::/64"}, + }, + isIpv4SingleStackSubnet: false, + isIpv6SingleStackSubnet: false, + IsDualStackSubnet: true, + }, + { + name: "Dual stack subnet with ULA local address cidr", + subnet: &core.Subnet{ + CidrBlock: pointer.String("10.0.2.0/24"), + Ipv6CidrBlocks: []string{"fc00:0000:0000:0000:0000:0000:0000:0000/64"}, + }, + isIpv4SingleStackSubnet: false, + isIpv6SingleStackSubnet: false, + IsDualStackSubnet: true, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + + got := IsIpv4SingleStackSubnet(tt.subnet) + if tt.isIpv4SingleStackSubnet != got { + t.Errorf("IsIpv4SingleStackSubnet() = %v, want %v", got, tt.isIpv4SingleStackSubnet) + } + + got = IsIpv6SingleStackSubnet(tt.subnet) + if tt.isIpv6SingleStackSubnet != got { + t.Errorf("IsIpv6SingleStackSubnet() = %v, want %v", got, tt.isIpv6SingleStackSubnet) + } + + gotStr := IsDualStackSubnet(tt.subnet) + if tt.IsDualStackSubnet != gotStr { + t.Errorf("IsDualStackSubnet() = %v, want %v", gotStr, tt.IsDualStackSubnet) + } + }) + } +} + +func Test_ValidateDNSName(t *testing.T) { + tests := []struct { + name string + dnsName string + expectedResult bool + }{ + { + name: "Valid DNS Name", + dnsName: "myhostname.subnet123.dnslabel.oraclevcn.com", + expectedResult: true, + }, + { + name: "Valid DNS Name", + dnsName: "mymounttarget.dev", + expectedResult: true, + }, + { + name: "Valid DNS Name", + dnsName: "all.chars-123ns.org", + expectedResult: true, + }, + { + name: "Invalid dns", + dnsName: "-myhostname.com", + expectedResult: false, + }, + { + name: "Invalid dns", + dnsName: "InvalidDns", + expectedResult: false, + }, + { + name: "Invalid dns", + dnsName: "10.10.0.0", + expectedResult: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + validationResult := ValidateDNSName(tt.dnsName) + if validationResult != tt.expectedResult { + t.Errorf("ValidateDNSName() = %v, want %v", validationResult, tt.expectedResult) + } + }) + } +} diff --git a/pkg/csi/driver/bv_controller.go b/pkg/csi/driver/bv_controller.go index 45e228f169..9d8d4a3b9f 100644 --- a/pkg/csi/driver/bv_controller.go +++ b/pkg/csi/driver/bv_controller.go @@ -244,7 +244,6 @@ func (d *BlockVolumeControllerDriver) CreateVolume(ctx context.Context, req *csi availableDomainShortName := "" volumeName := req.Name - dimensionsMap := make(map[string]string) volumeParams, err := extractVolumeParameters(log, req.GetParameters()) @@ -256,6 +255,14 @@ func (d *BlockVolumeControllerDriver) CreateVolume(ctx context.Context, req *csi return nil, status.Errorf(codes.InvalidArgument, "failed to parse storageclass parameters %v", err) } + // Return error for the case of Raw Block Volume with Ultra High Performance Volumes + for _, cap := range req.VolumeCapabilities { + if blk := cap.GetBlock(); blk != nil && volumeParams.vpusPerGB >= 30 { + log.Error("volumeMode is set to Block for an Ultra High Performance Volume, which is not supported") + return nil, status.Errorf(codes.InvalidArgument, "failed to support Block volumeMode for Ultra High Performance Volumes (vpusPerGB >= 30)") + } + } + dimensionsMap[metrics.ResourceOCIDDimension] = volumeName dimensionsMap[metrics.VolumeVpusPerGBDimension] = strconv.Itoa(int(volumeParams.vpusPerGB)) @@ -406,7 +413,7 @@ func (d *BlockVolumeControllerDriver) CreateVolume(ctx context.Context, req *csi } else { // Creating new volume - ad, err := d.client.Identity().GetAvailabilityDomainByName(ctx, d.config.CompartmentID, availableDomainShortName) + ad, err := d.client.Identity(nil).GetAvailabilityDomainByName(ctx, d.config.CompartmentID, availableDomainShortName) if err != nil { log.With("Compartment Id", d.config.CompartmentID, "service", "identity", "verb", "get", "resource", "AD", "statusCode", util.GetHttpStatusCode(err)). With(zap.Error(err)).Error("Failed to get available domain.") @@ -855,13 +862,19 @@ func (d *BlockVolumeControllerDriver) ControllerUnpublishVolume(ctx context.Cont multipath := false if attachedVolume.GetIsMultipath() != nil { + var cancel context.CancelFunc + // this will not override parent context, it will evaluate to min(parent context timeout, current time + 90 seconds) + ctx, cancel = context.WithTimeout(ctx, 90*time.Second) + defer cancel() multipath = *attachedVolume.GetIsMultipath() - } - - // sleeping to ensure block volume plugin logs out of iscsi connections on nodes before delete - if multipath { - log.Info("Waiting for 90 seconds to ensure block volume plugin logs out of iscsi connections on nodes") - time.Sleep(90 * time.Second) + if multipath { + log.With("instanceID", *attachedVolume.GetInstanceId()).Info("Waiting for UHP Volume to logout") + err = d.client.Compute().WaitForUHPVolumeLoggedOut(ctx, *attachedVolume.GetId()) + if err != nil { + log.With("service", "compute", "verb", "get", "resource", "volumeAttachment", "statusCode", util.GetHttpStatusCode(err)). + With("instanceID", *attachedVolume.GetInstanceId()).Warnf("timed out waiting for UHP volume logout, will not wait further or retry, will mark detach success: %s", err.Error()) + } + } } log.Info("Un-publishing Volume Completed") @@ -966,8 +979,7 @@ func (d *BlockVolumeControllerDriver) validateCapabilities(caps []*csi.VolumeCap for _, cap := range caps { if blk := cap.GetBlock(); blk != nil { - d.logger.Error("volumeMode is set to Block which is not supported.") - return fmt.Errorf("driver does not support Block volumeMode. Please use Filesystem mode") + d.logger.Info("The requested volume mode is set to Block") } if hasSupport(cap.AccessMode.Mode) { continue @@ -1029,6 +1041,9 @@ func (d *BlockVolumeControllerDriver) CreateSnapshot(ctx context.Context, req *c return nil, fmt.Errorf("duplicate snapshot %q exists", req.Name) } + volumeAvailableTimeoutCtx, cancel := context.WithTimeout(ctx, 45 * time.Second) + defer cancel() + if len(snapshots) > 0 { //Assigning existing snapshot @@ -1049,35 +1064,38 @@ func (d *BlockVolumeControllerDriver) CreateSnapshot(ctx context.Context, req *c ts := timestamppb.New(snapshot.TimeCreated.Time) log.Infof("Checking if backup %v has become available", *snapshot.Id) - blockVolumeAvailable, err := isBlockVolumeAvailable(snapshot) - if err != nil { - log.Errorf("Error while waiting for backup to become available %q: %v", req.Name, err) - errorType = util.GetError(err) - snapshotMetricDimension = util.GetMetricDimensionForComponent(errorType, util.CSIStorageType) - dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension - metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(snapshot.TimeRequestReceived.Time).Seconds(), dimensionsMap) - return nil, status.Errorf(codes.Internal, "Backup did not become available %q: %v", req.Name, err) - } - if blockVolumeAvailable { - log.Info("Snapshot is created and available.") - snapshotMetricDimension = util.GetMetricDimensionForComponent(util.Success, util.CSIStorageType) - dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension - metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(snapshot.TimeRequestReceived.Time).Seconds(), dimensionsMap) - } else { - log.Infof("Backup has not become available yet, controller will retry") - snapshotMetricDimension = util.GetMetricDimensionForComponent(util.BackupCreating, util.CSIStorageType) - dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension - metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(snapshot.TimeRequestReceived.Time).Seconds(), dimensionsMap) + _, err = d.client.BlockStorage().AwaitVolumeBackupAvailableOrTimeout(volumeAvailableTimeoutCtx, *snapshot.Id) + if err != nil { + if strings.Contains(err.Error(), "timed out") { + log.Infof("Backup has not become available yet, controller will retry") + snapshotMetricDimension = util.GetMetricDimensionForComponent(util.BackupCreating, util.CSIStorageType) + dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension + metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(snapshot.TimeRequestReceived.Time).Seconds(), dimensionsMap) + return nil, status.Errorf(codes.DeadlineExceeded, "Timed out waiting for backup to become available") + } else { + log.With("service", "blockstorage", "verb", "get", "resource", "volumeBackup", "statusCode", util.GetHttpStatusCode(err)). + Errorf("Error while waiting for backup to become available %q: %v", req.Name, err) + errorType = util.GetError(err) + snapshotMetricDimension = util.GetMetricDimensionForComponent(errorType, util.CSIStorageType) + dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension + metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(startTime).Seconds(), dimensionsMap) + log.Errorf("Backup did not become available %q: %v", req.Name, err) + return nil, status.Errorf(codes.Internal, "Backup did not become available %q: %v", req.Name, err) + } } + log.Info("Snapshot is created and available.") + snapshotMetricDimension = util.GetMetricDimensionForComponent(util.Success, util.CSIStorageType) + dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension + metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(snapshot.TimeRequestReceived.Time).Seconds(), dimensionsMap) return &csi.CreateSnapshotResponse{ Snapshot: &csi.Snapshot{ SnapshotId: *snapshot.Id, SourceVolumeId: *snapshot.VolumeId, SizeBytes: *snapshot.SizeInMBs * client.MiB, CreationTime: ts, - ReadyToUse: blockVolumeAvailable, + ReadyToUse: true, }, }, nil } @@ -1119,22 +1137,14 @@ func (d *BlockVolumeControllerDriver) CreateSnapshot(ctx context.Context, req *c ts := timestamppb.New(snapshot.TimeCreated.Time) - _, err = d.client.BlockStorage().AwaitVolumeBackupAvailableOrTimeout(ctx, *snapshot.Id) + _, err = d.client.BlockStorage().AwaitVolumeBackupAvailableOrTimeout(volumeAvailableTimeoutCtx, *snapshot.Id) if err != nil { if strings.Contains(err.Error(), "timed out") { log.Infof("Backup did not become available immediately after creation, controller will retry") snapshotMetricDimension = util.GetMetricDimensionForComponent(util.BackupCreating, util.CSIStorageType) dimensionsMap[metrics.ComponentDimension] = snapshotMetricDimension metrics.SendMetricData(d.metricPusher, metrics.BlockSnapshotProvision, time.Since(startTime).Seconds(), dimensionsMap) - return &csi.CreateSnapshotResponse{ - Snapshot: &csi.Snapshot{ - SnapshotId: *snapshot.Id, - SourceVolumeId: *snapshot.VolumeId, - SizeBytes: *snapshot.SizeInMBs * client.MiB, - CreationTime: ts, - ReadyToUse: false, - }, - }, nil + return nil, status.Errorf(codes.DeadlineExceeded, "Timed out waiting for backup to become available") } else { log.With("service", "blockstorage", "verb", "get", "resource", "volumeBackup", "statusCode", util.GetHttpStatusCode(err)). Errorf("Error while waiting for backup to become available %q: %v", req.Name, err) diff --git a/pkg/csi/driver/bv_controller_test.go b/pkg/csi/driver/bv_controller_test.go index a5b9011d9c..5514a0b1dc 100644 --- a/pkg/csi/driver/bv_controller_test.go +++ b/pkg/csi/driver/bv_controller_test.go @@ -17,19 +17,13 @@ package driver import ( "context" "fmt" + "os" "reflect" "strings" "testing" "time" "github.com/container-storage-interface/spec/lib/go/csi" - "github.com/pkg/errors" - "go.uber.org/zap" - authv1 "k8s.io/api/authentication/v1" - kubeAPI "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/wait" - "k8s.io/client-go/kubernetes" - providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" csi_util "github.com/oracle/oci-cloud-controller-manager/pkg/csi-util" "github.com/oracle/oci-cloud-controller-manager/pkg/logging" @@ -39,6 +33,13 @@ import ( "github.com/oracle/oci-go-sdk/v65/core" "github.com/oracle/oci-go-sdk/v65/identity" "github.com/oracle/oci-go-sdk/v65/loadbalancer" + "github.com/pkg/errors" + "go.uber.org/zap" + authv1 "k8s.io/api/authentication/v1" + kubeAPI "k8s.io/api/core/v1" + "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/kubernetes" + "k8s.io/utils/pointer" ) const ( @@ -155,6 +156,31 @@ var ( Id: common.String("volume-attachment-stuck-in-attaching-state"), InstanceId: common.String("sample-provider-id"), }, + "uhp-volume-attachment-stuck-in-logged-in-state": { + DisplayName: common.String("uhp-volume-attachment-stuck-in-logged-in-state"), + LifecycleState: core.VolumeAttachmentLifecycleStateDetached, + AvailabilityDomain: common.String("NWuj:PHX-AD-2"), + Id: common.String("uhp-volume-attachment-stuck-in-logged-in-state"), + InstanceId: common.String("sample-provider-id"), + IscsiLoginState: core.VolumeAttachmentIscsiLoginStateLoginSucceeded, + IsMultipath: common.Bool(true), + }, + } + + subnets = map[string]*core.Subnet{ + "ocid1.ipv4-subnet": &core.Subnet{ + CidrBlock: pointer.String("10.0.0.1/24"), + }, + "ocid1.ipv6-subnet": &core.Subnet{ + CidrBlock: pointer.String(""), + Ipv6CidrBlock: pointer.String("2603:c020:e:897e::/64"), + Ipv6CidrBlocks: []string{"2603:c020:e:897e::/64"}, + }, + "ocid1.dual-stack-subnet": &core.Subnet{ + CidrBlock: pointer.String("10.0.2.0/24"), + Ipv6CidrBlock: pointer.String("2603:c020:e:897e::/64"), + Ipv6CidrBlocks: []string{"2603:c020:e:897e::/64"}, + }, } ) @@ -168,7 +194,7 @@ func (MockOCIClient) LoadBalancer(logger *zap.SugaredLogger, lbType string, tena return &MockLoadBalancerClient{} } -func (MockOCIClient) Networking() client.NetworkingInterface { +func (MockOCIClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { return &MockVirtualNetworkClient{} } @@ -176,11 +202,11 @@ func (MockOCIClient) BlockStorage() client.BlockStorageInterface { return &MockBlockStorageClient{} } -func (MockOCIClient) FSS() client.FileStorageInterface { +func (MockOCIClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { return &MockFileStorageClient{} } -func (MockOCIClient) Identity() client.IdentityInterface { +func (MockOCIClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { return &MockIdentityClient{} } @@ -382,6 +408,10 @@ func (p *MockProvisionerClient) BlockStorage() client.BlockStorageInterface { type MockVirtualNetworkClient struct { } +func (c *MockVirtualNetworkClient) GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) { + return &core.Ipv6{}, nil +} + func (c *MockVirtualNetworkClient) CreateNetworkSecurityGroup(ctx context.Context, compartmentId, vcnId, displayName, lbID string) (*core.NetworkSecurityGroup, error) { return nil, nil } @@ -420,17 +450,31 @@ func (c *MockVirtualNetworkClient) UpdateNetworkSecurityGroupSecurityRules(ctx c // GetPrivateIp mocks the VirtualNetwork GetPrivateIp implementation func (c *MockVirtualNetworkClient) GetPrivateIp(ctx context.Context, id string) (*core.PrivateIp, error) { + if id == "private-ip-fetch-error" { + return nil, errors.New("private IP fetch failed") + } privateIpAddress := "10.0.20.1" return &core.PrivateIp{ IpAddress: &privateIpAddress, }, nil } +func (c *MockVirtualNetworkClient) CreatePrivateIp(ctx context.Context, vnicId string) (*core.PrivateIp, error) { + return &core.PrivateIp{}, nil +} + +func (c *MockVirtualNetworkClient) ListPrivateIps(ctx context.Context, id string) ([]core.PrivateIp, error) { + return []core.PrivateIp{}, nil +} + func (c *MockVirtualNetworkClient) GetSubnet(ctx context.Context, id string) (*core.Subnet, error) { - return nil, nil + if strings.EqualFold(id, "ocid1.invalid-subnet") { + return nil, errors.New("Internal Error.") + } + return subnets[id], nil } -func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) { +func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip client.IpAddresses) (*core.Subnet, error) { return nil, nil } @@ -438,6 +482,10 @@ func (c *MockVirtualNetworkClient) GetVcn(ctx context.Context, id string) (*core return &core.Vcn{}, nil } +func (c *MockVirtualNetworkClient) GetVNIC(ctx context.Context, id string) (*core.Vnic, error) { + return &core.Vnic{}, nil +} + func (c *MockVirtualNetworkClient) GetSecurityList(ctx context.Context, id string) (core.GetSecurityListResponse, error) { return core.GetSecurityListResponse{}, nil } @@ -455,7 +503,7 @@ func (c *MockVirtualNetworkClient) GetPublicIpByIpAddress(ctx context.Context, i } // Networking mocks client VirtualNetwork implementation. -func (p *MockProvisionerClient) Networking() client.NetworkingInterface { +func (p *MockProvisionerClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { return &MockVirtualNetworkClient{} } @@ -568,6 +616,22 @@ func (c *MockComputeClient) GetPrimaryVNICForInstance(ctx context.Context, compa return nil, nil } +func (MockComputeClient) GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) { + return nil, nil +} + +func (c *MockComputeClient) ListVnicAttachments(ctx context.Context, compartmentID, instanceID string) ([]core.VnicAttachment, error) { + return nil, nil +} + +func (c *MockComputeClient) GetVnicAttachment(ctx context.Context, vnicAttachmentId *string) (response *core.VnicAttachment, err error) { + return nil, nil +} + +func (c *MockComputeClient) AttachVnic(ctx context.Context, instanceID, subnetID *string, nsgIds []*string, skipSourceDestCheck *bool) (response core.VnicAttachment, err error) { + return core.VnicAttachment{}, nil +} + func (c *MockComputeClient) FindVolumeAttachment(ctx context.Context, compartmentID, volumeID string) (core.VolumeAttachment, error) { var page *string var requestMetadata common.RequestMetadata @@ -700,6 +764,21 @@ func (c *MockComputeClient) WaitForVolumeDetached(ctx context.Context, attachmen return nil } +func (c *MockComputeClient) WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error { + if err := wait.PollImmediateUntil(testPollInterval, func() (done bool, err error) { + va := volume_attachments[attachmentID] + + if va.GetIscsiLoginState() == core.VolumeAttachmentIscsiLoginStateLogoutSucceeded { + return true, nil + } + return false, nil + }, ctx.Done()); err != nil { + return errors.WithStack(err) + } + + return nil +} + func (p *MockProvisionerClient) Compute() client.ComputeInterface { return &MockComputeClient{} } @@ -709,18 +788,24 @@ type MockIdentityClient struct { common.BaseClient } -func (client MockIdentityClient) ListAvailabilityDomains(ctx context.Context, compartmentID string) ([]identity.AvailabilityDomain, error) { +func (mockClient MockIdentityClient) ListAvailabilityDomains(ctx context.Context, compartmentID string) ([]identity.AvailabilityDomain, error) { return nil, nil } // ListAvailabilityDomains mocks the client ListAvailabilityDomains implementation -func (client MockIdentityClient) GetAvailabilityDomainByName(ctx context.Context, compartmentID, name string) (*identity.AvailabilityDomain, error) { - ad1 := "AD1" +func (mockClient MockIdentityClient) GetAvailabilityDomainByName(ctx context.Context, compartmentID, name string) (*identity.AvailabilityDomain, error) { + var ad1 string + + if client.IsIpv6SingleStackCluster() { + ad1 = "AD1-compartments-response" + } else { + ad1 = "AD1" + } return &identity.AvailabilityDomain{Name: &ad1}, nil } // Identity mocks client Identity implementation -func (p *MockProvisionerClient) Identity() client.IdentityInterface { +func (p *MockProvisionerClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { return &MockIdentityClient{} } @@ -873,21 +958,94 @@ func TestControllerDriver_CreateVolume(t *testing.T) { wantErr: errors.New("required in PreferredTopologies or allowedTopologies"), }, { - name: "Error for unsupported volumeMode Block", + name: "No error when a volume is created in block mode", + args: args{ + ctx: context.TODO(), + req: &csi.CreateVolumeRequest{ + Name: "volume-in-available-state", + VolumeCapabilities: []*csi.VolumeCapability{ + { + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + AccessType: &csi.VolumeCapability_Block{ + Block: &csi.VolumeCapability_BlockVolume{}, + }, + }, + }, + Parameters: map[string]string{ + "vpusPerGB": "10", + }, + CapacityRange: &csi.CapacityRange{ + RequiredBytes: int64(50000), + }, + AccessibilityRequirements: &csi.TopologyRequirement{ + Requisite: []*csi.Topology{ + { + Segments: map[string]string{ + kubeAPI.LabelZoneFailureDomain: "PHX-AD-2", + }, + }, { + Segments: map[string]string{ + kubeAPI.LabelZoneFailureDomain: "PHX-AD-2", + }, + }, + }, + }, + }, + }, + want: &csi.CreateVolumeResponse{ + Volume: &csi.Volume{ + VolumeId: "volume-in-available-state", + CapacityBytes: int64(52428800000), + AccessibleTopology: []*csi.Topology{ + { + Segments: map[string]string{ + kubeAPI.LabelTopologyZone: "PHX-AD-2", + }, + }, + { + Segments: map[string]string{ + kubeAPI.LabelZoneFailureDomain: "PHX-AD-2", + }, + }, + }, + VolumeContext: map[string]string{ + "needResize": "false", + "newSize": "", + "vpusPerGB": "10", + "attachment-type": "", + }, + }, + }, + wantErr: nil, + }, + { + name: "Error for support of Block volumeMode in Ultra High Performance Volumes (vpusPerGB >= 30)", fields: fields{}, args: args{ ctx: nil, req: &csi.CreateVolumeRequest{ Name: "ut-volume", - VolumeCapabilities: []*csi.VolumeCapability{{ - AccessType: &csi.VolumeCapability_Block{ - Block: &csi.VolumeCapability_BlockVolume{}, - }, - }}, + VolumeCapabilities: []*csi.VolumeCapability{ + { + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + AccessType: &csi.VolumeCapability_Block{ + Block: &csi.VolumeCapability_BlockVolume{}, + }, + }}, + Parameters: map[string]string{ + "vpusPerGB": "40", + }, + CapacityRange: &csi.CapacityRange{ + RequiredBytes: int64(csi_util.MaximumVolumeSizeInBytes), + }, }, }, want: nil, - wantErr: errors.New("driver does not support Block volumeMode. Please use Filesystem mode"), + wantErr: errors.New("failed to support Block volumeMode for Ultra High Performance Volumes (vpusPerGB >= 30)"), }, { name: "Create Volume times out waiting for volume to become available", @@ -1135,6 +1293,17 @@ func TestControllerDriver_ControllerUnpublishVolume(t *testing.T) { want: nil, wantErr: errors.New("context deadline exceeded"), }, + { + name: "Unpublish should not fail on UHP Volume logout timeout", + args: args{ + req: &csi.ControllerUnpublishVolumeRequest{ + VolumeId: "uhp-volume-attachment-stuck-in-logged-in-state", + NodeId: "sample-node-id", + }, + }, + want: &csi.ControllerUnpublishVolumeResponse{}, + wantErr: nil, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { @@ -2028,3 +2197,90 @@ func TestGetBVTags(t *testing.T) { }) } } + +func TestClient_GetAvailabilityDomainByName(t *testing.T) { + tests := []struct { + name string + ipFamilies string + want *identity.AvailabilityDomain + wantErr error + }{ + { + name: "Dual stack IPv4 preferred (identity client usage)", + ipFamilies: "IPv4,IPv6", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1"), // Default to AD1 since only exact IPv6 triggers change + }, + wantErr: nil, + }, + { + name: "Dual stack IPv6 preferred (identity client usage)", + ipFamilies: "IPv6,IPv4", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1"), // Default to AD1 since only exact IPv6 triggers change + }, + wantErr: nil, + }, + { + name: "IPv4 only (defaults to AD1)", + ipFamilies: "IPv4", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1"), + }, + wantErr: nil, + }, + { + name: "IPv6 only", + ipFamilies: "IPv6", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1-compartments-response"), // Specific to IPv6 + }, + wantErr: nil, + }, + { + name: "Empty IP families (defaults to AD1)", + ipFamilies: "", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1"), + }, + wantErr: nil, + }, + { + name: "Invalid IP families (defaults to AD1)", + ipFamilies: "Invalid", + want: &identity.AvailabilityDomain{ + Name: common.String("AD1"), // Invalid defaults to AD1 + }, + wantErr: nil, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Set the environment variable for IP families + os.Setenv(client.ClusterIpFamilyEnv, tt.ipFamilies) + defer os.Unsetenv(client.ClusterIpFamilyEnv) + + ctx, cancel := context.WithTimeout(context.Background(), testTimeout) + defer cancel() + + client := NewClientProvisioner(nil, &MockBlockStorageClient{}, nil) + got, err := client.Identity(nil).GetAvailabilityDomainByName(ctx, "ocid1.compartment.abcd", "AD-1") + + // Check if the error matches what we expect + if tt.wantErr == nil && err != nil { + t.Errorf("got error %q, want none", err) + } + if tt.wantErr != nil && err == nil { + t.Errorf("want error %q, got none", tt.wantErr) + } else if tt.wantErr != nil && err != nil && !strings.Contains(err.Error(), tt.wantErr.Error()) { + t.Errorf("want error %q to include %q", err, tt.wantErr) + } + + // Check if the result matches what we expect + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("client.Identity().GetAvailabilityDomainByName() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/pkg/csi/driver/bv_node.go b/pkg/csi/driver/bv_node.go index ba781cf107..a2fa5a6f29 100644 --- a/pkg/csi/driver/bv_node.go +++ b/pkg/csi/driver/bv_node.go @@ -64,6 +64,16 @@ func (d BlockVolumeNodeDriver) NodeStageVolume(ctx context.Context, req *csi.Nod logger := d.logger.With("volumeID", req.VolumeId, "stagingPath", req.StagingTargetPath) + stagingTargetFilePath := csi_util.GetPathForBlock(req.StagingTargetPath) + + isRawBlockVolume := false + + if _, ok := req.VolumeCapability.GetAccessType().(*csi.VolumeCapability_Block); ok { + isRawBlockVolume = true + } + + logger.Infof("Is Volume Mode set to Raw Block Volume %s", isRawBlockVolume) + attachment, ok := req.PublishContext[attachmentType] if !ok { @@ -105,6 +115,15 @@ func (d BlockVolumeNodeDriver) NodeStageVolume(ctx context.Context, req *csi.Nod logger.With(zap.Error(err)).Error("Failed to get SCSI info from publish context.") return nil, status.Error(codes.InvalidArgument, "PublishContext is invalid.") } + + if strings.EqualFold(d.nodeIpFamily.PreferredNodeIpFamily, csi_util.Ipv6Stack) { + scsiInfo.IscsiIp, err = csi_util.ConvertIscsiIpFromIpv4ToIpv6(scsiInfo.IscsiIp) + if err != nil { + logger.With(zap.Error(err)).Error("Failed get ipv6 address for Iscsi Target.") + return nil, status.Errorf(codes.Internal, "Failed get ipv6 address for Iscsi Target.") + } + } + mountHandler = disk.NewFromISCSIDisk(d.logger, scsiInfo) logger.Info("starting to stage iSCSI Mounting.") } @@ -128,13 +147,15 @@ func (d BlockVolumeNodeDriver) NodeStageVolume(ctx context.Context, req *csi.Nod defer d.volumeLocks.Release(req.VolumeId) - isMounted, oErr := mountHandler.DeviceOpened(devicePath) - if oErr != nil { - logger.With(zap.Error(oErr)).Error("getting error to get the details about volume is already mounted or not.") - return nil, status.Error(codes.Internal, oErr.Error()) - } else if isMounted { - logger.Info("volume is already mounted on the staging path.") - return &csi.NodeStageVolumeResponse{}, nil + if !isRawBlockVolume { + isMounted, oErr := mountHandler.DeviceOpened(devicePath) + if oErr != nil { + logger.With(zap.Error(oErr)).Error("getting error to get the details about volume is already mounted or not.") + return nil, status.Error(codes.Internal, oErr.Error()) + } else if isMounted { + logger.Info("volume is already mounted on the staging path.") + return &csi.NodeStageVolumeResponse{}, nil + } } err = mountHandler.AddToDB() @@ -191,6 +212,21 @@ func (d BlockVolumeNodeDriver) NodeStageVolume(ctx context.Context, req *csi.Nod return nil, status.Error(codes.DeadlineExceeded, "Failed to wait for device to exist.") } + if isRawBlockVolume { + err := csi_util.CreateFilePath(logger, stagingTargetFilePath) + if err != nil { + logger.With(zap.Error(err)).Error("failed to create the stagingTargetFile.") + return nil, status.Error(codes.Internal, err.Error()) + } + options := []string{"bind"} // Append the "bind" option if it is a raw block volume + err = mountHandler.Mount(devicePath, stagingTargetFilePath, "", options) + if err != nil { + logger.With(zap.Error(err)).Error("failed to bind mount raw block volume to stagingTargetFile") + return nil, status.Error(codes.Internal, err.Error()) + } + return &csi.NodeStageVolumeResponse{}, nil + } + mnt := req.VolumeCapability.GetMount() options := mnt.MountFlags @@ -263,6 +299,8 @@ func (d BlockVolumeNodeDriver) NodeUnstageVolume(ctx context.Context, req *csi.N logger := d.logger.With("volumeID", req.VolumeId, "stagingPath", req.StagingTargetPath) + stagingTargetFilePath := csi_util.GetPathForBlock(req.StagingTargetPath) + if acquired := d.volumeLocks.TryAcquire(req.VolumeId); !acquired { logger.Error("Could not acquire lock for NodeUnstageVolume.") return nil, status.Errorf(codes.Aborted, volumeOperationAlreadyExistsFmt, req.VolumeId) @@ -270,16 +308,36 @@ func (d BlockVolumeNodeDriver) NodeUnstageVolume(ctx context.Context, req *csi.N defer d.volumeLocks.Release(req.VolumeId) - diskPath, err := disk.GetDiskPathFromMountPath(d.logger, req.GetStagingTargetPath()) + hostUtil := hostutil.NewHostUtil() + isRawBlockVolume, rbvCheckErr := hostUtil.PathIsDevice(stagingTargetFilePath) - if err != nil { - // do a clean exit in case of mount point not found - if err == disk.ErrMountPointNotFound { - logger.With(zap.Error(err)).With("mountPath", req.GetStagingTargetPath()).Warn("unable to fetch mount point") - return &csi.NodeUnstageVolumeResponse{}, nil + if rbvCheckErr != nil { + logger.With(zap.Error(rbvCheckErr)).Warn("failed to check if it is a device file") + isRawBlockVolume = false + } + + var diskPath []string + var err error + + if isRawBlockVolume { + diskPath, err = disk.GetDiskPathFromBindDeviceFilePath(logger, stagingTargetFilePath) + + if err != nil { + logger.With(zap.Error(err)).With("mountPath", stagingTargetFilePath).Error("unable to get diskPath from mount path") + return nil, status.Error(codes.Internal, err.Error()) + } + } else { + diskPath, err = disk.GetDiskPathFromMountPath(logger, req.GetStagingTargetPath()) + + if err != nil { + // do a clean exit in case of mount point not found + if err == disk.ErrMountPointNotFound { + logger.With(zap.Error(err)).With("mountPath", req.GetStagingTargetPath()).Warn("unable to fetch mount point") + return &csi.NodeUnstageVolumeResponse{}, nil + } + logger.With(zap.Error(err)).With("mountPath", req.GetStagingTargetPath()).Error("unable to get diskPath from mount path") + return nil, status.Error(codes.Internal, err.Error()) } - logger.With(zap.Error(err)).With("mountPath", req.GetStagingTargetPath()).Error("unable to get diskPath from mount path") - return nil, status.Error(codes.Internal, err.Error()) } attachmentType, devicePath, err := getDevicePathAndAttachmentType(diskPath) @@ -318,19 +376,29 @@ func (d BlockVolumeNodeDriver) NodeUnstageVolume(ctx context.Context, req *csi.N logger.Error("unknown attachment type. supported attachment types are iscsi and paravirtualized") return nil, status.Error(codes.InvalidArgument, "unknown attachment type. supported attachment types are iscsi and paravirtualized") } - isMounted, oErr := mountHandler.DeviceOpened(devicePath) - if oErr != nil { - logger.With(zap.Error(oErr)).Error("getting error to get the details about volume is already mounted or not.") - return nil, status.Error(codes.Internal, oErr.Error()) - } else if !isMounted { - logger.Info("volume is already mounted on the staging path.") - return &csi.NodeUnstageVolumeResponse{}, nil + + if !isRawBlockVolume { + isMounted, oErr := mountHandler.DeviceOpened(devicePath) + if oErr != nil { + logger.With(zap.Error(oErr)).Error("getting error to get the details about volume is already mounted or not.") + return nil, status.Error(codes.Internal, oErr.Error()) + } else if !isMounted { + logger.Info("volume is already unmounted on the staging path.") + return &csi.NodeUnstageVolumeResponse{}, nil + } + } + + var unMountErr error + + if isRawBlockVolume { + unMountErr = mountHandler.UnmountPath(stagingTargetFilePath) + } else { + unMountErr = mountHandler.UnmountPath(req.StagingTargetPath) } - err = mountHandler.UnmountPath(req.StagingTargetPath) - if err != nil { - logger.With(zap.Error(err)).Error("failed to unmount the staging path") - return nil, status.Error(codes.Internal, err.Error()) + if unMountErr != nil { + logger.With(zap.Error(unMountErr)).Error("failed to unmount the staging path") + return nil, status.Error(codes.Internal, unMountErr.Error()) } err = mountHandler.Logout() @@ -374,6 +442,16 @@ func (d BlockVolumeNodeDriver) NodePublishVolume(ctx context.Context, req *csi.N logger := d.logger.With("volumeID", req.VolumeId, "targetPath", req.TargetPath) + stagingTargetFilePath := csi_util.GetPathForBlock(req.StagingTargetPath) + + isRawBlockVolume := false + + if _, ok := req.VolumeCapability.GetAccessType().(*csi.VolumeCapability_Block); ok { + isRawBlockVolume = true + } + + logger.With("isRawBlockVolume", isRawBlockVolume) + attachment, ok := req.PublishContext[attachmentType] if !ok { logger.Error("Unable to get the attachmentType from the attribute list, assuming iscsi") @@ -391,9 +469,11 @@ func (d BlockVolumeNodeDriver) NodePublishVolume(ctx context.Context, req *csi.N // https://github.com/kubernetes/kubernetes/pull/88759 // if the path exists already ( 0 { + // // Ipv6 Mount Target + // var ipv6IpObject *core.Ipv6 + // ipType = "ipv6" + // mountTargetIpId = activeMountTarget.MountTargetIpv6Ids[0] + // log.With("mountTargetIpId", mountTargetIpId).Infof("Getting Ipv6 IP of mount target") + // if ipv6IpObject, err = networkingClient.GetIpv6(ctx, mountTargetIpId); err == nil { + // mountTargetIp = *ipv6IpObject.IpAddress + // } + //} else { + // Ipv4 Mount Target + var privateIpObject *core.PrivateIp + mountTargetIpId = activeMountTarget.PrivateIpIds[0] + ipType = "privateIp" + log.With("mountTargetIpId", mountTargetIpId).Infof("Getting private IP of mount target") + if privateIpObject, err = networkingClient.GetPrivateIp(ctx, mountTargetIpId); err == nil { + mountTargetIp = *privateIpObject.IpAddress + } + //} if err != nil { - log.With("service", "vcn", "verb", "get", "resource", "privateIp", "statusCode", util.GetHttpStatusCode(err)). - With(zap.Error(err)).Error("Failed to fetch Mount Target Private IP from IP ID: %s", mountTargetIpId) + log.With("service", "vcn", "verb", "get", "resource", ipType, "statusCode", util.GetHttpStatusCode(err)). + With("mountTargetIpId", mountTargetIpId).With(zap.Error(err)).Errorf("Failed to get mount target %s ip from ip id.", ipType) if !isExistingMountTargetUsed { csiMetricDimension := util.GetMetricDimensionForComponent(util.GetError(err), util.CSIStorageType) dimensionsMap[metrics.ComponentDimension] = csiMetricDimension metrics.SendMetricData(d.metricPusher, metrics.MTProvision, time.Since(startTimeMountTarget).Seconds(), dimensionsMap) } - return log, "", "", "", nil, status.Errorf(codes.Internal, "Failed to fetch Mount Target Private IP from IP ID: %s, error: %s", mountTargetIpId, err.Error()), true + return log, "", "", "", nil, status.Errorf(codes.Internal, "Failed to get mount target %s ip from ip id %s, error: %s", ipType, mountTargetIpId, err.Error()), true } - mountTargetIp := *privateIpObject.IpAddress + log = log.With("mountTargetValidatedIp", mountTargetIp) if activeMountTarget.ExportSetId == nil || *activeMountTarget.ExportSetId == "" { log.Error("ExportSetId not assigned to mount target") @@ -378,10 +514,42 @@ func (d *FSSControllerDriver) getOrCreateMountTarget(ctx context.Context, storag return log, mountTargetOCID, mountTargetIp, exportSetId, nil, nil, false } -func (d *FSSControllerDriver) getOrCreateExport(ctx context.Context, err error, storageClassParameters StorageClassParameters, filesystemOCID string, exportSetId string, log *zap.SugaredLogger, dimensionsMap map[string]string) (*zap.SugaredLogger, *csi.CreateVolumeResponse, error, bool) { +func (d *FSSControllerDriver) validateMountTargetSubnetWithClusterIpFamily(ctx context.Context, mountTargetSubnetId string, log *zap.SugaredLogger, networkingClient client.NetworkingInterface) error { + + mountTargetSubnet, err := networkingClient.GetSubnet(ctx, mountTargetSubnetId) + + if err != nil { + log.With("service", "vcn", "verb", "get", "resource", "subnet", "statusCode", util.GetHttpStatusCode(err)). + With(zap.Error(err)).Error("Failed to get mount target subnet.") + return status.Errorf(codes.Internal, "Failed to get mount target subnet, error: %s", err.Error()) + } + + var mtSubnetValidationErr error + if csi_util.IsIpv4SingleStackSubnet(mountTargetSubnet) && !strings.Contains(d.clusterIpFamily, csi_util.Ipv4Stack) { + mtSubnetValidationErr = status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using IPv4 mount target subnet, cluster needs to be IPv4 or dual stack but found to be %s.", d.clusterIpFamily) + } else if csi_util.IsDualStackSubnet(mountTargetSubnet) && !strings.Contains(d.clusterIpFamily, csi_util.Ipv4Stack) { + mtSubnetValidationErr = status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using dual stack mount target subnet, cluster needs to IPv4 or dual stack but found to be %s.", d.clusterIpFamily) + } else if csi_util.IsIpv6SingleStackSubnet(mountTargetSubnet) && !strings.Contains(d.clusterIpFamily, csi_util.Ipv6Stack) { + mtSubnetValidationErr = status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using ipv6 mount target subnet, cluster needs to be IPv6 or dual stack but found to be %s.", d.clusterIpFamily) + } + return mtSubnetValidationErr +} + +func (d *FSSControllerDriver) validateMountTargetWithClusterIpFamily(mtIpv6Ids []string, privateIpIds []string) error { + + var mtSubnetValidationErr error + if len(mtIpv6Ids) > 0 && !strings.Contains(d.clusterIpFamily, csi_util.Ipv6Stack) { + mtSubnetValidationErr = status.Errorf(codes.InvalidArgument, "Invalid mount target. For using IPv6 mount target, cluster needs to be IPv6 or dual stack but found to be %s.", d.clusterIpFamily) + } else if len(privateIpIds) > 0 && !strings.Contains(d.clusterIpFamily, csi_util.Ipv4Stack) { + mtSubnetValidationErr = status.Errorf(codes.InvalidArgument, "Invalid mount target. For using IPv4 mount target, cluster needs to IPv4 or dual stack but found to be %s.", d.clusterIpFamily) + } + return mtSubnetValidationErr +} + +func (d *FSSControllerDriver) getOrCreateExport(ctx context.Context, err error, storageClassParameters StorageClassParameters, filesystemOCID string, exportSetId string, log *zap.SugaredLogger, dimensionsMap map[string]string, fssClient client.FileStorageInterface) (*zap.SugaredLogger, *csi.CreateVolumeResponse, error, bool) { startTimeExport := time.Now() log.Info("searching for existing export") - exportSummary, err := d.client.FSS().FindExport(ctx, filesystemOCID, storageClassParameters.exportPath, exportSetId) + exportSummary, err := fssClient.FindExport(ctx, filesystemOCID, storageClassParameters.exportPath, exportSetId) if err != nil && !client.IsNotFound(err) { message := "" @@ -402,7 +570,7 @@ func (d *FSSControllerDriver) getOrCreateExport(ctx context.Context, err error, provisionedExport = &fss.Export{Id: exportSummary.Id} } else { // Creating new export - provisionedExport, err = provisionExport(ctx, log, d.client, filesystemOCID, exportSetId, storageClassParameters) + provisionedExport, err = provisionExport(ctx, log, d.client, filesystemOCID, exportSetId, storageClassParameters, fssClient) if err != nil { log.With(zap.Error(err)).Error("New Export creation failed") csiMetricDimension := util.GetMetricDimensionForComponent(util.GetError(err), util.CSIStorageType) @@ -417,7 +585,7 @@ func (d *FSSControllerDriver) getOrCreateExport(ctx context.Context, err error, exportId = *provisionedExport.Id } log = log.With("exportId", exportId) - _, err = d.client.FSS().AwaitExportActive(ctx, log, exportId) + _, err = fssClient.AwaitExportActive(ctx, log, exportId) if err != nil { log.With(zap.Error(err)).Error("await export failed with time out") csiMetricDimension := util.GetMetricDimensionForComponent(util.GetError(err), util.CSIStorageType) @@ -434,7 +602,7 @@ func (d *FSSControllerDriver) getOrCreateExport(ctx context.Context, err error, return log, nil, nil, false } -func extractStorageClassParameters(ctx context.Context, d *FSSControllerDriver, log *zap.SugaredLogger, dimensionsMap map[string]string, volumeName string, parameters map[string]string, startTime time.Time) (*zap.SugaredLogger, *csi.CreateVolumeResponse, *StorageClassParameters, error, bool) { +func extractStorageClassParameters(ctx context.Context, d *FSSControllerDriver, log *zap.SugaredLogger, dimensionsMap map[string]string, volumeName string, parameters map[string]string, startTime time.Time, identityClient client.IdentityInterface) (*zap.SugaredLogger, *csi.CreateVolumeResponse, *StorageClassParameters, error, bool) { storageClassParameters := &StorageClassParameters{ encryptInTransit: "false", @@ -457,7 +625,7 @@ func extractStorageClassParameters(ctx context.Context, d *FSSControllerDriver, return log, nil, nil, status.Errorf(codes.InvalidArgument, "AvailabilityDomain not provided in storage class"), true } - ad, err := d.client.Identity().GetAvailabilityDomainByName(ctx, compartmentId, availabilityDomain) + ad, err := identityClient.GetAvailabilityDomainByName(ctx, compartmentId, availabilityDomain) if err != nil { log.With(zap.Error(err)).Errorf("invalid available domain: %s or compartmentID: %s", availabilityDomain, compartmentId) dimensionsMap[metrics.ComponentDimension] = util.GetMetricDimensionForComponent(util.GetError(err), util.CSIStorageType) @@ -572,7 +740,7 @@ func extractStorageClassParameters(ctx context.Context, d *FSSControllerDriver, return log, nil, storageClassParameters, nil, false } -func provisionFileSystem(ctx context.Context, log *zap.SugaredLogger, c client.Interface, volumeName string, storageClassParameters StorageClassParameters) (*fss.FileSystem, error) { +func provisionFileSystem(ctx context.Context, log *zap.SugaredLogger, c client.Interface, volumeName string, storageClassParameters StorageClassParameters, fssClient client.FileStorageInterface) (*fss.FileSystem, error) { log.Info("Creating new File System") createFileSystemDetails := fss.CreateFileSystemDetails{ AvailabilityDomain: &storageClassParameters.availabilityDomain, @@ -584,10 +752,10 @@ func provisionFileSystem(ctx context.Context, log *zap.SugaredLogger, c client.I if storageClassParameters.kmsKey != "" { createFileSystemDetails.KmsKeyId = &storageClassParameters.kmsKey } - return c.FSS().CreateFileSystem(ctx, createFileSystemDetails) + return fssClient.CreateFileSystem(ctx, createFileSystemDetails) } -func provisionMountTarget(ctx context.Context, log *zap.SugaredLogger, c client.Interface, volumeName string, storageClassParameters StorageClassParameters) (*fss.MountTarget, error) { +func provisionMountTarget(ctx context.Context, log *zap.SugaredLogger, c client.Interface, volumeName string, storageClassParameters StorageClassParameters, fssClient client.FileStorageInterface) (*fss.MountTarget, error) { log.Info("Creating new Mount Target") createMountTargetDetails := fss.CreateMountTargetDetails{ AvailabilityDomain: &storageClassParameters.availabilityDomain, @@ -597,10 +765,10 @@ func provisionMountTarget(ctx context.Context, log *zap.SugaredLogger, c client. FreeformTags: storageClassParameters.scTags.FreeformTags, DefinedTags: storageClassParameters.scTags.DefinedTags, } - return c.FSS().CreateMountTarget(ctx, createMountTargetDetails) + return fssClient.CreateMountTarget(ctx, createMountTargetDetails) } -func provisionExport(ctx context.Context, log *zap.SugaredLogger, c client.Interface, filesystemOCID string, exportSetId string, storageClassParameters StorageClassParameters) (*fss.Export, error) { +func provisionExport(ctx context.Context, log *zap.SugaredLogger, c client.Interface, filesystemOCID string, exportSetId string, storageClassParameters StorageClassParameters, fssClient client.FileStorageInterface) (*fss.Export, error) { log.Info("Creating new Export") createExportDetails := fss.CreateExportDetails{ ExportSetId: &exportSetId, @@ -611,17 +779,38 @@ func provisionExport(ctx context.Context, log *zap.SugaredLogger, c client.Inter if storageClassParameters.exportOptions != nil { createExportDetails.ExportOptions = storageClassParameters.exportOptions } - return c.FSS().CreateExport(ctx, createExportDetails) + return fssClient.CreateExport(ctx, createExportDetails) } func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteVolumeRequest) (*csi.DeleteVolumeResponse, error) { startTime := time.Now() volumeId := req.GetVolumeId() log := d.logger.With("volumeID", volumeId, "csiOperation", "delete") + log.Debug("Request being passed in DeleteVolume gRPC ", req) dimensionsMap := make(map[string]string) dimensionsMap[metrics.ResourceOCIDDimension] = req.VolumeId volumeHandler := csi_util.ValidateFssId(volumeId) filesystemOcid, mountTargetIP, exportPath := volumeHandler.FilesystemOcid, volumeHandler.MountTargetIPAddress, volumeHandler.FsExportPath + + var serviceAccountToken *authv1.TokenRequest + + secretParameters := extractSecretParameters(log, req.GetSecrets()) + if secretParameters.serviceAccount != "" || secretParameters.serviceAccountNamespace != "" { + serviceAccountTokenGenerated, err := d.getServiceAccountToken(ctx, secretParameters.serviceAccount, secretParameters.serviceAccountNamespace) + if err != nil { + return nil, err + } + serviceAccountToken = serviceAccountTokenGenerated + } + + ociClientConfig := &client.OCIClientConfig{ SaToken: serviceAccountToken, ParentRptURL: secretParameters.parentRptURL, TenancyId: d.config.Auth.TenancyID } + + fssClient := d.client.FSS(ociClientConfig) + + if fssClient == nil { + return nil, status.Error(codes.Internal, "Unable to create fss client") + } + if filesystemOcid == "" || mountTargetIP == "" || exportPath == "" { log.Error("Unable to parse Volume Id") csiMetricDimension := util.GetMetricDimensionForComponent(util.ErrValidation, util.CSIStorageType) @@ -633,7 +822,7 @@ func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteV log = log.With("fssID", filesystemOcid).With("mountTargetIP", mountTargetIP).With("exportPath", exportPath) log.Info("Getting file system to be deleted") - fileSystem, err := d.client.FSS().GetFileSystem(ctx, filesystemOcid) + fileSystem, err := fssClient.GetFileSystem(ctx, filesystemOcid) if err != nil { if !client.IsNotFound(err) { log.With("service", "fss", "verb", "get", "resource", "fileSystem", "statusCode", util.GetHttpStatusCode(err)). @@ -676,7 +865,7 @@ func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteV log = log.With("mountTargetOCID", mountTargetOCID) log.Info("filesystem tagged with mount target ocid, deleting mount target") // first delete Mount Target - err = d.client.FSS().DeleteMountTarget(ctx, mountTargetOCID) + err = fssClient.DeleteMountTarget(ctx, mountTargetOCID) if err != nil { if !client.IsNotFound(err) { log.With("service", "fss", "verb", "delete", "resource", "mountTarget", "statusCode", util.GetHttpStatusCode(err)). @@ -700,7 +889,7 @@ func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteV if exportSetId != "" { startTimeExport := time.Now() log.Infof("searching export with tagged exportSetId %s", exportSetId) - exportSummary, err := d.client.FSS().FindExport(ctx, filesystemOcid, exportPath, exportSetId) + exportSummary, err := fssClient.FindExport(ctx, filesystemOcid, exportPath, exportSetId) if err != nil { if !client.IsNotFound(err) { if exportSummary != nil { @@ -718,7 +907,7 @@ func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteV } } else { log.Infof("deleting export with exportId %s", *exportSummary.Id) - err = d.client.FSS().DeleteExport(ctx, *exportSummary.Id) + err = fssClient.DeleteExport(ctx, *exportSummary.Id) if err != nil { log.With("service", "fss", "verb", "delete", "resource", "export", "statusCode", util.GetHttpStatusCode(err)). With(zap.Error(err)).Error("failed to delete export.") @@ -737,7 +926,7 @@ func (d *FSSControllerDriver) DeleteVolume(ctx context.Context, req *csi.DeleteV startTimeFileSystem := time.Now() log.Info("deleting file system") // last delete File System - err = d.client.FSS().DeleteFileSystem(ctx, filesystemOcid) + err = fssClient.DeleteFileSystem(ctx, filesystemOcid) if err != nil { if !client.IsNotFound(err) { log.With("service", "fss", "verb", "delete", "resource", "fileSystem", "statusCode", util.GetHttpStatusCode(err)). @@ -801,6 +990,8 @@ func (d *FSSControllerDriver) ValidateVolumeCapabilities(ctx context.Context, re log := d.logger.With("volumeID", volumeId) + log.Debug("Request being passed in ValidateVolumeCapabilities gRPC ", req) + if req.VolumeCapabilities == nil { log.Error("Volume Capabilities must be provided") return nil, status.Error(codes.InvalidArgument, "Volume Capabilities must be provided") @@ -809,6 +1000,29 @@ func (d *FSSControllerDriver) ValidateVolumeCapabilities(ctx context.Context, re volumeHandler := csi_util.ValidateFssId(volumeId) filesystemOcid, mountTargetIP, exportPath := volumeHandler.FilesystemOcid, volumeHandler.MountTargetIPAddress, volumeHandler.FsExportPath + var serviceAccountToken *authv1.TokenRequest + + secretParameters := extractSecretParameters(log, req.GetSecrets()) + if secretParameters.serviceAccount != "" || secretParameters.serviceAccountNamespace != "" { + serviceAccountTokenGenerated, err := d.getServiceAccountToken(ctx, secretParameters.serviceAccount, secretParameters.serviceAccountNamespace) + if err != nil { + return nil, err + } + serviceAccountToken = serviceAccountTokenGenerated + } + + ociClientConfig := &client.OCIClientConfig{ SaToken: serviceAccountToken, ParentRptURL: secretParameters.parentRptURL, TenancyId: d.config.Auth.TenancyID } + + networkingClient := d.client.Networking(ociClientConfig) + if networkingClient == nil { + return nil, status.Error(codes.Internal, "Unable to create networking client") + } + + fssClient := d.client.FSS(ociClientConfig) + if fssClient == nil { + return nil, status.Error(codes.Internal, "Unable to create fss client") + } + if filesystemOcid == "" || mountTargetIP == "" || exportPath == "" { log.Info("Unable to parse Volume Id") return nil, status.Error(codes.InvalidArgument, "Invalid Volume ID provided") @@ -819,7 +1033,7 @@ func (d *FSSControllerDriver) ValidateVolumeCapabilities(ctx context.Context, re defer cancel() log.Info("Fetching filesystem") - fileSystem, err := d.client.FSS().GetFileSystem(ctx, filesystemOcid) + fileSystem, err := fssClient.GetFileSystem(ctx, filesystemOcid) if err != nil { log.With("service", "fss", "verb", "get", "resource", "fileSystem", "statusCode", util.GetHttpStatusCode(err)). With(zap.Error(err)).Error("File system not found.") @@ -847,38 +1061,60 @@ func (d *FSSControllerDriver) ValidateVolumeCapabilities(ctx context.Context, re if mountTargetOCID != "" { log = log.With("mountTargetOCID", mountTargetOCID) log.Info("filesystem tagged with mount target ocid, getting mount target") - mountTarget, err = d.client.FSS().GetMountTarget(ctx, mountTargetOCID) - if err != nil && !client.IsNotFound(err) { - log.With("service", "fss", "verb", "get", "resource", "mountTarget", "statusCode", util.GetHttpStatusCode(err)). - With(zap.Error(err)).Error("failed to get mount target") - return nil, status.Errorf(codes.NotFound, "failed to get mount target, error: %s", err.Error()) + mountTarget, err = fssClient.GetMountTarget(ctx, mountTargetOCID) + if err != nil { + if !client.IsNotFound(err) { + log.With("service", "fss", "verb", "get", "resource", "mountTarget", "statusCode", util.GetHttpStatusCode(err)). + With(zap.Error(err)).Error("Failed to get mount target") + return nil, status.Errorf(codes.NotFound, "Failed to get mount target, error: %s", err.Error()) + } else { + log.With("service", "fss", "verb", "get", "resource", "mountTarget", "statusCode", util.GetHttpStatusCode(err)). + With(zap.Error(err)).Error("Mount Target not found") + return nil, status.Errorf(codes.NotFound, "Mount Target not found") + } } } + // TODO: Uncomment after SDK Supports Ipv6 - 1 line replace + //if len(mountTarget.PrivateIpIds) == 0 && len(mountTarget.MountTargetIpv6Ids) == 0 { + if len(mountTarget.PrivateIpIds) == 0 { + return nil, status.Error(codes.NotFound, "IP not assigned to mount target.") + } + + var mountTargetIp string + // TODO: Uncomment after SDK Supports Ipv6 - 13 line + //if len(mountTarget.MountTargetIpv6Ids) > 0 { + // // Ipv6 Mount Target + // mountTargetIpId := mountTarget.MountTargetIpv6Ids[0] + // log = log.With("mountTargetIpId", mountTargetIpId) + // ipv6IpObject, err := networkingClient.GetIpv6(ctx, mountTargetIpId) + // if err != nil { + // log.With("service", "vcn", "verb", "get", "resource", "ipv6", "statusCode", util.GetHttpStatusCode(err)). + // With(zap.Error(err)).Errorf("Failed to fetch Mount Target Ipv6 IP from IP ID: %s", mountTargetIpId) + // return nil, status.Errorf(codes.NotFound, "Failed to fetch Mount Target Ipv6 IP from IP ID: %s, error: %s", mountTargetIpId, err.Error()) + // } + // mountTargetIp = *ipv6IpObject.IpAddress + //} else { + // Ipv4 Mount Target + mountTargetIpId := mountTarget.PrivateIpIds[0] + privateIpObject, err := networkingClient.GetPrivateIp(ctx, mountTargetIpId) + if err != nil { + log.With("service", "vcn", "verb", "get", "resource", "privateIp", "statusCode", util.GetHttpStatusCode(err)). + With(zap.Error(err)).Errorf("Failed to fetch Mount Target Private IP from IP ID: %s", mountTargetIpId) + return nil, status.Errorf(codes.NotFound, "Failed to fetch Mount Target Private IP from IP ID: %s, error: %s", mountTargetIpId, err.Error()) + } + mountTargetIp = *privateIpObject.IpAddress + //} - if mountTarget != nil && mountTarget.PrivateIpIds != nil { - mountTargetIpId := mountTarget.PrivateIpIds[0] - log = log.With("mountTargetIpId", mountTargetIpId) - privateIpObject, err := d.client.Networking().GetPrivateIp(ctx, mountTargetIpId) - if err != nil { - log.With("service", "vcn", "verb", "get", "resource", "privateIp", "statusCode", util.GetHttpStatusCode(err)). - With(zap.Error(err)).Errorf("Failed to fetch Mount Target Private IP from IP ID: %s", mountTargetIpId) - return nil, status.Errorf(codes.NotFound, "Failed to fetch Mount Target Private IP from IP ID: %s, error: %s", mountTargetIpId, err.Error()) - } - mountTargetIp := *privateIpObject.IpAddress - log = log.With("mountTargetValidatedIp", mountTargetIp) - if mountTargetIp != mountTargetIP { - log.Errorf("Failed to fetch Mount Target Private IP from IP ID: %s", mountTargetIpId) - return nil, status.Errorf(codes.NotFound, "Mount Target IP mis-match.") - } - } else { - log.Error("Mount Target not found") - return nil, status.Errorf(codes.NotFound, "Mount Target not found") + log = log.With("mountTargetValidatedIp", mountTargetIp) + if !strings.EqualFold(csi_util.FormatValidIp(mountTargetIp), mountTargetIP) { + log.With("mountTargetIpFromVolumeId", mountTargetIP).Errorf("Mount Target IP mismatch.") + return nil, status.Errorf(codes.NotFound, "Mount Target IP mismatch.") } exportSummary := &fss.ExportSummary{} if exportSetId != "" { log.Infof("searching export with tagged exportSetId %s", exportSetId) - exportSummary, err = d.client.FSS().FindExport(ctx, filesystemOcid, exportPath, exportSetId) + exportSummary, err = fssClient.FindExport(ctx, filesystemOcid, exportPath, exportSetId) if err != nil { log.With("service", "fss", "verb", "get", "resource", "export", "statusCode", util.GetHttpStatusCode(err)). With(zap.Error(err)).Error("export not found.") diff --git a/pkg/csi/driver/fss_controller_test.go b/pkg/csi/driver/fss_controller_test.go index 26a36d4dda..73c60979c1 100644 --- a/pkg/csi/driver/fss_controller_test.go +++ b/pkg/csi/driver/fss_controller_test.go @@ -33,8 +33,13 @@ import ( fss "github.com/oracle/oci-go-sdk/v65/filestorage" "github.com/pkg/errors" "go.uber.org/zap" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" authv1 "k8s.io/api/authentication/v1" + v1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/informers" "k8s.io/client-go/kubernetes" ) @@ -50,6 +55,13 @@ var ( AvailabilityDomain: common.String("NWuj:PHX-AD-2"), Id: common.String("mount-target-stuck-creating"), }, + "private-ip-fetch-error": { + DisplayName: common.String("private-ip-fetch-error"), + LifecycleState: fss.MountTargetLifecycleStateActive, + AvailabilityDomain: common.String("NWuj:PHX-AD-2"), + Id: common.String("private-ip-fetch-error"), + PrivateIpIds: []string{"private-ip-fetch-error"}, + }, } fileSystems = map[string]*fss.FileSystem{ @@ -355,18 +367,7 @@ func (c *MockFileStorageClient) AwaitMountTargetActive(ctx context.Context, logg }, ctx.Done()); err != nil { return nil, err } - idMt := "oc1.mounttarget.xxxx" - ad := "zkJl:US-ASHBURN-AD-1" - privateIpIds := []string{"10.0.20.1"} - displayName := "mountTarget" - idEx := "oc1.export.xxxx" - return &filestorage.MountTarget{ - Id: &idMt, - AvailabilityDomain: &ad, - DisplayName: &displayName, - PrivateIpIds: privateIpIds, - ExportSetId: &idEx, - }, nil + return mt, nil } // CreateMountTarget mocks the FileStorage CreateMountTarget implementation. @@ -394,7 +395,7 @@ func (c *MockFileStorageClient) DeleteMountTarget(ctx context.Context, id string } // FSS mocks client FileStorage implementation -func (p *MockProvisionerClient) FSS() client.FileStorageInterface { +func (p *MockProvisionerClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { return &MockFileStorageClient{} } @@ -410,7 +411,10 @@ func (m MockFSSProvisionerClient) LoadBalancer(*zap.SugaredLogger, string, strin return &MockLoadBalancerClient{} } -func (m MockFSSProvisionerClient) Networking() client.NetworkingInterface { +func (m MockFSSProvisionerClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { + if ociClientConfig != nil && ociClientConfig.TenancyId == "test-tenancy" { + return nil + } return &MockVirtualNetworkClient{} } @@ -418,11 +422,17 @@ func (m MockFSSProvisionerClient) BlockStorage() client.BlockStorageInterface { return &MockBlockStorageClient{} } -func (m MockFSSProvisionerClient) FSS() client.FileStorageInterface { +func (m MockFSSProvisionerClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { + if ociClientConfig != nil && ociClientConfig.TenancyId == "test2-tenancy" { + return nil + } return &MockFileStorageClient{} } -func (m MockFSSProvisionerClient) Identity() client.IdentityInterface { +func (m MockFSSProvisionerClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { + if ociClientConfig != nil && ociClientConfig.TenancyId == "test1-tenancy" { + return nil + } return &MockIdentityClient{} } @@ -441,6 +451,7 @@ func TestFSSControllerDriver_CreateVolume(t *testing.T) { type args struct { ctx context.Context req *csi.CreateVolumeRequest + tenancyId string } tests := []struct { name string @@ -530,6 +541,24 @@ func TestFSSControllerDriver_CreateVolume(t *testing.T) { want: nil, wantErr: errors.New("Neither Mount Target Ocid nor Mount Target Subnet Ocid provided in storage class"), }, + { + name: "Error during mount target IP fetch", + fields: fields{}, + args: args{ + ctx: context.Background(), + req: &csi.CreateVolumeRequest{ + Name: "private-ip-fetch-error", + Parameters: map[string]string{"availabilityDomain": "US-ASHBURN-AD-1", "mountTargetSubnetOcid": "oc1.subnet.xxxx"}, + VolumeCapabilities: []*csi.VolumeCapability{{ + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + }}, + }, + }, + want: nil, + wantErr: errors.New("Failed to get mount target privateIp ip from ip id"), + }, { name: "Time out during file system idempotency check", fields: fields{}, @@ -639,15 +668,75 @@ func TestFSSControllerDriver_CreateVolume(t *testing.T) { want: nil, wantErr: errors.New("await export failed with time out"), }, + { + name: "Error for Creating incorrect Networking client", + fields: fields{}, + args: args{ + ctx: context.Background(), + req: &csi.CreateVolumeRequest{ + Name: "volume-name", + Parameters: map[string]string{"availabilityDomain": "US-ASHBURN-AD-1", "mountTargetOcid": "oc1.mounttarget.xxxx", "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": ""}, + VolumeCapabilities: []*csi.VolumeCapability{{ + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + }}, + Secrets: map[string]string{"serviceAccount": "", "serviceAccountNamespace": "", "parentRptURL": "testurl"}, + }, + tenancyId: "test-tenancy", + }, + want: nil, + wantErr: status.Error(codes.Internal, "Unable to create networking client"), + }, + { + name: "Error for Creating incorrect Identity client", + fields: fields{}, + args: args{ + ctx: context.Background(), + req: &csi.CreateVolumeRequest{ + Name: "volume-name", + Parameters: map[string]string{"availabilityDomain": "US-ASHBURN-AD-1", "mountTargetOcid": "oc1.mounttarget.xxxx", "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": ""}, + VolumeCapabilities: []*csi.VolumeCapability{{ + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + }}, + Secrets: map[string]string{"serviceAccount": "", "serviceAccountNamespace": "", "parentRptURL": "testurl"}, + }, + tenancyId: "test1-tenancy", + }, + want: nil, + wantErr: status.Error(codes.Internal, "Unable to create identity client"), + }, + { + name: "Error for Creating incorrect FSS client", + fields: fields{}, + args: args{ + ctx: context.Background(), + req: &csi.CreateVolumeRequest{ + Name: "volume-name", + Parameters: map[string]string{"availabilityDomain": "US-ASHBURN-AD-1", "mountTargetOcid": "oc1.mounttarget.xxxx", "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": ""}, + VolumeCapabilities: []*csi.VolumeCapability{{ + AccessMode: &csi.VolumeCapability_AccessMode{ + Mode: csi.VolumeCapability_AccessMode_SINGLE_NODE_WRITER, + }, + }}, + Secrets: map[string]string{"serviceAccount": "", "serviceAccountNamespace": "", "parentRptURL": "testurl"}, + }, + tenancyId: "test2-tenancy", + }, + want: nil, + wantErr: status.Error(codes.Internal, "Unable to create fss client"), + }, } for _, tt := range tests { ctx, cancel := context.WithTimeout(context.Background(), testTimeout) defer cancel() t.Run(tt.name, func(t *testing.T) { - d := &FSSControllerDriver{ControllerDriver{ + d := &FSSControllerDriver{ControllerDriver: ControllerDriver{ KubeClient: nil, logger: zap.S(), - config: &providercfg.Config{CompartmentID: ""}, + config: &providercfg.Config{CompartmentID: "", Auth: config.AuthConfig{TenancyID: tt.args.tenancyId}}, client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), util: &csi_util.Util{}, }} @@ -678,6 +767,7 @@ func TestFSSControllerDriver_DeleteVolume(t *testing.T) { type args struct { ctx context.Context req *csi.DeleteVolumeRequest + tenancyId string } tests := []struct { name string @@ -736,13 +826,24 @@ func TestFSSControllerDriver_DeleteVolume(t *testing.T) { want: &csi.DeleteVolumeResponse{}, wantErr: nil, }, + { + name: "Error while creating fss client", + fields: fields{}, + args: args{ + ctx: context.Background(), + req: &csi.DeleteVolumeRequest{VolumeId: "oc1.filesystem.xxxx:10.0.10.207:/export-path", Secrets: map[string]string{"serviceAccount": "", "serviceAccountNamespace": "", "parentRptURL": "testurl"}}, + tenancyId: "test2-tenancy", + }, + want: nil, + wantErr: status.Error(codes.Internal, "Unable to create fss client"), + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - d := &FSSControllerDriver{ControllerDriver{ + d := &FSSControllerDriver{ControllerDriver: ControllerDriver{ KubeClient: nil, logger: zap.S(), - config: &providercfg.Config{CompartmentID: ""}, + config: &providercfg.Config{CompartmentID: "", Auth: config.AuthConfig{TenancyID: tt.args.tenancyId}}, client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), util: &csi_util.Util{}, }} @@ -905,14 +1006,14 @@ func TestExtractStorageClassParameters(t *testing.T) { ctx := context.Background() for name, tt := range tests { t.Run(name, func(t *testing.T) { - d := &FSSControllerDriver{ControllerDriver{ + d := &FSSControllerDriver{ControllerDriver: ControllerDriver{ KubeClient: nil, logger: zap.S(), config: &providercfg.Config{CompartmentID: "oc1.compartment.xxxx"}, client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), util: &csi_util.Util{}, }} - _, _, gotStorageClassParameters, err, _ := extractStorageClassParameters(ctx, d, d.logger, map[string]string{}, "ut-volume", tt.parameters, time.Now()) + _, _, gotStorageClassParameters, err, _ := extractStorageClassParameters(ctx, d, d.logger, map[string]string{}, "ut-volume", tt.parameters, time.Now(), &MockIdentityClient{}) if tt.wantErr == false && err != nil { t.Errorf("got error %q, want none", err) } @@ -934,3 +1035,369 @@ func isStorageClassParametersEqual(gotStorageClassParameters, expectedStorageCla (gotStorageClassParameters.exportPath == expectedStorageClassParameters.exportPath) && (gotStorageClassParameters.kmsKey == expectedStorageClassParameters.kmsKey) } + +func Test_validateMountTargetWithClusterIpFamily(t *testing.T) { + + ipv4ClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + clusterIpFamily: csi_util.Ipv4Stack, + }} + + ipv6ClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + clusterIpFamily: csi_util.Ipv6Stack, + }} + + dualStackClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + clusterIpFamily: strings.Join([]string{csi_util.Ipv4Stack, csi_util.Ipv6Stack}, ","), + }} + + tests := []struct { + name string + driver *FSSControllerDriver + mtIpv6Ids []string + privateIpIds []string + wantErr error + }{ + { + name: "Should error when ipv6 mount target specified for ipv4 cluster", + driver: ipv4ClusterDriver, + mtIpv6Ids: []string{"fd00:00c1::a9fe:202"}, + wantErr: status.Errorf(codes.InvalidArgument, "Invalid mount target. For using ipv6 mount target, cluster needs to be ipv6 or dual stack but found to be %s.", ipv4ClusterDriver.clusterIpFamily), + }, + { + name: "Should error when ipv4 mount target specified for ipv6 cluster", + driver: ipv6ClusterDriver, + privateIpIds: []string{"10.0.10.1"}, + wantErr: status.Errorf(codes.InvalidArgument, "Invalid mount target. For using ipv4 mount target, cluster needs to ipv4 or dual stack but found to be %s.", ipv6ClusterDriver.clusterIpFamily), + }, + { + name: "Should not return error when ipv6 mount target specified for ipv6 cluster", + driver: ipv6ClusterDriver, + mtIpv6Ids: []string{"fd00:00c1::a9fe:202"}, + wantErr: nil, + }, + { + name: "Should not return error when ipv6 mount target specified for dual stack cluster", + driver: dualStackClusterDriver, + mtIpv6Ids: []string{"fd00:00c1::a9fe:202"}, + wantErr: nil, + }, + { + name: "Should not return error when ipv4 mount target specified for ipv4 stack cluster", + driver: ipv4ClusterDriver, + privateIpIds: []string{"10.0.10.1"}, + wantErr: nil, + }, + { + name: "Should not return error when ipv4 mount target specified for dual stack cluster", + driver: dualStackClusterDriver, + privateIpIds: []string{"10.0.10.1"}, + wantErr: nil, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotErr := tt.driver.validateMountTargetWithClusterIpFamily(tt.mtIpv6Ids, tt.privateIpIds) + + if tt.wantErr != gotErr && !strings.EqualFold(tt.wantErr.Error(), gotErr.Error()) { + t.Errorf("validateMountTargetWithClusterIpFamily() = %v, want %v", gotErr.Error(), tt.wantErr.Error()) + } + }) + } + +} + +func Test_validateMountTargetSubnetWithClusterIpFamily(t *testing.T) { + logger := zap.S() + ipv4ClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + KubeClient: nil, + logger: logger, + config: &providercfg.Config{CompartmentID: "oc1.compartment.xxxx"}, + util: &csi_util.Util{}, + clusterIpFamily: csi_util.Ipv4Stack, + client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), + }} + + ipv6ClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + KubeClient: nil, + logger: logger, + config: &providercfg.Config{CompartmentID: "oc1.compartment.xxxx"}, + util: &csi_util.Util{}, + clusterIpFamily: csi_util.Ipv6Stack, + client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), + }} + + dualStackClusterDriver := &FSSControllerDriver{ControllerDriver: ControllerDriver{ + KubeClient: nil, + logger: logger, + config: &providercfg.Config{CompartmentID: "oc1.compartment.xxxx"}, + util: &csi_util.Util{}, + clusterIpFamily: strings.Join([]string{csi_util.Ipv4Stack, csi_util.Ipv6Stack}, ","), + client: NewClientProvisioner(nil, nil, &MockFileStorageClient{}), + }} + + tests := []struct { + name string + driver *FSSControllerDriver + mountTargetSubnetId string + wantErr error + }{ + { + name: "Should not return error when ipv4 mount target subnet is used with ipv4 clusters", + driver: ipv4ClusterDriver, + mountTargetSubnetId: "ocid1.ipv4-subnet", + wantErr: nil, + }, + { + name: "Should return error when ipv6 mount target subnet is used with ipv4 clusters", + driver: ipv4ClusterDriver, + mountTargetSubnetId: "ocid1.ipv6-subnet", + wantErr: status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using ipv6 mount target subnet, cluster needs to be ipv6 or dual stack but found to be %s.", ipv4ClusterDriver.clusterIpFamily), + }, + { + name: "Should not return error when dual stack mount target subnet is used with ipv4 clusters", + driver: ipv4ClusterDriver, + mountTargetSubnetId: "ocid1.dual-stack-subnet", + wantErr: nil, + }, + { + name: "Should return error when ipv4 mount target subnet is used with ipv6 clusters", + driver: ipv6ClusterDriver, + mountTargetSubnetId: "ocid1.ipv4-subnet", + wantErr: status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using ipv4 mount target subnet, cluster needs to be ipv4 or dual stack but found to be %s.", ipv6ClusterDriver.clusterIpFamily), + }, + { + name: "Should return error when dual stack mount target subnet is used with ipv6 clusters", + driver: ipv6ClusterDriver, + mountTargetSubnetId: "ocid1.dual-stack-subnet", + wantErr: status.Errorf(codes.InvalidArgument, "Invalid mount target subnet. For using dual stack mount target subnet, cluster needs to ipv4 or dual stack but found to be %s.", ipv6ClusterDriver.clusterIpFamily), + }, + { + name: "Should not return error when ipv6 mount target subnet is used with ipv6 clusters", + driver: ipv6ClusterDriver, + mountTargetSubnetId: "ocid1.ipv6-subnet", + wantErr: nil, + }, + { + name: "Should not return error when ipv4 mount target subnet is used with dual stack clusters", + driver: dualStackClusterDriver, + mountTargetSubnetId: "ocid1.ipv4-subnet", + wantErr: nil, + }, + { + name: "Should not return error when ipv6 mount target subnet is used with dual stack clusters", + driver: dualStackClusterDriver, + mountTargetSubnetId: "ocid1.ipv6-subnet", + wantErr: nil, + }, + { + name: "Should not return error when dual stack mount target subnet is used with dual stack clusters", + driver: dualStackClusterDriver, + mountTargetSubnetId: "ocid1.dual-stack-subnet", + wantErr: nil, + }, + { + name: "Should return error when invalid mount target subnet is used", + driver: ipv4ClusterDriver, + mountTargetSubnetId: "ocid1.invalid-subnet", + wantErr: status.Errorf(codes.Internal, "Failed to get mount target subnet, error: %s", "Internal Error."), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + gotErr := tt.driver.validateMountTargetSubnetWithClusterIpFamily(context.Background(), tt.mountTargetSubnetId, logger, &MockVirtualNetworkClient{}) + + if tt.wantErr != gotErr && !strings.EqualFold(tt.wantErr.Error(), gotErr.Error()) { + t.Errorf("validateMountTargetWithClusterIpFamily() = %v, want %v", gotErr.Error(), tt.wantErr.Error()) + } + }) + } + +} + +func Test_extractSecretParameters(t *testing.T) { + + tests := map[string]struct { + parameters map[string]string + expectedSecretsParameters *SecretParameters + wantErr error + wantErrMessage string + }{ + "Extract secret parameters with only sa": { + parameters: map[string]string{ + "serviceAccount": "sa", + "serviceAccountNamespace": "", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "sa", + serviceAccountNamespace: "", + parentRptURL: "", + }, + wantErr: nil, + wantErrMessage: "", + }, + "Extract secret parameters with only sa namespace": { + parameters: map[string]string{ + "serviceAccount": "", + "serviceAccountNamespace": "sa-namespace", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "", + serviceAccountNamespace: "sa-namespace", + parentRptURL: "", + }, + wantErr: nil, + wantErrMessage: "", + }, + "Extract secret parameters with both sa & sa namespace empty": { + parameters: map[string]string{ + "serviceAccount": "", + "serviceAccountNamespace": "", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "", + serviceAccountNamespace: "", + parentRptURL: "", + }, + wantErr: nil, + wantErrMessage: "", + }, + "Extract secret parameters with both sa & sa namespace": { + parameters: map[string]string{ + "serviceAccount": "sa", + "serviceAccountNamespace": "sa-namespace", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "sa", + serviceAccountNamespace: "sa-namespace", + parentRptURL: "", + }, + wantErr: nil, + wantErrMessage: "", + }, + "Extract secret parameters with wrong serviceAccount key": { + parameters: map[string]string{ + "dsfsdf": "sa", + "serviceAccountNamespace": "sa-namespace", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "", + serviceAccountNamespace: "sa-namespace", + parentRptURL: "", + }, + wantErr: errors.New("wrong serviceAccount key is used"), + wantErrMessage: "", + }, + "Extract secret parameters with wrong serviceAccountNamespace key": { + parameters: map[string]string{ + "serviceAccount": "sa", + "fdafsdf": "sa-namespace", + "parentRptURL": "", + }, + expectedSecretsParameters: &SecretParameters{ + serviceAccount: "sa", + serviceAccountNamespace: "", + parentRptURL: "", + }, + wantErr: errors.New("wrong serviceAccountNamespace key is used"), + wantErrMessage: "", + }, + } + logger := zap.S() + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + + got := extractSecretParameters(logger, tt.parameters) + + if !reflect.DeepEqual(got, tt.expectedSecretsParameters) { + t.Errorf("extractSecretParameters() got = %v, want %v", got, tt.expectedSecretsParameters) + } + }) + } +} + +func TestFSSControllerDriver_getServiceAccountToken(t *testing.T) { + kc := NewSimpleClientset( + &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "sa", Namespace: "ns", + }, + }) + + factory := informers.NewSharedInformerFactoryWithOptions(kc, time.Second, informers.WithNamespace("ns")) + serviceAccountInformer := factory.Core().V1().ServiceAccounts() + go serviceAccountInformer.Informer().Run(wait.NeverStop) + + time.Sleep(time.Second) + + fss := &FSSControllerDriver{ + ControllerDriver: ControllerDriver{ + client: nil, + KubeClient: kc, + config: &providercfg.Config{CompartmentID: "testCompartment"}, + logger: zap.S(), + }, + serviceAccountLister: serviceAccountInformer.Lister(), + } + + tests := map[string]struct { + saName string + saNamespace string + FSSControllerDriver *FSSControllerDriver + want string + wantErr bool + }{ + "Error for being empty service account name": { + saName: "", + saNamespace: "ds", + FSSControllerDriver: fss, + want: "abc", + wantErr: true, + }, + "Error for being empty service account namespace": { + saName: "sa", + saNamespace: "", + FSSControllerDriver: fss, + want: "abc", + wantErr: true, + }, + "Error for incorrect service account name": { + saName: "sadsa", + saNamespace: "ds", + FSSControllerDriver: fss, + want: "pqr", + wantErr: true, + }, + "Error for incorrect service account namespace": { + saName: "sa", + saNamespace: "dsa", + FSSControllerDriver: fss, + want: "pqr", + wantErr: true, + }, + "No Error for existing service account name & service account namespace ": { + saName: "sa", + saNamespace: "ns", + FSSControllerDriver: fss, + want: "abc", + wantErr: false, + }, + } + + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + tokenRequest := authv1.TokenRequest{Spec: authv1.TokenRequestSpec{ExpirationSeconds: &ServiceAccountTokenExpiry}} + exp, _ := fss.KubeClient.CoreV1().ServiceAccounts(tt.saNamespace).CreateToken(context.Background(), tt.saName, &tokenRequest, metav1.CreateOptions{}) + + got, _ := tt.FSSControllerDriver.getServiceAccountToken(context.Background(), tt.saName, tt.saNamespace) + + if !reflect.DeepEqual(got, exp) != tt.wantErr && (got.Status.Token != tt.want) { + t.Errorf("getServiceAccountToken() expected string = %v, Got String %v", tt.want, got) + } + }) + } +} diff --git a/pkg/csi/driver/fss_node.go b/pkg/csi/driver/fss_node.go index 836a11d030..eedb5a91ae 100644 --- a/pkg/csi/driver/fss_node.go +++ b/pkg/csi/driver/fss_node.go @@ -16,6 +16,7 @@ package driver import ( "context" + "errors" "fmt" "os" "strconv" @@ -35,11 +36,12 @@ import ( ) const ( - mountPath = "mount" FipsEnabled = "1" + fssMountSemaphoreTimeout = time.Second * 30 fssUnmountSemaphoreTimeout = time.Second * 30 ) +var fssMountSemaphore = semaphore.NewWeighted(int64(2)) var fssUnmountSemaphore = semaphore.NewWeighted(int64(4)) // NodeStageVolume mounts the volume to a staging path on the node. @@ -52,14 +54,23 @@ func (d FSSNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVo return nil, status.Error(codes.InvalidArgument, "Staging path must be provided") } + logger := d.logger.With("volumeID", req.VolumeId) + volumeHandler := csi_util.ValidateFssId(req.VolumeId) _, mountTargetIP, exportPath := volumeHandler.FilesystemOcid, volumeHandler.MountTargetIPAddress, volumeHandler.FsExportPath + logger.Debugf("volumeHandler : %v", volumeHandler) + if mountTargetIP == "" || exportPath == "" { return nil, status.Error(codes.InvalidArgument, "Invalid Volume ID provided") } - logger := d.logger.With("volumeID", req.VolumeId) + if csi_util.IsIpv4(mountTargetIP) && !d.nodeIpFamily.Ipv4Enabled { + return nil, status.Error(codes.InvalidArgument, "Ipv4 mount target identified in volume id, but worker node does not support ipv4 ip family.") + } else if csi_util.IsIpv6(mountTargetIP) && !d.nodeIpFamily.Ipv6Enabled { + return nil, status.Error(codes.InvalidArgument, "Ipv6 mount target identified in volume id, but worker node does not support ipv6 ip family.") + } + logger.Debugf("volume context: %v", req.VolumeContext) var fsType = "" @@ -79,7 +90,7 @@ func (d FSSNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVo return nil, status.Errorf(codes.InvalidArgument, "EncryptInTransit must be a boolean value") } - mounter := mount.New(mountPath) + mounter := mount.New("") if encryptInTransit { isPackageInstalled, err := csi_util.IsInTransitEncryptionPackageInstalled() @@ -112,6 +123,27 @@ func (d FSSNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVo defer d.volumeLocks.Release(req.VolumeId) + logger.Debug("Trying to stage.") + startTime := time.Now() + + fssMountSemaphoreCtx, cancel := context.WithTimeout(ctx, fssMountSemaphoreTimeout) + defer cancel() + + err = fssMountSemaphore.Acquire(fssMountSemaphoreCtx, 1) + if err != nil { + if errors.Is(err, context.DeadlineExceeded) { + logger.Error("Semaphore acquire timed out.") + } else if errors.Is(err, context.Canceled) { + logger.Error("Stage semaphore acquire context was canceled.") + } else { + logger.With(zap.Error(err)).Error("Error acquiring lock during stage.") + } + return nil, status.Error(codes.Aborted, "Too many mount requests.") + } + defer fssMountSemaphore.Release(1) + + logger.Info("Stage started.") + targetPath := req.StagingTargetPath mountPoint, err := isMountPoint(mounter, targetPath) if err != nil { @@ -137,7 +169,7 @@ func (d FSSNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVo return &csi.NodeStageVolumeResponse{}, nil } - source := fmt.Sprintf("%s:%s", mountTargetIP, exportPath) + source := fmt.Sprintf("%s:%s", csi_util.FormatValidIp(mountTargetIP), exportPath) if encryptInTransit { err = disk.MountWithEncrypt(logger, source, targetPath, fsType, options) @@ -148,7 +180,7 @@ func (d FSSNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVo logger.With(zap.Error(err)).Error("failed to mount volume to staging target path.") return nil, status.Error(codes.Internal, err.Error()) } - logger.With("mountTarget", mountTargetIP, "exportPath", exportPath, "StagingTargetPath", targetPath). + logger.With("mountTarget", mountTargetIP, "exportPath", exportPath, "StagingTargetPath", targetPath, "StageTime", time.Since(startTime).Milliseconds()). Info("Mounting the volume to staging target path is completed.") return &csi.NodeStageVolumeResponse{}, nil @@ -190,7 +222,7 @@ func (d FSSNodeDriver) NodePublishVolume(ctx context.Context, req *csi.NodePubli var fsType = "" - mounter := mount.New(mountPath) + mounter := mount.New("") targetPath := req.GetTargetPath() readOnly := req.GetReadonly() @@ -224,12 +256,34 @@ func (d FSSNodeDriver) NodePublishVolume(ctx context.Context, req *csi.NodePubli options = append(options, "ro") } source := req.GetStagingTargetPath() + + logger.Debug("Trying to publish.") + startTime := time.Now() + + fssMountSemaphoreCtx, cancel := context.WithTimeout(ctx, fssMountSemaphoreTimeout) + defer cancel() + + err = fssMountSemaphore.Acquire(fssMountSemaphoreCtx, 1) + if err != nil { + if errors.Is(err, context.DeadlineExceeded) { + logger.Error("Semaphore acquire timed out.") + } else if errors.Is(err, context.Canceled) { + logger.Error("Publish semaphore acquire context was canceled.") + } else { + logger.With(zap.Error(err)).Error("Error acquiring lock during stage.") + } + return nil, status.Error(codes.Aborted, "Too many mount requests.") + } + defer fssMountSemaphore.Release(1) + + logger.Info("Publish started.") + err = mounter.Mount(source, targetPath, fsType, options) if err != nil { logger.With(zap.Error(err)).Error("failed to bind mount volume to target path.") return nil, status.Error(codes.Internal, err.Error()) } - logger.With("staging target path", source, "TargetPath", targetPath). + logger.With("staging target path", source, "TargetPath", targetPath, "PublishTime", time.Since(startTime).Milliseconds()). Info("Bind mounting the volume to target path is completed.") return &csi.NodePublishVolumeResponse{}, nil @@ -247,7 +301,7 @@ func (d FSSNodeDriver) NodeUnpublishVolume(ctx context.Context, req *csi.NodeUnp logger := d.logger.With("volumeID", req.VolumeId, "targetPath", req.TargetPath) - mounter := mount.New(mountPath) + mounter := mount.New("") targetPath := req.GetTargetPath() // Use mount.IsNotMountPoint because mounter.IsLikelyNotMountPoint can't detect bind mounts @@ -298,19 +352,22 @@ func (d FSSNodeDriver) NodeUnstageVolume(ctx context.Context, req *csi.NodeUnsta return nil, status.Error(codes.InvalidArgument, "Volume ID must be provided") } + if req.StagingTargetPath == "" { + return nil, status.Error(codes.InvalidArgument, "Staging path must be provided") + } + volumeHandler := csi_util.ValidateFssId(req.VolumeId) + + logger := d.logger.With("volumeID", req.VolumeId, "stagingPath", req.StagingTargetPath) + + logger.Debugf("volumeHandler : %v", volumeHandler) + _, mountTargetIP, exportPath := volumeHandler.FilesystemOcid, volumeHandler.MountTargetIPAddress, volumeHandler.FsExportPath if mountTargetIP == "" || exportPath == "" { return nil, status.Error(codes.InvalidArgument, "Invalid Volume ID provided") } - if req.StagingTargetPath == "" { - return nil, status.Error(codes.InvalidArgument, "Staging path must be provided") - } - - logger := d.logger.With("volumeID", req.VolumeId, "stagingPath", req.StagingTargetPath) - if acquired := d.volumeLocks.TryAcquire(req.VolumeId); !acquired { logger.Error("Could not acquire lock for NodeUnstageVolume.") return nil, status.Errorf(codes.Aborted, volumeOperationAlreadyExistsFmt, req.VolumeId) @@ -344,7 +401,7 @@ func (d FSSNodeDriver) NodeUnstageVolume(ctx context.Context, req *csi.NodeUnsta } func (d FSSNodeDriver) unmountAndCleanup(logger *zap.SugaredLogger, targetPath string, exportPath string, mountTargetIP string) error { - mounter := mount.New(mountPath) + mounter := mount.New("") // Use mount.IsNotMountPoint because mounter.IsLikelyNotMountPoint can't detect bind mounts isNotMountPoint, err := mount.IsNotMountPoint(mounter, targetPath) if err != nil { @@ -365,7 +422,7 @@ func (d FSSNodeDriver) unmountAndCleanup(logger *zap.SugaredLogger, targetPath s return nil } - sources, err := csi_util.FindMount(targetPath) + sources, err := disk.FindMount(targetPath) if err != nil { logger.With(zap.Error(err)).Error("Find Mount failed for target path") return status.Error(codes.Internal, "Find Mount failed for target path") @@ -373,8 +430,11 @@ func (d FSSNodeDriver) unmountAndCleanup(logger *zap.SugaredLogger, targetPath s inTransitEncryption := false for _, device := range sources { - source := strings.Split(device, ":") - if len(source) == 2 && source[1] == exportPath && source[0] != mountTargetIP { + + logger.With("device", device).With("exportPath", exportPath). + With("mountTargetIP", mountTargetIP).Debugf("Identifying intransit encryption.") + if strings.HasSuffix(device, exportPath) && !strings.HasPrefix(device, mountTargetIP) { + logger.Debugf("Intransit encryption identified.") inTransitEncryption = true break } diff --git a/pkg/csi/driver/lustre_node.go b/pkg/csi/driver/lustre_node.go new file mode 100644 index 0000000000..7f54e6c038 --- /dev/null +++ b/pkg/csi/driver/lustre_node.go @@ -0,0 +1,380 @@ +package driver + +import ( + "context" + "fmt" + "os" + + "github.com/container-storage-interface/spec/lib/go/csi" + "go.uber.org/zap" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" + kubeAPI "k8s.io/api/core/v1" + "k8s.io/mount-utils" + + csi_util "github.com/oracle/oci-cloud-controller-manager/pkg/csi-util" + "github.com/oracle/oci-cloud-controller-manager/pkg/util/disk" +) + +const ( + mountPath = "mount" + SetupLnet = "setupLnet" + LustreSubnetCidr = "lustreSubnetCidr" +) + +func (d LustreNodeDriver) NodeStageVolume(ctx context.Context, req *csi.NodeStageVolumeRequest) (*csi.NodeStageVolumeResponse, error) { + + if req.VolumeId == "" { + return nil, status.Error(codes.InvalidArgument, "Volume ID must be provided") + } + + if req.StagingTargetPath == "" { + return nil, status.Error(codes.InvalidArgument, "Staging path must be provided") + } + + accessType := req.VolumeCapability.GetMount() + if accessType == nil || accessType.FsType != "lustre" { + return nil, status.Error(codes.InvalidArgument, "Invalid fsType provided. Only \"lustre\" fsType is supported on this driver.") + } + + isValidVolumeId, lnetLabel := csi_util.ValidateLustreVolumeId(req.VolumeId) + if !isValidVolumeId { + return nil, status.Error(codes.InvalidArgument, "Invalid Volume Handle provided.") + } + + logger := d.logger.With("volumeID", req.VolumeId) + + logger.Debugf("volume context: %v", req.VolumeContext) + + if acquired := d.volumeLocks.TryAcquire(req.VolumeId); !acquired { + logger.Error("Could not acquire lock for NodeStageVolume.") + return nil, status.Errorf(codes.Aborted, volumeOperationAlreadyExistsFmt, req.VolumeId) + } + defer d.volumeLocks.Release(req.VolumeId) + + //Lnet Setup + if setupLnet, ok := req.GetVolumeContext()[SetupLnet]; ok && setupLnet == "true" { + + lustreSubnetCIDR, ok := req.GetVolumeContext()[LustreSubnetCidr] + + if !ok { + lustreSubnetCIDR = fmt.Sprintf("%s/32", d.nodeID) + } + + err := csi_util.SetupLnet(logger, lustreSubnetCIDR, lnetLabel) + if err != nil { + logger.With(zap.Error(err)).Error("Failed to setup lnet.") + return nil, status.Errorf(codes.Internal, "Failed to setup lnet with error : %v", err.Error()) + } + + } else { + logger.Info("Lnet setup skipped as it is disabled in PV. ") + } + + var fsType = accessType.FsType + + var options []string + if accessType.MountFlags != nil { + options = accessType.MountFlags + } + + mounter := mount.New(mountPath) + + + + targetPath := req.StagingTargetPath + mountPoint, err := isMountPoint(mounter, targetPath) + if err != nil { + if os.IsNotExist(err) { + logger.With("StagingTargetPath", targetPath).Infof("Mount point does not pre-exist, creating now.") + // k8s v1.20+ will not create the TargetPath directory + // https://github.com/kubernetes/kubernetes/pull/88759 + // if the path exists already (= int(qpsRead) && p) { @@ -156,6 +158,14 @@ func (c *mockComputeClient) ListVnicAttachments(ctx context.Context, request cor return core.ListVnicAttachmentsResponse{}, nil } +func (c *mockComputeClient) GetVnicAttachment(ctx context.Context, request core.GetVnicAttachmentRequest) (response core.GetVnicAttachmentResponse, err error) { + return response, nil +} + +func (c *mockComputeClient) AttachVnic(ctx context.Context, request core.AttachVnicRequest) (response core.AttachVnicResponse, err error) { + return core.AttachVnicResponse{}, nil +} + func (c *mockComputeClient) GetVolumeAttachment(ctx context.Context, request core.GetVolumeAttachmentRequest) (response core.GetVolumeAttachmentResponse, err error) { return core.GetVolumeAttachmentResponse{}, nil } @@ -177,11 +187,11 @@ func (c *mockComputeClient) ListInstanceDevices(ctx context.Context, request cor if *request.InstanceId == "ocid1.device-path-returns-error" { return core.ListInstanceDevicesResponse{}, errNotFound - } else if *request.InstanceId == "ocid1.device-path-not-available" { + } else if *request.InstanceId == "ocid1.device-path-not-available" { return core.ListInstanceDevicesResponse{ - Items: []core.Device{}, - }, nil - } else if *request.InstanceId == "ocid1.one-device-path-available" { + Items: []core.Device{}, + }, nil + } else if *request.InstanceId == "ocid1.one-device-path-available" { return core.ListInstanceDevicesResponse{ Items: []core.Device{{ Name: &devicePath, @@ -217,6 +227,18 @@ func (c *mockVirtualNetworkClient) GetPrivateIp(ctx context.Context, request cor return core.GetPrivateIpResponse{}, nil } +func (c *mockVirtualNetworkClient) ListPrivateIps(ctx context.Context, request core.ListPrivateIpsRequest) (response core.ListPrivateIpsResponse, err error) { + return core.ListPrivateIpsResponse{}, nil +} + +func (c *mockVirtualNetworkClient) CreatePrivateIp(ctx context.Context, request core.CreatePrivateIpRequest) (response core.CreatePrivateIpResponse, err error) { + return core.CreatePrivateIpResponse{}, nil +} + +func (c *mockVirtualNetworkClient) GetIpv6(ctx context.Context, request core.GetIpv6Request) (response core.GetIpv6Response, err error) { + return core.GetIpv6Response{}, nil +} + func (c *mockVirtualNetworkClient) GetPublicIpByIpAddress(ctx context.Context, request core.GetPublicIpByIpAddressRequest) (response core.GetPublicIpByIpAddressResponse, err error) { return core.GetPublicIpByIpAddressResponse{}, nil } @@ -256,3 +278,61 @@ func (c *mockVirtualNetworkClient) ListNetworkSecurityGroupSecurityRules(ctx con func (c *mockVirtualNetworkClient) UpdateNetworkSecurityGroupSecurityRules(ctx context.Context, request core.UpdateNetworkSecurityGroupSecurityRulesRequest) (response core.UpdateNetworkSecurityGroupSecurityRulesResponse, err error) { return core.UpdateNetworkSecurityGroupSecurityRulesResponse{}, nil } + +func TestBackendTcpProxyProtocolOptionsStringArrayToEnum(t *testing.T) { + testCases := map[string]struct { + state []string + expected []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum + }{ + "empty options": { + state: []string{}, + expected: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{}, + }, + "PP2_TYPE_AUTHORITY": { + state: []string{"PP2_TYPE_AUTHORITY"}, + expected: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{"PP2_TYPE_AUTHORITY"}, + }, + "PP2_TYPE_AUTHORITY, PP3_TYPE_AUTHORITY": { + state: []string{"PP2_TYPE_AUTHORITY", "PP3_TYPE_AUTHORITY"}, + expected: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{"PP2_TYPE_AUTHORITY", "PP3_TYPE_AUTHORITY"}, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := backendTcpProxyProtocolOptionsStringArrayToEnum(tc.state) + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected enum\n%+v\nbut got\n%+v", tc.expected, result) + } + }) + } +} + +func TestStringArrayToBackendTcpProxyProtocolOptionsEnum(t *testing.T) { + testCases := map[string]struct { + state []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum + expected []string + }{ + "empty options": { + state: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{}, + expected: []string{}, + }, + "PP2_TYPE_AUTHORITY": { + state: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{"PP2_TYPE_AUTHORITY"}, + expected: []string{"PP2_TYPE_AUTHORITY"}, + }, + "PP2_TYPE_AUTHORITY, PP3_TYPE_AUTHORITY": { + state: []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{"PP2_TYPE_AUTHORITY", "PP3_TYPE_AUTHORITY"}, + expected: []string{"PP2_TYPE_AUTHORITY", "PP3_TYPE_AUTHORITY"}, + }, + } + + for name, tc := range testCases { + t.Run(name, func(t *testing.T) { + result := stringArrayToBackendTcpProxyProtocolOptionsEnum(tc.state) + if !reflect.DeepEqual(result, tc.expected) { + t.Errorf("Expected string\n%+v\nbut got\n%+v", tc.expected, result) + } + }) + } +} diff --git a/pkg/oci/client/compute.go b/pkg/oci/client/compute.go index e5f5b96c63..11bc0804bf 100644 --- a/pkg/oci/client/compute.go +++ b/pkg/oci/client/compute.go @@ -34,6 +34,8 @@ type ComputeInterface interface { GetPrimaryVNICForInstance(ctx context.Context, compartmentID, instanceID string) (*core.Vnic, error) + GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) + VolumeAttachmentInterface } @@ -182,6 +184,52 @@ func (c *client) GetPrimaryVNICForInstance(ctx context.Context, compartmentID, i return nil, errors.WithStack(errNotFound) } +func (c *client) GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) { + logger := c.logger.With("instanceID", instanceID, "compartmentID", compartmentID) + secondaryVnics := []*core.Vnic{} + var page *string + for { + resp, err := c.listVNICAttachments(ctx, core.ListVnicAttachmentsRequest{ + InstanceId: &instanceID, + CompartmentId: &compartmentID, + Page: page, + RequestMetadata: c.requestMetadata, + }) + + if err != nil { + return nil, err + } + + for _, attachment := range resp.Items { + if attachment.LifecycleState != core.VnicAttachmentLifecycleStateAttached { + logger.With("vnicAttachmentID", *attachment.Id).Info("VNIC attachment is not in attached state") + continue + } + + if attachment.VnicId == nil { + // Should never happen but lets be extra cautious as field is non-mandatory in OCI API. + logger.With("vnicAttachmentID", *attachment.Id).Error("VNIC attachment is attached but has no VNIC ID") + continue + } + + // TODO(apryde): Cache map[instanceID]SecondaryVNICID. + vnic, err := c.GetVNIC(ctx, *attachment.VnicId) + if err != nil { + return nil, err + } + if !*vnic.IsPrimary { + secondaryVnics = append(secondaryVnics, vnic) + } + } + + if page = resp.OpcNextPage; resp.OpcNextPage == nil { + break + } + } + + return secondaryVnics, nil +} + func (c *client) GetInstanceByNodeName(ctx context.Context, compartmentID, vcnID, nodeName string) (*core.Instance, error) { // First try lookup by display name. instance, err := c.getInstanceByDisplayName(ctx, compartmentID, nodeName) @@ -192,10 +240,8 @@ func (c *client) GetInstanceByNodeName(ctx context.Context, compartmentID, vcnID logger := c.logger.With("nodeName", nodeName, "compartmentID", compartmentID) // Otherwise fall back to looking up via VNiC properties (hostname or public IP). - var ( - page *string - instances []*core.Instance - ) + var page *string + instances := make(map[string]*core.Instance) for { resp, err := c.listVNICAttachments(ctx, core.ListVnicAttachmentsRequest{ CompartmentId: &compartmentID, @@ -234,6 +280,7 @@ func (c *client) GetInstanceByNodeName(ctx context.Context, compartmentID, vcnID if (vnic.PublicIp != nil && *vnic.PublicIp == nodeName) || (vnic.PrivateIp != nil && *vnic.PrivateIp == nodeName) || + (len(vnic.Ipv6Addresses) > 0 && vnic.Ipv6Addresses[0] == nodeName) || (vnic.HostnameLabel != nil && (*vnic.HostnameLabel != "" && strings.HasPrefix(nodeName, *vnic.HostnameLabel))) { instance, err := c.GetInstance(ctx, *attachment.InstanceId) if err != nil { @@ -245,8 +292,9 @@ func (c *client) GetInstanceByNodeName(ctx context.Context, compartmentID, vcnID "lifecycleState", instance.LifecycleState).Warn("Instance in a terminal state") continue } - - instances = append(instances, instance) + // Instances with multiple vnics with the same host name label predix will cause the same instance to be added multiple times. + // Use map to maintaince unique instances. + instances[*instance.Id] = instance } } if page = resp.OpcNextPage; resp.OpcNextPage == nil { @@ -260,7 +308,10 @@ func (c *client) GetInstanceByNodeName(ctx context.Context, compartmentID, vcnID if len(instances) > 1 { return nil, errors.Errorf("too many instances returned for node name %q: %d", nodeName, len(instances)) } - return instances[0], nil + for _, instance := range instances { + return instance, nil + } + return nil, nil } // IsInstanceInTerminalState returns true if the instance is in a terminal state, false otherwise. diff --git a/pkg/oci/client/generic_load_balancer_types.go b/pkg/oci/client/generic_load_balancer_types.go index d2b108fe5a..2cc6aaba1f 100644 --- a/pkg/oci/client/generic_load_balancer_types.go +++ b/pkg/oci/client/generic_load_balancer_types.go @@ -14,6 +14,12 @@ package client +const ( + GenericIPv4 GenericIpVersion = "IPv4" + GenericIPv6 GenericIpVersion = "IPv6" + GenericIPv4AndIPv6 GenericIpVersion = "IPv4_AND_IPv6" +) + type GenericBackendSetDetails struct { Name *string HealthChecker *GenericHealthChecker @@ -24,8 +30,11 @@ type GenericBackendSetDetails struct { SslConfiguration *GenericSslConfigurationDetails // Only needed for NLB IsPreserveSource *bool + IpVersion *GenericIpVersion } +type GenericIpVersion string + type GenericSessionPersistenceConfiguration struct { CookieName *string DisableFallback *bool @@ -45,22 +54,27 @@ type GenericHealthChecker struct { } type GenericBackend struct { - Port *int - Name *string - IpAddress *string - TargetId *string - Weight *int + Port *int + Name *string + IpAddress *string + TargetId *string + Weight *int + Backup *bool + Drain *bool + Offline *bool + MaxConnections *int } type GenericSslConfigurationDetails struct { - VerifyDepth *int - VerifyPeerCertificate *bool - TrustedCertificateAuthorityIds []string - CertificateIds []string - CertificateName *string - ServerOrderPreference string - CipherSuiteName *string - Protocols []string + VerifyDepth *int `json:"verifyDepth"` + VerifyPeerCertificate *bool `json:"verifyPeerCertificate"` + HasSessionResumption *bool `json:"hasSessionResumption"` + TrustedCertificateAuthorityIds []string `json:"trustedCertificateAuthorityIds"` + CertificateIds []string `json:"certificateIds"` + CertificateName *string `json:"certificateName"` + Protocols []string `json:"protocols"` + CipherSuiteName *string `json:"cipherSuiteName"` + ServerOrderPreference string `json:"serverOrderPreference"` } type GenericListener struct { @@ -74,6 +88,8 @@ type GenericListener struct { ConnectionConfiguration *GenericConnectionConfiguration RoutingPolicyName *string RuleSetNames []string + IpVersion *GenericIpVersion + IsPpv2Enabled *bool } type GenericConnectionConfiguration struct { @@ -96,6 +112,7 @@ type GenericCreateLoadBalancerDetails struct { NetworkSecurityGroupIds []string FreeformTags map[string]string DefinedTags map[string]map[string]interface{} + IpVersion *GenericIpVersion // Only needed for LB Certificates map[string]GenericCertificate @@ -143,6 +160,7 @@ type GenericLoadBalancer struct { Listeners map[string]GenericListener Certificates map[string]GenericCertificate BackendSets map[string]GenericBackendSetDetails + IpVersion *GenericIpVersion FreeformTags map[string]string DefinedTags map[string]map[string]interface{} @@ -165,6 +183,7 @@ type GenericUpdateNetworkSecurityGroupsDetails struct { } type GenericUpdateLoadBalancerDetails struct { + IpVersion *GenericIpVersion FreeformTags map[string]string DefinedTags map[string]map[string]interface{} } diff --git a/pkg/oci/client/identity.go b/pkg/oci/client/identity.go index d9dd47df61..d5f1a33c19 100644 --- a/pkg/oci/client/identity.go +++ b/pkg/oci/client/identity.go @@ -19,6 +19,7 @@ import ( "fmt" "strings" + "github.com/oracle/oci-cloud-controller-manager/pkg/util" "github.com/oracle/oci-go-sdk/v65/identity" "github.com/pkg/errors" ) @@ -48,15 +49,71 @@ func (c *client) ListAvailabilityDomains(ctx context.Context, compartmentID stri } func (c *client) GetAvailabilityDomainByName(ctx context.Context, compartmentID, name string) (*identity.AvailabilityDomain, error) { - ads, err := c.ListAvailabilityDomains(ctx, compartmentID) + if !c.rateLimiter.Reader.TryAccept() { + return nil, RateLimitError(false, "ListAvailabilityDomains") + } + + var availabilityDomains []identity.AvailabilityDomain + var err error + + // TODO: Uncomment when compartments is available in OCI Go-SDK + //if IsIpv6SingleStackCluster() { + // availabilityDomains, err = c.listAvailabilityDomainsV6(ctx, compartmentID) + //} else { + availabilityDomains, err = c.listAvailabilityDomains(ctx, compartmentID) + //} + if err != nil { return nil, err } - // TODO: Add paging when implemented in oci-go-sdk. - for _, ad := range ads { + + // Find the desired availability domain by name + for _, ad := range availabilityDomains { if strings.HasSuffix(strings.ToLower(*ad.Name), strings.ToLower(name)) { return &ad, nil } } - return nil, fmt.Errorf("error looking up availability domain '%s':%v", name, ads) + return nil, fmt.Errorf("availability domain '%s' not found in list: %v", name, availabilityDomains) +} + +// listAvailabilityDomainsV6 lists availability domains for IPv6 single-stack clusters. +//func (c *client) listAvailabilityDomainsV6(ctx context.Context, compartmentID string) ([]identity.AvailabilityDomain, error) { +// resp, err := c.compartment.ListAvailabilityDomains(ctx, compartments.ListAvailabilityDomainsRequest{ +// CompartmentId: &compartmentID, +// RequestMetadata: c.requestMetadata, +// }) +// if resp.OpcRequestId != nil { +// c.logger.With("service", "Compartment", "verb", listVerb). +// With("OpcRequestId", *(resp.OpcRequestId)).With("statusCode", util.GetHttpStatusCode(err)). +// Info("OPC Request ID recorded for Compartment ListAvailabilityDomains call.") +// } +// incRequestCounter(err, listVerb, availabilityDomainResource) +// if err != nil { +// return nil, errors.WithStack(err) +// } +// +// availabilityDomains := make([]identity.AvailabilityDomain, len(resp.Items)) +// for i, ad := range resp.Items { +// availabilityDomains[i] = identity.AvailabilityDomain{Name: ad.Name} +// } +// return availabilityDomains, nil +//} + +// listAvailabilityDomains lists availability domains for regular clusters. +func (c *client) listAvailabilityDomains(ctx context.Context, compartmentID string) ([]identity.AvailabilityDomain, error) { + resp, err := c.identity.ListAvailabilityDomains(ctx, identity.ListAvailabilityDomainsRequest{ + CompartmentId: &compartmentID, + RequestMetadata: c.requestMetadata, + }) + if resp.OpcRequestId != nil { + c.logger.With("service", "Identity", "verb", listVerb). + With("OpcRequestId", *(resp.OpcRequestId)).With("statusCode", util.GetHttpStatusCode(err)). + Info("OPC Request ID recorded for ListAvailabilityDomains call.") + } + incRequestCounter(err, listVerb, availabilityDomainResource) + if err != nil { + return nil, errors.WithStack(err) + } + + return resp.Items, nil } diff --git a/pkg/oci/client/load_balancer.go b/pkg/oci/client/load_balancer.go index 8608bdf08d..f72337b197 100644 --- a/pkg/oci/client/load_balancer.go +++ b/pkg/oci/client/load_balancer.go @@ -116,25 +116,43 @@ func (c *loadbalancerClientStruct) CreateLoadBalancer(ctx context.Context, detai if !c.rateLimiter.Writer.TryAccept() { return "", RateLimitError(true, "CreateLoadBalancer") } + createLoadBalancerDetails := loadbalancer.CreateLoadBalancerDetails{ + CompartmentId: details.CompartmentId, + DisplayName: details.DisplayName, + SubnetIds: details.SubnetIds, + ShapeName: details.ShapeName, + ShapeDetails: c.genericShapeDetailsToShapeDetails(details.ShapeDetails), + ReservedIps: c.genericReservedIpToReservedIps(details.ReservedIps), + Certificates: c.genericCertificatesToCertificates(details.Certificates), + IsPrivate: details.IsPrivate, + NetworkSecurityGroupIds: details.NetworkSecurityGroupIds, + Listeners: c.genericListenerDetailsToListenerDetails(details.Listeners), + BackendSets: c.genericBackendSetDetailsToBackendSets(details.BackendSets), + FreeformTags: details.FreeformTags, + DefinedTags: details.DefinedTags, + } + + // IpMode for OCI Load balancers can only be set at Create + // Existing loadbalancer cannot be updated to have IPv6 LB endpoints + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + createLoadBalancerDetails.IpMode = loadbalancer.CreateLoadBalancerDetailsIpModeIpv4 + case GenericIPv6: + // OCI LBaaS does not support SingleStack IPv6 + createLoadBalancerDetails.IpMode = loadbalancer.CreateLoadBalancerDetailsIpModeIpv6 + case GenericIPv4AndIPv6: + createLoadBalancerDetails.IpMode = loadbalancer.CreateLoadBalancerDetailsIpModeIpv6 + } + + } + resp, err := c.loadbalancer.CreateLoadBalancer(ctx, loadbalancer.CreateLoadBalancerRequest{ - CreateLoadBalancerDetails: loadbalancer.CreateLoadBalancerDetails{ - CompartmentId: details.CompartmentId, - DisplayName: details.DisplayName, - SubnetIds: details.SubnetIds, - ShapeName: details.ShapeName, - ShapeDetails: c.genericShapeDetailsToShapeDetails(details.ShapeDetails), - ReservedIps: c.genericReservedIpToReservedIps(details.ReservedIps), - Certificates: c.genericCertificatesToCertificates(details.Certificates), - IsPrivate: details.IsPrivate, - NetworkSecurityGroupIds: details.NetworkSecurityGroupIds, - Listeners: c.genericListenerDetailsToListenerDetails(details.Listeners), - BackendSets: c.genericBackendSetDetailsToBackendSets(details.BackendSets), - FreeformTags: details.FreeformTags, - DefinedTags: details.DefinedTags, - }, - RequestMetadata: c.requestMetadata, - OpcRetryToken: serviceUid, + CreateLoadBalancerDetails: createLoadBalancerDetails, + RequestMetadata: c.requestMetadata, + OpcRetryToken: serviceUid, }) + incRequestCounter(err, createVerb, loadBalancerResource) if err != nil { @@ -535,6 +553,7 @@ func (c *loadbalancerClientStruct) UpdateLoadBalancer(ctx context.Context, lbID } return *resp.OpcWorkRequestId, nil } + func (c *loadbalancerClientStruct) loadbalancerToGenericLoadbalancer(lb *loadbalancer.LoadBalancer) *GenericLoadBalancer { if lb == nil { return nil @@ -802,9 +821,13 @@ func (c *loadbalancerClientStruct) genericBackendDetailsToBackendDetails(details for _, backends := range details { backendDetails = append(backendDetails, loadbalancer.BackendDetails{ - IpAddress: backends.IpAddress, - Port: backends.Port, - Weight: backends.Weight, + IpAddress: backends.IpAddress, + Port: backends.Port, + Weight: backends.Weight, + Backup: backends.Backup, + Drain: backends.Drain, + Offline: backends.Offline, + MaxConnections: backends.MaxConnections, }) } return backendDetails @@ -815,9 +838,13 @@ func backendDetailsToGenericBackendDetails(details []loadbalancer.Backend) []Gen for _, backends := range details { genericBackendDetails = append(genericBackendDetails, GenericBackend{ - IpAddress: backends.IpAddress, - Port: backends.Port, - Weight: backends.Weight, + IpAddress: backends.IpAddress, + Port: backends.Port, + Weight: backends.Weight, + Backup: backends.Backup, + Drain: backends.Drain, + Offline: backends.Offline, + MaxConnections: backends.MaxConnections, }) } return genericBackendDetails @@ -836,6 +863,7 @@ func genericSslConfigurationToSslConfiguration(details *GenericSslConfigurationD ServerOrderPreference: loadbalancer.SslConfigurationDetailsServerOrderPreferenceEnum(details.ServerOrderPreference), CipherSuiteName: details.CipherSuiteName, Protocols: details.Protocols, + HasSessionResumption: details.HasSessionResumption, } } @@ -852,7 +880,24 @@ func sslConfigurationToGenericSslConfiguration(details *loadbalancer.SslConfigur ServerOrderPreference: string(details.ServerOrderPreference), CipherSuiteName: details.CipherSuiteName, Protocols: details.Protocols, + HasSessionResumption: details.HasSessionResumption, + } +} + +func backendTcpProxyProtocolOptionsStringArrayToEnum(options []string) []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum { + ccString := make([]loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum, 0) + for _, option := range options { + ccString = append(ccString, loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum(option)) + } + return ccString +} + +func stringArrayToBackendTcpProxyProtocolOptionsEnum(options []loadbalancer.ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum) []string { + ccString := make([]string, 0) + for _, option := range options { + ccString = append(ccString, string(option)) } + return ccString } func getSessionPersistenceConfiguration(details *GenericSessionPersistenceConfiguration) *loadbalancer.SessionPersistenceConfigurationDetails { diff --git a/pkg/oci/client/metrics.go b/pkg/oci/client/metrics.go index 579ddda023..8827fed183 100644 --- a/pkg/oci/client/metrics.go +++ b/pkg/oci/client/metrics.go @@ -54,6 +54,7 @@ const ( mountTargetResource resource = "mount_target" exportResource resource = "export" privateIPResource resource = "private_ip" + ipv6IPResource resource = "ipv6_ip" availabilityDomainResource resource = "availability_domain" nsgResource resource = "network_security_groups" nsgRuleResource resource = "network_security_group_rules" diff --git a/pkg/oci/client/network_load_balancer.go b/pkg/oci/client/network_load_balancer.go index 10a2edeaef..e95dab3bf4 100644 --- a/pkg/oci/client/network_load_balancer.go +++ b/pkg/oci/client/network_load_balancer.go @@ -18,7 +18,6 @@ import ( "context" "go.uber.org/zap" - "k8s.io/apimachinery/pkg/util/wait" "github.com/oracle/oci-go-sdk/v65/common" @@ -89,22 +88,35 @@ func (c *networkLoadbalancer) CreateLoadBalancer(ctx context.Context, details *G return "", RateLimitError(true, "CreateLoadBalancer") } + createNetworkLoadBalancerDetails := networkloadbalancer.CreateNetworkLoadBalancerDetails{ + CompartmentId: details.CompartmentId, + DisplayName: details.DisplayName, + SubnetId: &details.SubnetIds[0], + IsPreserveSourceDestination: details.IsPreserveSourceDestination, + ReservedIps: c.genericReservedIpToReservedIps(details.ReservedIps), + IsPrivate: details.IsPrivate, + NetworkSecurityGroupIds: details.NetworkSecurityGroupIds, + Listeners: c.genericListenerDetailsToListenerDetails(details.Listeners), + BackendSets: c.genericBackendSetDetailsToBackendSets(details.BackendSets), + FreeformTags: details.FreeformTags, + DefinedTags: details.DefinedTags, + } + + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + createNetworkLoadBalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv4 + case GenericIPv6: + createNetworkLoadBalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv6 + case GenericIPv4AndIPv6: + createNetworkLoadBalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv4AndIpv6 + } + } + resp, err := c.networkloadbalancer.CreateNetworkLoadBalancer(ctx, networkloadbalancer.CreateNetworkLoadBalancerRequest{ - CreateNetworkLoadBalancerDetails: networkloadbalancer.CreateNetworkLoadBalancerDetails{ - CompartmentId: details.CompartmentId, - DisplayName: details.DisplayName, - SubnetId: &details.SubnetIds[0], - IsPreserveSourceDestination: details.IsPreserveSourceDestination, - ReservedIps: c.genericReservedIpToReservedIps(details.ReservedIps), - IsPrivate: details.IsPrivate, - NetworkSecurityGroupIds: details.NetworkSecurityGroupIds, - Listeners: c.genericListenerDetailsToListenerDetails(details.Listeners), - BackendSets: c.genericBackendSetDetailsToBackendSets(details.BackendSets), - FreeformTags: details.FreeformTags, - DefinedTags: details.DefinedTags, - }, - RequestMetadata: c.requestMetadata, - OpcRetryToken: serviceUid, + CreateNetworkLoadBalancerDetails: createNetworkLoadBalancerDetails, + RequestMetadata: c.requestMetadata, + OpcRetryToken: serviceUid, }) incRequestCounter(err, createVerb, networkLoadBalancerResource) @@ -192,17 +204,27 @@ func (c *networkLoadbalancer) CreateBackendSet(ctx context.Context, lbID string, if !c.rateLimiter.Writer.TryAccept() { return "", RateLimitError(true, "CreateBackendSet") } + createBackendSetDetails := networkloadbalancer.CreateBackendSetDetails{ + Name: &name, + Backends: backendsToBackendDetails(details.Backends), + IsPreserveSource: details.IsPreserveSource, + HealthChecker: healthCheckerToHealthCheckerDetails(details.HealthChecker), + Policy: networkloadbalancer.NetworkLoadBalancingPolicyEnum(*details.Policy), + } + + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + createBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + createBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } + } resp, err := c.networkloadbalancer.CreateBackendSet(ctx, networkloadbalancer.CreateBackendSetRequest{ - NetworkLoadBalancerId: &lbID, - CreateBackendSetDetails: networkloadbalancer.CreateBackendSetDetails{ - Name: &name, - Backends: backendsToBackendDetails(details.Backends), - IsPreserveSource: details.IsPreserveSource, - HealthChecker: healthCheckerToHealthCheckerDetails(details.HealthChecker), - Policy: networkloadbalancer.NetworkLoadBalancingPolicyEnum(*details.Policy), - }, - RequestMetadata: c.requestMetadata, + NetworkLoadBalancerId: &lbID, + CreateBackendSetDetails: createBackendSetDetails, + RequestMetadata: c.requestMetadata, }) incRequestCounter(err, createVerb, backendSetResource) @@ -222,17 +244,27 @@ func (c *networkLoadbalancer) UpdateBackendSet(ctx context.Context, lbID string, return "", RateLimitError(true, "UpdateBackendSet") } - stringPolicy := details.Policy + updateBackendSetDetails := networkloadbalancer.UpdateBackendSetDetails{ + Backends: backendsToBackendDetails(details.Backends), + IsPreserveSource: details.IsPreserveSource, + HealthChecker: healthCheckerToHealthCheckerDetails(details.HealthChecker), + Policy: details.Policy, + } + + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + updateBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + updateBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } + } + resp, err := c.networkloadbalancer.UpdateBackendSet(ctx, networkloadbalancer.UpdateBackendSetRequest{ - NetworkLoadBalancerId: &lbID, - BackendSetName: &name, - UpdateBackendSetDetails: networkloadbalancer.UpdateBackendSetDetails{ - Backends: backendsToBackendDetails(details.Backends), - IsPreserveSource: details.IsPreserveSource, - HealthChecker: healthCheckerToHealthCheckerDetails(details.HealthChecker), - Policy: stringPolicy, - }, - RequestMetadata: c.requestMetadata, + NetworkLoadBalancerId: &lbID, + BackendSetName: &name, + UpdateBackendSetDetails: updateBackendSetDetails, + RequestMetadata: c.requestMetadata, }) incRequestCounter(err, updateVerb, backendSetResource) @@ -267,15 +299,27 @@ func (c *networkLoadbalancer) CreateListener(ctx context.Context, lbID string, n return "", RateLimitError(true, "CreateListener") } + createListenerDetails := networkloadbalancer.CreateListenerDetails{ + Name: &name, + DefaultBackendSetName: details.DefaultBackendSetName, + Port: details.Port, + Protocol: networkloadbalancer.ListenerProtocolsEnum(*details.Protocol), + IsPpv2Enabled: details.IsPpv2Enabled, + } + + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + createListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + createListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } + } + resp, err := c.networkloadbalancer.CreateListener(ctx, networkloadbalancer.CreateListenerRequest{ NetworkLoadBalancerId: &lbID, - CreateListenerDetails: networkloadbalancer.CreateListenerDetails{ - Name: &name, - DefaultBackendSetName: details.DefaultBackendSetName, - Port: details.Port, - Protocol: networkloadbalancer.ListenerProtocolsEnum(*details.Protocol), - }, - RequestMetadata: c.requestMetadata, + CreateListenerDetails: createListenerDetails, + RequestMetadata: c.requestMetadata, }) incRequestCounter(err, createVerb, listenerResource) @@ -291,15 +335,27 @@ func (c *networkLoadbalancer) UpdateListener(ctx context.Context, lbID string, n return "", RateLimitError(true, "UpdateListener") } + updateListenerDetails := networkloadbalancer.UpdateListenerDetails{ + DefaultBackendSetName: details.DefaultBackendSetName, + Port: details.Port, + Protocol: networkloadbalancer.ListenerProtocolsEnum(*details.Protocol), + IsPpv2Enabled: details.IsPpv2Enabled, + } + + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + updateListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + updateListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } + } + resp, err := c.networkloadbalancer.UpdateListener(ctx, networkloadbalancer.UpdateListenerRequest{ NetworkLoadBalancerId: &lbID, ListenerName: &name, - UpdateListenerDetails: networkloadbalancer.UpdateListenerDetails{ - DefaultBackendSetName: details.DefaultBackendSetName, - Port: details.Port, - Protocol: networkloadbalancer.ListenerProtocolsEnum(*details.Protocol), - }, - RequestMetadata: c.requestMetadata, + UpdateListenerDetails: updateListenerDetails, + RequestMetadata: c.requestMetadata, }) incRequestCounter(err, updateVerb, listenerResource) @@ -389,13 +445,26 @@ func (c *networkLoadbalancer) UpdateLoadBalancer(ctx context.Context, lbID strin if !c.rateLimiter.Writer.TryAccept() { return "", RateLimitError(true, "UpdateLoadBalancer") } - + updateNetworkLoadbalancerDetails := networkloadbalancer.UpdateNetworkLoadBalancerDetails{} + if details.FreeformTags != nil { + updateNetworkLoadbalancerDetails.FreeformTags = details.FreeformTags + } + if details.DefinedTags != nil { + updateNetworkLoadbalancerDetails.DefinedTags = details.DefinedTags + } + if details.IpVersion != nil { + switch *details.IpVersion { + case GenericIPv4: + updateNetworkLoadbalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv4 + case GenericIPv6: + updateNetworkLoadbalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv6 + case GenericIPv4AndIPv6: + updateNetworkLoadbalancerDetails.NlbIpVersion = networkloadbalancer.NlbIpVersionIpv4AndIpv6 + } + } resp, err := c.networkloadbalancer.UpdateNetworkLoadBalancer(ctx, networkloadbalancer.UpdateNetworkLoadBalancerRequest{ - UpdateNetworkLoadBalancerDetails: networkloadbalancer.UpdateNetworkLoadBalancerDetails{ - FreeformTags: details.FreeformTags, - DefinedTags: details.DefinedTags, - }, - NetworkLoadBalancerId: &lbID, + UpdateNetworkLoadBalancerDetails: updateNetworkLoadbalancerDetails, + NetworkLoadBalancerId: &lbID, }) incRequestCounter(err, updateVerb, networkLoadBalancerResource) @@ -438,6 +507,7 @@ func healthCheckerToHealthCheckerDetails(healthChecker *GenericHealthChecker) *n func (c *networkLoadbalancer) networkLoadbalancerToGenericLoadbalancer(nlb *networkloadbalancer.NetworkLoadBalancer) *GenericLoadBalancer { lifecycleState := string(nlb.LifecycleState) + nlbIpVersion := GenericIpVersion(nlb.NlbIpVersion) return &GenericLoadBalancer{ Id: nlb.Id, CompartmentId: nlb.CompartmentId, @@ -449,6 +519,7 @@ func (c *networkLoadbalancer) networkLoadbalancerToGenericLoadbalancer(nlb *netw NetworkSecurityGroupIds: nlb.NetworkSecurityGroupIds, Listeners: c.listenersToGenericListenerDetails(nlb.Listeners), BackendSets: c.backendSetsToGenericBackendSetDetails(nlb.BackendSets), + IpVersion: &nlbIpVersion, FreeformTags: nlb.FreeformTags, DefinedTags: nlb.DefinedTags, SystemTags: nlb.SystemTags, @@ -457,6 +528,7 @@ func (c *networkLoadbalancer) networkLoadbalancerToGenericLoadbalancer(nlb *netw func (c *networkLoadbalancer) networkLoadbalancerSummaryToGenericLoadbalancer(nlb *networkloadbalancer.NetworkLoadBalancerSummary) *GenericLoadBalancer { lifecycleState := string(nlb.LifecycleState) + nlbIpVersion := GenericIpVersion(nlb.NlbIpVersion) return &GenericLoadBalancer{ Id: nlb.Id, CompartmentId: nlb.CompartmentId, @@ -468,6 +540,7 @@ func (c *networkLoadbalancer) networkLoadbalancerSummaryToGenericLoadbalancer(nl NetworkSecurityGroupIds: nlb.NetworkSecurityGroupIds, Listeners: c.listenersToGenericListenerDetails(nlb.Listeners), BackendSets: c.backendSetsToGenericBackendSetDetails(nlb.BackendSets), + IpVersion: &nlbIpVersion, FreeformTags: nlb.FreeformTags, DefinedTags: nlb.DefinedTags, SystemTags: nlb.SystemTags, @@ -491,11 +564,14 @@ func (c *networkLoadbalancer) listenersToGenericListenerDetails(details map[stri for k, v := range details { protocol := string(v.Protocol) + ipVersion := GenericIpVersion(v.IpVersion) genericListenerDetails[k] = GenericListener{ Name: v.Name, DefaultBackendSetName: v.DefaultBackendSetName, Port: v.Port, Protocol: &protocol, + IpVersion: &ipVersion, + IsPpv2Enabled: v.IsPpv2Enabled, } } return genericListenerDetails @@ -506,6 +582,7 @@ func (c *networkLoadbalancer) backendSetsToGenericBackendSetDetails(backendSets for k, v := range backendSets { policyString := string(v.Policy) + ipVersion := GenericIpVersion(v.IpVersion) genericBackendSetDetails[k] = GenericBackendSetDetails{ HealthChecker: &GenericHealthChecker{ Protocol: string(v.HealthChecker.Protocol), @@ -520,6 +597,7 @@ func (c *networkLoadbalancer) backendSetsToGenericBackendSetDetails(backendSets Policy: &policyString, Backends: c.backendDetailsToGenericBackendDetails(v.Backends), IsPreserveSource: v.IsPreserveSource, + IpVersion: &ipVersion, } } @@ -579,12 +657,22 @@ func (c *networkLoadbalancer) genericListenerDetailsToListenerDetails(details ma listenerDetails := make(map[string]networkloadbalancer.ListenerDetails) for k, v := range details { - listenerDetails[k] = networkloadbalancer.ListenerDetails{ + nlbListenerDetails := networkloadbalancer.ListenerDetails{ Name: v.Name, DefaultBackendSetName: v.DefaultBackendSetName, Port: v.Port, Protocol: networkloadbalancer.ListenerProtocolsEnum(*v.Protocol), + IsPpv2Enabled: v.IsPpv2Enabled, + } + if v.IpVersion != nil { + switch *v.IpVersion { + case GenericIPv4: + nlbListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + nlbListenerDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } } + listenerDetails[k] = nlbListenerDetails } return listenerDetails } @@ -593,7 +681,7 @@ func (c *networkLoadbalancer) genericBackendSetDetailsToBackendSets(backendSets backendSetDetails := make(map[string]networkloadbalancer.BackendSetDetails) for k, v := range backendSets { - backendSetDetails[k] = networkloadbalancer.BackendSetDetails{ + nlbBackendSetDetails := networkloadbalancer.BackendSetDetails{ HealthChecker: &networkloadbalancer.HealthChecker{ Protocol: networkloadbalancer.HealthCheckProtocolsEnum(v.HealthChecker.Protocol), Port: v.HealthChecker.Port, @@ -607,6 +695,15 @@ func (c *networkLoadbalancer) genericBackendSetDetailsToBackendSets(backendSets Backends: c.genericBackendDetailsToBackendDetails(v.Backends), IsPreserveSource: v.IsPreserveSource, } + if v.IpVersion != nil { + switch *v.IpVersion { + case GenericIPv4: + nlbBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv4 + case GenericIPv6: + nlbBackendSetDetails.IpVersion = networkloadbalancer.IpVersionIpv6 + } + } + backendSetDetails[k] = nlbBackendSetDetails } return backendSetDetails } @@ -620,6 +717,9 @@ func (c *networkLoadbalancer) genericBackendDetailsToBackendDetails(details []Ge Port: backends.Port, Weight: backends.Weight, TargetId: backends.TargetId, + IsDrain: backends.Drain, + IsBackup: backends.Offline, + IsOffline: backends.Offline, }) } return backendDetails diff --git a/pkg/oci/client/network_load_balancer_test.go b/pkg/oci/client/network_load_balancer_test.go index d677a6aceb..711d33d434 100644 --- a/pkg/oci/client/network_load_balancer_test.go +++ b/pkg/oci/client/network_load_balancer_test.go @@ -209,6 +209,5 @@ func (c *MockNetworkLoadBalancerClient) UpdateNetworkSecurityGroups(ctx context. return } func (c *MockNetworkLoadBalancerClient) UpdateNetworkLoadBalancer(ctx context.Context, request networkloadbalancer.UpdateNetworkLoadBalancerRequest) (response networkloadbalancer.UpdateNetworkLoadBalancerResponse, err error) { - //TODO implement me return } diff --git a/pkg/oci/client/networking.go b/pkg/oci/client/networking.go index 026503ea57..722914fd74 100644 --- a/pkg/oci/client/networking.go +++ b/pkg/oci/client/networking.go @@ -18,24 +18,30 @@ import ( "context" "fmt" "net" + "strings" + "github.com/oracle/oci-cloud-controller-manager/pkg/util" "github.com/oracle/oci-go-sdk/v65/core" "github.com/pkg/errors" "k8s.io/utils/pointer" ) -// NetworkingInterface defines the subset of the OCI compute API utilised by the CCM. +// NetworkingInterface defines the subset of the OCI compute API utilised by the CCM type NetworkingInterface interface { GetSubnet(ctx context.Context, id string) (*core.Subnet, error) - GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) + GetSubnetFromCacheByIP(ip IpAddresses) (*core.Subnet, error) IsRegionalSubnet(ctx context.Context, id string) (bool, error) GetVcn(ctx context.Context, id string) (*core.Vcn, error) + GetVNIC(ctx context.Context, id string) (*core.Vnic, error) GetSecurityList(ctx context.Context, id string) (core.GetSecurityListResponse, error) UpdateSecurityList(ctx context.Context, id string, etag string, ingressRules []core.IngressSecurityRule, egressRules []core.EgressSecurityRule) (core.UpdateSecurityListResponse, error) + ListPrivateIps(ctx context.Context, vnicId string) ([]core.PrivateIp, error) GetPrivateIp(ctx context.Context, id string) (*core.PrivateIp, error) + CreatePrivateIp(ctx context.Context, vnicID string) (*core.PrivateIp, error) + GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) GetPublicIpByIpAddress(ctx context.Context, id string) (*core.PublicIp, error) @@ -51,6 +57,11 @@ type NetworkingInterface interface { UpdateNetworkSecurityGroupSecurityRules(ctx context.Context, id string, details core.UpdateNetworkSecurityGroupSecurityRulesDetails) (*core.UpdateNetworkSecurityGroupSecurityRulesResponse, error) } +type IpAddresses struct { + V4 string + V6 string +} + func (c *client) GetVNIC(ctx context.Context, id string) (*core.Vnic, error) { if !c.rateLimiter.Reader.TryAccept() { return nil, RateLimitError(false, "GetVNIC") @@ -87,6 +98,11 @@ func (c *client) GetSubnet(ctx context.Context, id string) (*core.Subnet, error) SubnetId: &id, RequestMetadata: c.requestMetadata, }) + if resp.OpcRequestId != nil { + c.logger.With("service", "Networking", "verb", getVerb). + With("OpcRequestId", *(resp.OpcRequestId)).With("statusCode", util.GetHttpStatusCode(err)). + Info("OPC Request ID recorded for GetSubnet call.") + } incRequestCounter(err, getVerb, subnetResource) if err != nil { @@ -101,20 +117,54 @@ func (c *client) GetSubnet(ctx context.Context, id string) (*core.Subnet, error) // GetSubnetFromCacheByIP checks to see if the given IP is contained by any subnet CIDR block in the subnet cache // If no hits were found then no subnet and no error will be returned (nil, nil) -func (c *client) GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) { - ipAddr := net.ParseIP(ip) +func (c *client) GetSubnetFromCacheByIP(ip IpAddresses) (*core.Subnet, error) { + ipAddrV4 := net.ParseIP(ip.V4) + ipAddrV6 := net.ParseIP(ip.V6) + for _, subnetItem := range c.subnetCache.List() { subnet := subnetItem.(*core.Subnet) - _, cidr, err := net.ParseCIDR(*subnet.CidrBlock) - if err != nil { - // This should never actually error but just in case - return nil, fmt.Errorf("unable to parse CIDR block %q for subnet %q: %v", *subnet.CidrBlock, *subnet.Id, err) + if subnet == nil { + continue } - - if cidr.Contains(ipAddr) { - return subnet, nil + if subnet.CidrBlock != nil { + // By design IPv4 CidrBlock is not allowed to be null or empty, so it has been hardcoded with string "" + if !strings.Contains(*subnet.CidrBlock, "null") { + _, cidrV4, err := net.ParseCIDR(*subnet.CidrBlock) + if err != nil { + // This should never actually error but just in case + return nil, fmt.Errorf("unable to parse CIDR block %q for subnet %q: %v", *subnet.CidrBlock, *subnet.Id, err) + } + if cidrV4.Contains(ipAddrV4) { + return subnet, nil + } + } + } + if subnet.Ipv6CidrBlock != nil { + _, cidrV6, err := net.ParseCIDR(*subnet.Ipv6CidrBlock) + if err != nil { + // This should never actually error but just in case + return nil, fmt.Errorf("unable to parse CIDR block %q for subnet %q: %v", *subnet.Ipv6CidrBlock, *subnet.Id, err) + } + if cidrV6.Contains(ipAddrV6) { + return subnet, nil + } + } + if subnet.Ipv6CidrBlocks != nil && len(subnet.Ipv6CidrBlocks) > 0 { + for _, ipv6CidrBlock := range subnet.Ipv6CidrBlocks { + if ipv6CidrBlock != "" { + _, cidrV6, err := net.ParseCIDR(ipv6CidrBlock) + if err != nil { + // This should never actually error but just in case + return nil, fmt.Errorf("unable to parse CIDR block %q for subnet %q: %v", ipv6CidrBlock, *subnet.Id, err) + } + if cidrV6.Contains(ipAddrV6) { + return subnet, nil + } + } + } } } + return nil, nil } @@ -190,10 +240,15 @@ func (c *client) GetPrivateIp(ctx context.Context, id string) (*core.PrivateIp, PrivateIpId: &id, RequestMetadata: c.requestMetadata, }) + if resp.OpcRequestId != nil { + c.logger.With("service", "Networking", "verb", getVerb, "mountTargetIpId", id). + With("OpcRequestId", *(resp.OpcRequestId)).With("statusCode", util.GetHttpStatusCode(err)). + Info("OPC Request ID recorded for GetPrivateIp call.") + } incRequestCounter(err, getVerb, privateIPResource) if err != nil { - c.logger.With(id).Infof("GetPrivateIp failed %s", pointer.StringDeref(resp.OpcRequestId, "")) + c.logger.With("mountTargetIpId", id).Infof("GetPrivateIp failed %s", pointer.StringDeref(resp.OpcRequestId, "")) return nil, errors.WithStack(err) } @@ -219,6 +274,75 @@ func (c *client) GetPublicIpByIpAddress(ctx context.Context, ip string) (*core.P return &resp.PublicIp, nil } +func (c *client) ListPrivateIps(ctx context.Context, vnicId string) ([]core.PrivateIp, error) { + privateIps := []core.PrivateIp{} + // Walk through all pages to get all private IPs for VNIC + for { + if !c.rateLimiter.Reader.TryAccept() { + return nil, RateLimitError(false, "ListPrivateIp") + } + + resp, err := c.network.ListPrivateIps(ctx, core.ListPrivateIpsRequest{ + VnicId: &vnicId, + RequestMetadata: c.requestMetadata, + }) + incRequestCounter(err, listVerb, privateIPResource) + if err != nil { + c.logger.With(vnicId).Infof("ListPrivateIps failed %s", pointer.StringDeref(resp.OpcRequestId, "")) + return nil, errors.WithStack(err) + } + privateIps = append(privateIps, resp.Items...) + if page := resp.OpcNextPage; page == nil { + break + } + } + + return privateIps, nil +} + +func (c *client) CreatePrivateIp(ctx context.Context, vnicId string) (*core.PrivateIp, error) { + if !c.rateLimiter.Writer.TryAccept() { + return nil, RateLimitError(false, "CreatePrivateIp") + } + requestMetadata := getDefaultRequestMetadata(c.requestMetadata) + resp, err := c.network.CreatePrivateIp(ctx, core.CreatePrivateIpRequest{ + CreatePrivateIpDetails: core.CreatePrivateIpDetails{ + VnicId: &vnicId, + }, + RequestMetadata: requestMetadata, + }) + incRequestCounter(err, createVerb, privateIPResource) + if err != nil { + c.logger.With(vnicId).Infof("CreatePrivateIp failed %s", pointer.StringDeref(resp.OpcRequestId, "")) + return nil, errors.WithStack(err) + } + + return &resp.PrivateIp, nil +} + +func (c *client) GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) { + if !c.rateLimiter.Reader.TryAccept() { + return nil, RateLimitError(false, "GetIpv6") + } + resp, err := c.network.GetIpv6(ctx, core.GetIpv6Request{ + Ipv6Id: &id, + RequestMetadata: c.requestMetadata, + }) + if resp.OpcRequestId != nil { + c.logger.With("service", "Networking", "verb", getVerb). + With("OpcRequestId", *(resp.OpcRequestId)).With("statusCode", util.GetHttpStatusCode(err)). + Info("OPC Request ID recorded for GetIpv6 call.") + } + incRequestCounter(err, getVerb, ipv6IPResource) + + if err != nil { + c.logger.With(id).Infof("GetIpv6 failed %s", pointer.StringDeref(resp.OpcRequestId, "")) + return nil, errors.WithStack(err) + } + + return &resp.Ipv6, nil +} + func (c *client) CreateNetworkSecurityGroup(ctx context.Context, compartmentId, vcnId, displayName, serviceUid string) (*core.NetworkSecurityGroup, error) { if !c.rateLimiter.Writer.TryAccept() { return nil, RateLimitError(false, "CreateNetworkSecurityGroup") @@ -354,7 +478,7 @@ func (c *client) AddNetworkSecurityGroupSecurityRules(ctx context.Context, id st if err != nil { c.logger.With(id).Infof("AddNetworkSecurityGroupSecurityRules failed %s", pointer.StringDeref(resp.OpcRequestId, "")) - return nil, errors.WithStack(err) + return &resp, errors.WithStack(err) } return &resp, nil } @@ -373,7 +497,7 @@ func (c *client) RemoveNetworkSecurityGroupSecurityRules(ctx context.Context, id if err != nil { c.logger.With(id).Infof("RemoveNetworkSecurityGroupSecurityRules failed %s", pointer.StringDeref(resp.OpcRequestId, "")) - return nil, errors.WithStack(err) + return &resp, errors.WithStack(err) } return &resp, nil } @@ -395,7 +519,7 @@ func (c *client) ListNetworkSecurityGroupSecurityRules(ctx context.Context, id s if err != nil { c.logger.With(id).Infof("ListNetworkSecurityGroupSecurityRules failed %s", pointer.StringDeref(resp.OpcRequestId, "")) - return nil, errors.WithStack(err) + return []core.SecurityRule{}, errors.WithStack(err) } for _, rule := range resp.Items { nsgRules = append(nsgRules, rule) @@ -421,7 +545,7 @@ func (c *client) UpdateNetworkSecurityGroupSecurityRules(ctx context.Context, id if err != nil { c.logger.With(id).Infof("UpdateNetworkSecurityGroupSecurityRules failed %s", pointer.StringDeref(resp.OpcRequestId, "")) - return nil, errors.WithStack(err) + return &resp, errors.WithStack(err) } return &resp, nil } diff --git a/pkg/oci/client/networking_test.go b/pkg/oci/client/networking_test.go new file mode 100644 index 0000000000..7d4cfe2f45 --- /dev/null +++ b/pkg/oci/client/networking_test.go @@ -0,0 +1,142 @@ +package client + +import ( + "reflect" + "testing" + "time" + + "github.com/oracle/oci-go-sdk/v65/common" + "github.com/oracle/oci-go-sdk/v65/core" + "k8s.io/client-go/tools/cache" +) + +var ( + subnets = map[string]*core.Subnet{ + "IPv4-subnet": { + Id: common.String("IPv4-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.10.0/24"), + }, + "IPv6-subnet": { + Id: common.String("IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + Ipv6CidrBlock: common.String("2603:c020:f:d222::/64"), + Ipv6CidrBlocks: []string{"2603:c020:f:d222::/64"}, + }, + "IPv4-IPv6-subnet": { + Id: common.String("IPv4-IPv6-subnet"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + CidrBlock: common.String("10.0.11.0/24"), + Ipv6CidrBlocks: []string{}, + Ipv6CidrBlock: common.String("2603:c020:f:d277::/64"), + }, + "IPv6-subnet-ULA": { + Id: common.String("IPv6-subnet-ULA"), + DnsLabel: common.String("subnetwithnovcndnslabel"), + VcnId: common.String("vcnwithoutdnslabel"), + AvailabilityDomain: nil, + Ipv6CidrBlock: nil, + Ipv6CidrBlocks: []string{"fd12:3456:789a:1::/64"}, + }, + } +) + +func Test_client_GetSubnetFromCacheByIP(t *testing.T) { + type fields struct { + subnetCache cache.Store + } + type args struct { + ip IpAddresses + } + tests := []struct { + name string + fields fields + args args + want *core.Subnet + wantErr bool + }{ + { + name: "IPv4 SingleStack Subnet", + fields: fields{ + subnetCache: cache.NewTTLStore(subnetCacheKeyFn, time.Duration(24)*time.Hour), + }, + args: args{ + ip: IpAddresses{ + V4: "10.0.10.1", + }, + }, + want: subnets["IPv4-subnet"], + wantErr: false, + }, + { + name: "IPv6 SingleStack Subnet", + fields: fields{ + subnetCache: cache.NewTTLStore(subnetCacheKeyFn, time.Duration(24)*time.Hour), + }, + args: args{ + ip: IpAddresses{ + V6: "2603:C020:000F:D222:0000:0000:0000:0000", + }, + }, + want: subnets["IPv6-subnet"], + wantErr: false, + }, + { + name: "DualStack Subnet", + fields: fields{ + subnetCache: cache.NewTTLStore(subnetCacheKeyFn, time.Duration(24)*time.Hour), + }, + args: args{ + ip: IpAddresses{ + V4: "10.0.11.1", + V6: "2603:C020:000F:D277:0000:0000:0000:0000", + }, + }, + want: subnets["IPv4-IPv6-subnet"], + wantErr: false, + }, + { + name: "IPv6 ULA Subnet", + fields: fields{ + subnetCache: cache.NewTTLStore(subnetCacheKeyFn, time.Duration(24)*time.Hour), + }, + args: args{ + ip: IpAddresses{ + V6: "fd12:3456:789a:0001:0000:0000:0000:0000", + }, + }, + want: subnets["IPv6-subnet-ULA"], + wantErr: false, + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + c := &client{ + subnetCache: cache.NewTTLStore(subnetCacheKeyFn, time.Duration(24)*time.Hour), + } + err := c.subnetCache.Add(subnets["IPv4-subnet"]) + err = c.subnetCache.Add(subnets["IPv6-subnet"]) + err = c.subnetCache.Add(subnets["IPv4-IPv6-subnet"]) + err = c.subnetCache.Add(subnets["IPv6-subnet-ULA"]) + if err != nil { + return + } + + got, err := c.GetSubnetFromCacheByIP(tt.args.ip) + + if (err != nil) != tt.wantErr { + t.Errorf("GetSubnetFromCacheByIP() error = %v, wantErr %v", err, tt.wantErr) + return + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("GetSubnetFromCacheByIP() got = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/pkg/oci/client/util_test.go b/pkg/oci/client/util_test.go index d78669c5dc..8ad6151174 100644 --- a/pkg/oci/client/util_test.go +++ b/pkg/oci/client/util_test.go @@ -15,6 +15,7 @@ package client import ( + "os" "testing" providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" @@ -89,3 +90,65 @@ func TestEnableRateLimiterConfig(t *testing.T) { } } + +func TestIsIpv6SingleStackCluster(t *testing.T) { + // Set up test cases + tests := []struct { + name string + envValue string + shouldSetEnv bool + want bool + }{ + { + name: "Returns true when cluster IP family is IPv6", + envValue: "ipv6", + shouldSetEnv: true, + want: true, + }, + { + name: "Returns false when cluster IP family is not set", + shouldSetEnv: false, + want: false, + }, + { + name: "Returns false when cluster IP family is not IPv6", + envValue: "ipv4", + shouldSetEnv: true, + want: false, + }, + { + name: "Returns false when cluster IP family is mixed case", + envValue: "IPv4", + shouldSetEnv: true, + want: false, + }, + { + name: "Returns true when cluster IP family is mixed case IPv6", + envValue: "IPv6", + shouldSetEnv: true, + want: true, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + // Clean up any existing env variable after test + defer os.Unsetenv(ClusterIpFamilyEnv) + + // Set environment variable if needed + if tt.shouldSetEnv { + os.Setenv(ClusterIpFamilyEnv, tt.envValue) + } else { + os.Unsetenv(ClusterIpFamilyEnv) + } + + // Run the function + got := IsIpv6SingleStackCluster() + + // Validate the result + if got != tt.want { + t.Errorf("IsIpv6SingleStackCluster() = %v, want %v", got, tt.want) + } + }) + } +} diff --git a/pkg/oci/client/utils.go b/pkg/oci/client/utils.go index d30dbca78b..7459fb0732 100644 --- a/pkg/oci/client/utils.go +++ b/pkg/oci/client/utils.go @@ -16,6 +16,7 @@ package client import ( "net/http" + "os" "strings" providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" @@ -101,3 +102,11 @@ func NewRateLimiter(logger *zap.SugaredLogger, config *providercfg.RateLimiterCo return rateLimiter } + +func IsIpv6SingleStackCluster() bool { + clusterIpFamily, ok := os.LookupEnv(ClusterIpFamilyEnv) + if ok && strings.EqualFold(clusterIpFamily, Ipv6Stack) { + return true + } + return false +} diff --git a/pkg/oci/client/volume_attachment.go b/pkg/oci/client/volume_attachment.go index 8fd2c61b6a..e2c0fa3b0b 100644 --- a/pkg/oci/client/volume_attachment.go +++ b/pkg/oci/client/volume_attachment.go @@ -54,6 +54,10 @@ type VolumeAttachmentInterface interface { WaitForVolumeDetached(ctx context.Context, attachmentID string) error FindActiveVolumeAttachment(ctx context.Context, compartmentID, volumeID string) (core.VolumeAttachment, error) + + // WaitForUHPVolumeLoggedOut WaitForUHPVolumeLogout polls waiting for a OCI UHP block volume attachment to be in the + // LOGGED_OUT state. + WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error } var _ VolumeAttachmentInterface = &client{} @@ -187,7 +191,7 @@ func (c *client) getDevicePath(ctx context.Context, instanceID string) (*string, if len(listInstanceDevicesResp.Items) == 0 { c.logger.With("service", "compute", "verb", listVerb, "resource", instanceResource). With("instanceID", instanceID).Warn("No consistent device paths available for worker node.") - return nil, fmt.Errorf("Max number of volumes are already attached to instance %s. Please schedule workload on different node.", instanceID) + return nil, fmt.Errorf("Max number of volumes are already attached to instance %s. Please schedule workload on different node.", instanceID) } //Picks device path from available path randomly so that 2 volume attachments don't get same path when operations happen concurrently resulting in failure of one of them. device := listInstanceDevicesResp.Items[rand.Intn(len(listInstanceDevicesResp.Items))].Name @@ -339,3 +343,24 @@ func (c *client) FindActiveVolumeAttachment(ctx context.Context, compartmentID, return nil, errors.WithStack(errNotFound) } + +func (c *client) WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error { + if err := wait.PollImmediateUntil(attachmentPollInterval, func() (done bool, err error) { + va, err := c.GetVolumeAttachment(ctx, attachmentID) + + if err != nil { + if IsRetryable(err) { + return false, nil + } + return true, errors.WithStack(err) + } + if va.GetIscsiLoginState() == core.VolumeAttachmentIscsiLoginStateLogoutSucceeded { + return true, nil + } + return false, nil + }, ctx.Done()); err != nil { + return errors.WithStack(err) + } + + return nil +} diff --git a/pkg/util/disk/iscsi.go b/pkg/util/disk/iscsi.go index ec57e6ba60..d90f43a874 100644 --- a/pkg/util/disk/iscsi.go +++ b/pkg/util/disk/iscsi.go @@ -18,6 +18,7 @@ import ( "context" "errors" "fmt" + "net" "os" cmdexec "os/exec" "path/filepath" @@ -61,7 +62,7 @@ var ErrMountPointNotFound = errors.New("mount point not found") // diskByPathPattern is the regex for extracting the iSCSI connection details // from /dev/disk/by-path/. var diskByPathPattern = regexp.MustCompile( - `/dev/disk/by-path/ip-(?P[\w\.]+):(?P\d+)-iscsi-(?P[\w\.\-:]+)-lun-\d+`, + `/dev/disk/by-path/ip-(?P[[?\w\.\:]+]?):(?P\d+)-iscsi-(?P[\w\.\-:]+)-lun-\d+`, ) // Interface mounts iSCSI volumes. @@ -125,26 +126,29 @@ type iSCSIMounter struct { // Disk interface type Disk struct { - IQN string - IPv4 string - Port int + IQN string + IscsiIp string + Port int } func (sd *Disk) String() string { - return fmt.Sprintf("%s:%d-%s", sd.IPv4, sd.Port, sd.IQN) + return fmt.Sprintf("%s:%d-%s", sd.IscsiIp, sd.Port, sd.IQN) } -// Target returns the target to connect to in the format ip:port. +// Target returns the target to connect to in the format ip:port for Ipv4 and [ip]:port for ipv6. func (sd *Disk) Target() string { - return fmt.Sprintf("%s:%d", sd.IPv4, sd.Port) + if net.ParseIP(sd.IscsiIp).To4() != nil { + return fmt.Sprintf("%s:%d", sd.IscsiIp, sd.Port) + } + return fmt.Sprintf("[%s]:%d", sd.IscsiIp, sd.Port) } -func newWithMounter(logger *zap.SugaredLogger, mounter mount.Interface, iqn, ipv4 string, port int) Interface { +func newWithMounter(logger *zap.SugaredLogger, mounter mount.Interface, iqn, iSCSIIp string, port int) Interface { return &iSCSIMounter{ disk: &Disk{ - IQN: iqn, - IPv4: ipv4, - Port: port, + IQN: iqn, + IscsiIp: iSCSIIp, + Port: port, }, runner: exec.New(), mounter: mounter, @@ -153,8 +157,8 @@ func newWithMounter(logger *zap.SugaredLogger, mounter mount.Interface, iqn, ipv } // New creates a new iSCSI handler. -func New(logger *zap.SugaredLogger, iqn, ipv4 string, port int) Interface { - return newWithMounter(logger, mount.New(mountCommand), iqn, ipv4, port) +func New(logger *zap.SugaredLogger, iqn, iSCSIIp string, port int) Interface { + return newWithMounter(logger, mount.New(mountCommand), iqn, iSCSIIp, port) } // NewFromISCSIDisk creates a new iSCSI handler from ISCSIDisk. @@ -168,7 +172,7 @@ func NewFromISCSIDisk(logger *zap.SugaredLogger, sd *Disk) Interface { } } -// NewFromDevicePath extracts the IQN, IPv4 address, and port from a +// NewFromDevicePath extracts the IQN, IscsiIp address, and port from a // iSCSI mount device path. // i.e. /dev/disk/by-path/ip-:-iscsi--lun-1 func NewFromDevicePath(logger *zap.SugaredLogger, mountDevice string) (Interface, error) { @@ -185,7 +189,7 @@ func NewFromDevicePath(logger *zap.SugaredLogger, mountDevice string) (Interface return New(logger, m[3], m[1], port), nil } -// FindFromDevicePath extracts the IQN, IPv4 address, and port from a +// FindFromDevicePath extracts the IQN, IscsiIp address, and port from a // iSCSI mount device path. // i.e. /dev/disk/by-path/ip-:-iscsi--lun-1 func FindFromDevicePath(logger *zap.SugaredLogger, mountDevice string) ([]string, error) { @@ -248,6 +252,56 @@ func GetDiskPathFromMountPath(logger *zap.SugaredLogger, mountPath string) ([]st return diskByPaths, nil } +// Looping through sanitizedDevice - "sanitizedDevice": "/sdc" +// Finding device name - "deviceName": "/sdc" +// Finding disk by path - "diskByPaths": ["/dev/disk/by-path/ip--iscsi-iqn.2015-12.com.oracleiaas:uniqfier-lun-2"] + +// Gets the diskPath for a bind-mounted device file +func GetDiskPathFromBindDeviceFilePath(logger *zap.SugaredLogger, mountPath string) ([]string, error) { + // Get the block device for the given mount path + devices, err := FindMount(mountPath) + + if err != nil { + logger.With(zap.Error(err)).Warnf("Unable to get block device for mount path: %s", mountPath) + return nil, err + } + + var sanitizedDevices []string + for _, dev := range devices { + if prefixEnd := strings.Index(dev, "["); prefixEnd != -1 { + sanitizedDevice := dev[prefixEnd+1:] // Start after `[` + sanitizedDevice = strings.TrimSuffix(sanitizedDevice, "]") + sanitizedDevice = filepath.Clean(sanitizedDevice) // Fix extra slashes + sanitizedDevices = append(sanitizedDevices, sanitizedDevice) + } + } + + if len(sanitizedDevices) != 1 { + logger.Warn("Found multiple or no block devices for the mount path") + return nil, fmt.Errorf("did not find exactly a single block device on %s, found devices: %v", mountPath, sanitizedDevices) + } + + deviceName := sanitizedDevices[0] + + // Convert the device name to the correct path format + devicePath := filepath.Join("/dev", deviceName) + + // Create a mount.MountPoint struct + mountPoint := mount.MountPoint{ + Path: mountPath, + Device: devicePath, + } + + // Use the device path to get diskByPaths + diskByPaths, err := diskByPathsForMountPoint(mountPoint) + if err != nil { + logger.With(zap.Error(err)).Warn("Unable to find diskByPaths for device") + return nil, err + } + + return diskByPaths, nil +} + // getISCSIAdmPath gets the absolute path to the iscsiadm executable on the // $PATH. func (c *iSCSIMounter) getISCSIAdmPath() (string, error) { @@ -488,14 +542,14 @@ func diskByPathsForMountPoint(mountPoint mount.MountPoint) ([]string, error) { func GetIscsiDevicePath(disk *Disk) (string, error) { // run command ls -l /dev/disk/by-path - cmdStr := fmt.Sprintf("ls -f /dev/disk/by-path/ip-%s:%d-iscsi-%s-lun-*", disk.IPv4, disk.Port, disk.IQN) + cmdStr := fmt.Sprintf("ls -f /dev/disk/by-path/ip-%s:%d-iscsi-%s-lun-*", disk.IscsiIp, disk.Port, disk.IQN) cmd := cmdexec.Command("bash", "-c", cmdStr) output, err := cmd.CombinedOutput() if err != nil { return "", fmt.Errorf("command failed: %v\ncommand: %s\nOutput: %s\n", err, LIST_PATHS_COMMAND, string(output)) } for _, line := range strings.Split(string(output), "\n") { - re := regexp.MustCompile(fmt.Sprintf(`(ip-%s:%d-iscsi-%s-lun-\d+)`, disk.IPv4, disk.Port, disk.IQN)) + re := regexp.MustCompile(fmt.Sprintf(`(ip-%s:%d-iscsi-%s-lun-\d+)`, disk.IscsiIp, disk.Port, disk.IQN)) match := re.FindStringSubmatch(line) if len(match) > 0 { fileName := match[1] @@ -580,8 +634,8 @@ func GetScsiInfo(mountDevice string) (*Disk, error) { } return &Disk{ - IQN: m[3], - IPv4: m[1], - Port: port, + IQN: m[3], + IscsiIp: m[1], + Port: port, }, nil } diff --git a/pkg/util/disk/mount_helper.go b/pkg/util/disk/mount_helper.go index 7dc4b512d2..ffb84fcaca 100644 --- a/pkg/util/disk/mount_helper.go +++ b/pkg/util/disk/mount_helper.go @@ -24,6 +24,8 @@ import ( "time" "go.uber.org/zap" + "google.golang.org/grpc/codes" + "google.golang.org/grpc/status" "k8s.io/kubernetes/pkg/volume/util/hostutil" "k8s.io/mount-utils" utilexec "k8s.io/utils/exec" @@ -31,9 +33,13 @@ import ( const ( directoryDeletePollInterval = 5 * time.Second - EncryptedUmountCommand = "encrypt-umount" + errNotMounted = "not mounted" + + EncryptedUmountCommand = "encrypt-umount" EncryptionMountCommand = "encrypt-mount" + UnmountCommand = "umount" + FindMountCommand = "findmnt" ) func MountWithEncrypt(logger *zap.SugaredLogger, source string, target string, fstype string, options []string) error { @@ -135,7 +141,7 @@ func WaitForDirectoryDeletion(logger *zap.SugaredLogger, mountPath string) error // Unmount the target that is in-transit encryption enabled func UnmountWithEncrypt(logger *zap.SugaredLogger, target string) error { - logger.With("target", target).Info("Unmounting.") + logger.With("target", target).Info("Unmounting in-transit encryption mount point.") command := exec.Command(EncryptedUmountCommand, target) output, err := command.CombinedOutput() if err != nil { @@ -216,3 +222,27 @@ func deviceOpened(pathname string, logger *zap.SugaredLogger) (bool, error) { } return hostUtil.DeviceOpened(pathname) } + +func UnmountWithForce(targetPath string) error { + command := exec.Command(UnmountCommand, "-f", targetPath) + output, err := command.CombinedOutput() + if err != nil { + if strings.Contains(string(output), errNotMounted) { + return nil + } + return status.Errorf(codes.Internal, err.Error()) + } + return nil +} + +func FindMount(target string) ([]string, error) { + mountArgs := []string{"-n", "-o", "SOURCE", "-T", target} + command := exec.Command(FindMountCommand, mountArgs...) + output, err := command.CombinedOutput() + if err != nil { + return nil, fmt.Errorf("findmnt failed: %v\narguments: %s\nOutput: %v\n", err, mountArgs, string(output)) + } + + sources := strings.Fields(string(output)) + return sources, nil +} diff --git a/pkg/util/mock_kubeclient.go b/pkg/util/mock_kubeclient.go index fe8a827a3a..77e7d1a094 100644 --- a/pkg/util/mock_kubeclient.go +++ b/pkg/util/mock_kubeclient.go @@ -2,7 +2,7 @@ package util import ( "context" - + "fmt" api "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -397,15 +397,70 @@ func (m MockCoreClient) Nodes() v12.NodeInterface { } } -func (m MockNodes) Get(ctx context.Context, name string, opts metav1.GetOptions) (*api.Node, error) { - return &api.Node{ - Spec: api.NodeSpec{ - ProviderID: "sample-provider-id", +var ( + LabelIpFamilyPreferred = "oci.oraclecloud.com/ip-family-preferred" + LabelIpFamilyIpv4 = "oci.oraclecloud.com/ip-family-ipv4" + LabelIpFamilyIpv6 = "oci.oraclecloud.com/ip-family-ipv6" + nodes = map[string]*api.Node{ + "ipv6Preferred": { + Spec: api.NodeSpec{ + ProviderID: "sample-provider-id", + }, + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + LabelIpFamilyPreferred: "IPv6", + LabelIpFamilyIpv4: "true", + LabelIpFamilyIpv6: "true", + }, + }, + }, + "ipv4Preferred": { + Spec: api.NodeSpec{ + ProviderID: "sample-provider-id", + }, + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + LabelIpFamilyPreferred: "IPv4", + LabelIpFamilyIpv4: "true", + LabelIpFamilyIpv6: "true", + }, + }, + }, + "noIpPreference": { + Spec: api.NodeSpec{ + ProviderID: "sample-provider-id", + }, + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{}, + }, }, - ObjectMeta: metav1.ObjectMeta{ - Annotations: map[string]string{ - CompartmentIDAnnotation: "sample-compartment-id", + "sample-provider-id": { + Spec: api.NodeSpec{ + ProviderID: "sample-provider-id", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "sample-compartment-id", + }, }, }, - }, nil + "sample-node-id": { + Spec: api.NodeSpec{ + ProviderID: "sample-provider-id", + }, + ObjectMeta: metav1.ObjectMeta{ + Annotations: map[string]string{ + CompartmentIDAnnotation: "sample-compartment-id", + }, + }, + }, + } +) + +func (m MockNodes) Get(ctx context.Context, name string, opts metav1.GetOptions) (*api.Node, error) { + if node, ok := nodes[name]; ok { + return node, nil + } + return nil, fmt.Errorf("Node Not Present") + } diff --git a/pkg/util/osinfo/osinfo.go b/pkg/util/osinfo/osinfo.go new file mode 100644 index 0000000000..b7753051f7 --- /dev/null +++ b/pkg/util/osinfo/osinfo.go @@ -0,0 +1,72 @@ +package osinfo + +import ( + "bufio" + "os" + "regexp" + "strings" +) + +var OsName = "" + +const ( + LinuxOsReleaseFile = "/host/etc/os-release" + + DebianOSName = "Debian GNU/Linux" + + UbuntuOSName = "Ubuntu" +) + +func GetOsName() (name string) { + if OsName != "" { + return OsName + } + + OsName = parseLinuxReleaseFile(LinuxOsReleaseFile) + return OsName; +} + +func readLines(path string) ([]string, error) { + inFile, err := os.Open(path) + if err != nil { + return nil, err + } + defer inFile.Close() + var lines []string + scanner := bufio.NewScanner(inFile) + for scanner.Scan() { + lines = append(lines, scanner.Text()) + } + return lines, scanner.Err() +} + +func parseLinuxReleaseFile(releaseFile string) (name string) { + osName := "" + lines, err := readLines(releaseFile) + if err != nil { + return osName + } + for _, line := range lines { + if strings.HasPrefix(line, "NAME=") { + tokens := strings.Split(line, "=") + if len(tokens) > 1 { + r := regexp.MustCompile(`[\w\s/]+`) + osName = r.FindString(tokens[1]) + } + } + } + return osName +} + + +func IsUbuntu() bool { + return strings.EqualFold(UbuntuOSName, GetOsName()) +} + +func IsDebian() bool { + return strings.EqualFold(DebianOSName, GetOsName()) +} + +func IsDebianOrUbuntu() bool { + return IsUbuntu() || IsDebian() +} diff --git a/pkg/volume/provisioner/block/block_test.go b/pkg/volume/provisioner/block/block_test.go index 6dff0d4995..3b61869c43 100644 --- a/pkg/volume/provisioner/block/block_test.go +++ b/pkg/volume/provisioner/block/block_test.go @@ -22,6 +22,7 @@ import ( "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" "github.com/oracle/oci-go-sdk/v65/common" + "github.com/oracle/oci-go-sdk/v65/containerengine" "github.com/oracle/oci-go-sdk/v65/core" "github.com/oracle/oci-go-sdk/v65/filestorage" "github.com/oracle/oci-go-sdk/v65/identity" @@ -246,6 +247,22 @@ func (c *MockComputeClient) GetPrimaryVNICForInstance(ctx context.Context, compa return nil, nil } +func (MockComputeClient) GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) { + return nil, nil +} + +func (c *MockComputeClient) ListVnicAttachments(ctx context.Context, compartmentID, instanceID string) ([]core.VnicAttachment, error) { + return nil, nil +} + +func (c *MockComputeClient) GetVnicAttachment(ctx context.Context, vnicAttachmentId *string) (response *core.VnicAttachment, err error) { + return nil, nil +} + +func (c *MockComputeClient) AttachVnic(ctx context.Context, instanceID, subnetID *string, nsgIds []*string, skipSourceDestCheck *bool) (response core.VnicAttachment, err error) { + return core.VnicAttachment{}, nil +} + func (c *MockComputeClient) FindVolumeAttachment(ctx context.Context, compartmentID, volumeID string) (core.VolumeAttachment, error) { return nil, nil } @@ -272,6 +289,10 @@ func (c *MockComputeClient) FindActiveVolumeAttachment(ctx context.Context, comp return nil, nil } +func (c *MockComputeClient) WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error { + return nil +} + // MockVirtualNetworkClient mocks VirtualNetwork client implementation type MockVirtualNetworkClient struct { } @@ -305,6 +326,16 @@ func (c *MockVirtualNetworkClient) GetPrivateIp(ctx context.Context, id string) return &core.PrivateIp{IpAddress: &privateIP}, nil } +func (c *MockVirtualNetworkClient) ListPrivateIps(ctx context.Context, id string) ([]core.PrivateIp, error) { + return []core.PrivateIp{}, nil +} + +func (c *MockVirtualNetworkClient) CreatePrivateIp(ctx context.Context, vnicId string) (*core.PrivateIp, error) { + return &core.PrivateIp{}, nil +} +func (c *MockVirtualNetworkClient) GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) { + return &core.Ipv6{}, nil +} func (c *MockVirtualNetworkClient) GetSubnet(ctx context.Context, id string) (*core.Subnet, error) { return nil, nil } @@ -313,7 +344,11 @@ func (c *MockVirtualNetworkClient) GetVcn(ctx context.Context, id string) (*core return &core.Vcn{}, nil } -func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) { +func (c *MockVirtualNetworkClient) GetVNIC(ctx context.Context, id string) (*core.Vnic, error) { + return &core.Vnic{}, nil +} + +func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip client.IpAddresses) (*core.Subnet, error) { return nil, nil } @@ -354,7 +389,7 @@ func (p *MockProvisionerClient) BlockStorage() client.BlockStorageInterface { } // Networking mocks client VirtualNetwork implementation. -func (p *MockProvisionerClient) Networking() client.NetworkingInterface { +func (p *MockProvisionerClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { return &MockVirtualNetworkClient{} } @@ -368,12 +403,12 @@ func (p *MockProvisionerClient) Compute() client.ComputeInterface { } // Identity mocks client Identity implementation -func (p *MockProvisionerClient) Identity() client.IdentityInterface { +func (p *MockProvisionerClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { return &MockIdentityClient{} } // FSS mocks client FileStorage implementation -func (p *MockProvisionerClient) FSS() client.FileStorageInterface { +func (p *MockProvisionerClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { return &MockFileStorageClient{} } @@ -478,6 +513,12 @@ func (c *MockVirtualNetworkClient) UpdateNetworkSecurityGroupSecurityRules(ctx c return nil, nil } +type MockContainerEngineClient struct{} + +func (m MockContainerEngineClient) GetVirtualNode(ctx context.Context, vnId, vnpId string) (*containerengine.VirtualNode, error) { + return nil, nil +} + // NewClientProvisioner creates an OCI client from the given configuration. func NewClientProvisioner(pcData client.Interface, storage *MockBlockStorageClient) client.Interface { return &MockProvisionerClient{Storage: storage} diff --git a/pkg/volume/provisioner/core/provisioner.go b/pkg/volume/provisioner/core/provisioner.go index 3cc61cc119..e1bb67872e 100644 --- a/pkg/volume/provisioner/core/provisioner.go +++ b/pkg/volume/provisioner/core/provisioner.go @@ -124,7 +124,7 @@ func NewOCIProvisioner(logger *zap.SugaredLogger, kubeClient kubernetes.Interfac rateLimiter := client.NewRateLimiter(logger, cfg.RateLimiter) - client, err := client.New(logger, cp, &rateLimiter) + client, err := client.New(logger, cp, &rateLimiter, cfg.Auth.TenancyID) if err != nil { return nil, errors.Wrapf(err, "unable to construct OCI client") } diff --git a/pkg/volume/provisioner/core/utils.go b/pkg/volume/provisioner/core/utils.go index 4eee610d6a..1a09d34c9d 100644 --- a/pkg/volume/provisioner/core/utils.go +++ b/pkg/volume/provisioner/core/utils.go @@ -66,7 +66,7 @@ func (p *OCIProvisioner) chooseAvailabilityDomain(ctx context.Context, pvc *v1.P p.logger.With("availabilityDomain", availabilityDomainNames).Info("No availability domain provided. Selecting one automatically.") } - availabilityDomain, err := p.client.Identity().GetAvailabilityDomainByName(ctx, p.compartmentID, availabilityDomainName) + availabilityDomain, err := p.client.Identity(nil).GetAvailabilityDomainByName(ctx, p.compartmentID, availabilityDomainName) if err != nil { return "", nil, err } diff --git a/pkg/volume/provisioner/fss/fss.go b/pkg/volume/provisioner/fss/fss.go index 6839eb0134..fc14975256 100644 --- a/pkg/volume/provisioner/fss/fss.go +++ b/pkg/volume/provisioner/fss/fss.go @@ -80,7 +80,7 @@ func NewFilesystemProvisioner(logger *zap.SugaredLogger, client client.Interface } func (fsp *filesystemProvisioner) getOrCreateFileSystem(ctx context.Context, logger *zap.SugaredLogger, ad, displayName string) (*fss.FileSystem, error) { - _, summary, err := fsp.client.FSS().GetFileSystemSummaryByDisplayName(ctx, fsp.compartmentID, ad, displayName) + _, summary, err := fsp.client.FSS(nil).GetFileSystemSummaryByDisplayName(ctx, fsp.compartmentID, ad, displayName) if err != nil && !client.IsNotFound(err) { return nil, err } @@ -89,9 +89,9 @@ func (fsp *filesystemProvisioner) getOrCreateFileSystem(ctx context.Context, log return nil, fmt.Errorf("duplicate volume %q exists", displayName) } else if len(summary) > 0 { filesystem := summary[0] - return fsp.client.FSS().AwaitFileSystemActive(ctx, logger, *filesystem.Id) + return fsp.client.FSS(nil).AwaitFileSystemActive(ctx, logger, *filesystem.Id) } - fs, err := fsp.client.FSS().CreateFileSystem(ctx, fss.CreateFileSystemDetails{ + fs, err := fsp.client.FSS(nil).CreateFileSystem(ctx, fss.CreateFileSystemDetails{ CompartmentId: &fsp.compartmentID, AvailabilityDomain: &ad, DisplayName: &displayName, @@ -102,21 +102,21 @@ func (fsp *filesystemProvisioner) getOrCreateFileSystem(ctx context.Context, log logger.With("fileSystemID", *fs.Id).Info("Created FileSystem") - return fsp.client.FSS().AwaitFileSystemActive(ctx, logger, *fs.Id) + return fsp.client.FSS(nil).AwaitFileSystemActive(ctx, logger, *fs.Id) } func (fsp *filesystemProvisioner) getOrCreateExport(ctx context.Context, logger *zap.SugaredLogger, fsID, exportSetID string) (*fss.Export, error) { path := "/" + fsID - summary, err := fsp.client.FSS().FindExport(ctx, fsID, path, exportSetID) + summary, err := fsp.client.FSS(nil).FindExport(ctx, fsID, path, exportSetID) if err != nil && !client.IsNotFound(err) { return nil, err } if summary != nil { - return fsp.client.FSS().AwaitExportActive(ctx, logger, *summary.Id) + return fsp.client.FSS(nil).AwaitExportActive(ctx, logger, *summary.Id) } // If export doesn't already exist create it. - export, err := fsp.client.FSS().CreateExport(ctx, fss.CreateExportDetails{ + export, err := fsp.client.FSS(nil).CreateExport(ctx, fss.CreateExportDetails{ ExportSetId: &exportSetID, FileSystemId: &fsID, Path: &path, @@ -126,7 +126,7 @@ func (fsp *filesystemProvisioner) getOrCreateExport(ctx context.Context, logger } logger.With("exportID", *export.Id).Info("Created Export") - return fsp.client.FSS().AwaitExportActive(ctx, logger, *export.Id) + return fsp.client.FSS(nil).AwaitExportActive(ctx, logger, *export.Id) } // getMountTargetID retrieves MountTarget OCID if provided. @@ -167,7 +167,7 @@ func (fsp *filesystemProvisioner) Provision(options controller.ProvisionOptions, logger = logger.With("mountTargetID", mtID) // Wait for MountTarget to be ACTIVE. - target, err := fsp.client.FSS().AwaitMountTargetActive(ctx, logger, mtID) + target, err := fsp.client.FSS(nil).AwaitMountTargetActive(ctx, logger, mtID) if err != nil { logger.With(zap.Error(err)).Error("Failed to retrieve mount target") return nil, err @@ -188,7 +188,7 @@ func (fsp *filesystemProvisioner) Provision(options controller.ProvisionOptions, { id := target.PrivateIpIds[rand.Int()%len(target.PrivateIpIds)] logger = logger.With("privateIPID", id) - privateIP, err := fsp.client.Networking().GetPrivateIp(ctx, id) + privateIP, err := fsp.client.Networking(nil).GetPrivateIp(ctx, id) if err != nil { logger.With(zap.Error(err)).Error("Failed to retrieve IP address for mount target") return nil, err @@ -264,7 +264,7 @@ func (fsp *filesystemProvisioner) Delete(volume *v1.PersistentVolume) error { ) logger.Info("Deleting export") - if err := fsp.client.FSS().DeleteExport(ctx, exportID); err != nil { + if err := fsp.client.FSS(nil).DeleteExport(ctx, exportID); err != nil { if !client.IsNotFound(err) { logger.With(zap.Error(err)).Error("Failed to delete export") return err @@ -273,7 +273,7 @@ func (fsp *filesystemProvisioner) Delete(volume *v1.PersistentVolume) error { } logger.Info("Deleting File System") - if err := fsp.client.FSS().DeleteFileSystem(ctx, filesystemID); err != nil { + if err := fsp.client.FSS(nil).DeleteFileSystem(ctx, filesystemID); err != nil { if !client.IsNotFound(err) { return err } diff --git a/pkg/volume/provisioner/fss/fss_test.go b/pkg/volume/provisioner/fss/fss_test.go index 23eb97bf67..2312a4ff00 100644 --- a/pkg/volume/provisioner/fss/fss_test.go +++ b/pkg/volume/provisioner/fss/fss_test.go @@ -244,6 +244,10 @@ func (c *MockComputeClient) GetPrimaryVNICForInstance(ctx context.Context, compa return nil, nil } +func (MockComputeClient) GetSecondaryVNICsForInstance(ctx context.Context, compartmentID, instanceID string) ([]*core.Vnic, error) { + return nil, nil +} + func (c *MockComputeClient) FindVolumeAttachment(ctx context.Context, compartmentID, volumeID string) (core.VolumeAttachment, error) { return nil, nil } @@ -270,10 +274,30 @@ func (c *MockComputeClient) FindActiveVolumeAttachment(ctx context.Context, comp return nil, nil } +func (c *MockComputeClient) WaitForUHPVolumeLoggedOut(ctx context.Context, attachmentID string) error { + return nil +} + // MockVirtualNetworkClient mocks VirtualNetwork client implementation type MockVirtualNetworkClient struct { } +func (c *MockVirtualNetworkClient) GetVNIC(ctx context.Context, id string) (*core.Vnic, error) { + return nil, nil +} + +func (c *MockVirtualNetworkClient) ListPrivateIps(ctx context.Context, vnicId string) ([]core.PrivateIp, error) { + return nil, nil +} + +func (c *MockVirtualNetworkClient) CreatePrivateIp(ctx context.Context, vnicID string) (*core.PrivateIp, error) { + return nil, nil +} + +func (c *MockVirtualNetworkClient) GetIpv6(ctx context.Context, id string) (*core.Ipv6, error) { + return &core.Ipv6{}, nil +} + func (c *MockVirtualNetworkClient) CreateNetworkSecurityGroup(ctx context.Context, compartmentId, vcnId, displayName, lbId string) (*core.NetworkSecurityGroup, error) { return nil, nil } @@ -307,7 +331,7 @@ func (c *MockVirtualNetworkClient) GetSubnet(ctx context.Context, id string) (*c return nil, nil } -func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip string) (*core.Subnet, error) { +func (c *MockVirtualNetworkClient) GetSubnetFromCacheByIP(ip client.IpAddresses) (*core.Subnet, error) { return nil, nil } @@ -352,7 +376,7 @@ func (p *MockProvisionerClient) BlockStorage() client.BlockStorageInterface { } // Networking mocks client VirtualNetwork implementation. -func (p *MockProvisionerClient) Networking() client.NetworkingInterface { +func (p *MockProvisionerClient) Networking(ociClientConfig *client.OCIClientConfig) client.NetworkingInterface { return &MockVirtualNetworkClient{} } @@ -366,12 +390,12 @@ func (p *MockProvisionerClient) Compute() client.ComputeInterface { } // Identity mocks client Identity implementation -func (p *MockProvisionerClient) Identity() client.IdentityInterface { +func (p *MockProvisionerClient) Identity(ociClientConfig *client.OCIClientConfig) client.IdentityInterface { return &MockIdentityClient{} } // FSS mocks client FileStorage implementation -func (p *MockProvisionerClient) FSS() client.FileStorageInterface { +func (p *MockProvisionerClient) FSS(ociClientConfig *client.OCIClientConfig) client.FileStorageInterface { return &MockFileStorageClient{} } diff --git a/test/e2e/cloud-provider-oci/csi_snapshot_restore.go b/test/e2e/cloud-provider-oci/csi_snapshot_restore.go index afd8950c61..6db6bfeb8c 100644 --- a/test/e2e/cloud-provider-oci/csi_snapshot_restore.go +++ b/test/e2e/cloud-provider-oci/csi_snapshot_restore.go @@ -26,12 +26,14 @@ import ( ) const ( - WriteCommand = "echo 'Hello World' > /usr/share/nginx/html/testdata.txt; while true; do echo $(date -u) >> /data/out.txt; sleep 5; done" - KeepAliveCommand = "while true; do echo 'hello world' >> /usr/share/nginx/html/out.txt; sleep 5; done" - BVDriverName = "blockvolume.csi.oraclecloud.com" - BindingModeWaitForFirstConsumer = "WaitForFirstConsumer" - ReclaimPolicyDelete = "Delete" - ReclaimPolicyRetain = "Retain" + WriteCommand = "echo 'Hello World' > /usr/share/nginx/html/testdata.txt; while true; do echo $(date -u) >> /data/out.txt; sleep 5; done" + WriteCommandBlock = "echo 'Hello World' > /var/test.txt; dd if=/var/test.txt of=/dev/xvda count=8; while true; do sleep 5; done" + KeepAliveCommand = "while true; do echo 'hello world' >> /usr/share/nginx/html/out.txt; sleep 5; done" + KeepAliveCommandBlock = "while true; do echo 'hello world' >> /var/newpod.txt; sleep 5; done" + BVDriverName = "blockvolume.csi.oraclecloud.com" + BindingModeWaitForFirstConsumer = "WaitForFirstConsumer" + ReclaimPolicyDelete = "Delete" + ReclaimPolicyRetain = "Retain" ) var _ = Describe("Snapshot Creation and Restore", func() { @@ -121,7 +123,7 @@ var _ = Describe("Snapshot Creation and Restore", func() { //}) It("Should be able to create and restore a snapshot from a backup(static case)", func() { checkOrInstallCRDs(f) - scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") pvcJig.InitialiseSnapClient(f.SnapClientSet) @@ -131,7 +133,7 @@ var _ = Describe("Snapshot Creation and Restore", func() { pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) - vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) //Waiting for volume snapshot content to be created and status field to be populated time.Sleep(1 * time.Minute) @@ -142,11 +144,11 @@ var _ = Describe("Snapshot Creation and Restore", func() { //creating a snapshot statically using the backup provisioned dynamically restoreVsName := "e2e-restore-vs" - vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name + "-e2e-snapshot-vsc", BVDriverName, backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name) + vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name+"-e2e-snapshot-vsc", BVDriverName, backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name, v1.PersistentVolumeFilesystem) pvcJig.CreateAndAwaitVolumeSnapshotStaticOrFail(restoreVsName, f.Namespace.Name, vscontentName) - pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, nil) + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, false, nil) podRestoreName := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommand) pvcJig.CheckFileExists(f.Namespace.Name, podRestoreName, "/usr/share/nginx/html", "testdata.txt") @@ -157,13 +159,13 @@ var _ = Describe("Snapshot Creation and Restore", func() { }) It("Should be able to create a snapshot and restore from a backup in another compartment", func() { checkOrInstallCRDs(f) - scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") pvcJig.InitialiseSnapClient(f.SnapClientSet) volId := pvcJig.CreateVolume(f.BlockStorageClient, setupF.AdLocation, setupF.StaticSnapshotCompartmentOcid, "test-volume", 10) //wait for volume to become available - time.Sleep(15*time.Second) + time.Sleep(15 * time.Second) backupOCID := pvcJig.CreateVolumeBackup(f.BlockStorageClient, setupF.AdLabel, setupF.StaticSnapshotCompartmentOcid, *volId, "test-backup") @@ -171,15 +173,170 @@ var _ = Describe("Snapshot Creation and Restore", func() { //creating a snapshot statically using the backup provisioned dynamically restoreVsName := "e2e-restore-vs" - vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name + "-e2e-snapshot-vsc", BVDriverName, *backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name) + vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name+"-e2e-snapshot-vsc", BVDriverName, *backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name, v1.PersistentVolumeFilesystem) pvcJig.CreateAndAwaitVolumeSnapshotStaticOrFail(restoreVsName, f.Namespace.Name, vscontentName) - pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, nil) + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, false, nil) pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommand) //wait for volume to be restored before starting cleanup - time.Sleep(30*time.Second) + time.Sleep(30 * time.Second) + + //cleanup + pvcJig.DeleteVolume(f.BlockStorageClient, *volId) + pvcJig.DeleteVolumeBackup(f.BlockStorageClient, *backupOCID) + + f.VolumeIds = append(f.VolumeIds, *volId) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) +}) + +var _ = Describe("Raw Block Volume Snapshot Creation and Restore", func() { + f := framework.NewBackupFramework("snapshot-restore") + + Context("[cloudprovider][storage][csi][snapshot][restore][raw-block]", func() { + testsBlock := []struct { + attachmentType string + backupType string + fsType string + }{ + {framework.AttachmentTypeParavirtualized, framework.BackupTypeIncremental, ""}, + {framework.AttachmentTypeParavirtualized, framework.BackupTypeFull, ""}, + {framework.AttachmentTypeISCSI, framework.BackupTypeIncremental, ""}, + {framework.AttachmentTypeISCSI, framework.BackupTypeFull, ""}, + } + + for _, entry := range testsBlock { + entry := entry + testName := "Should be able to create and restore " + entry.backupType + " snapshot from " + entry.attachmentType + " raw block volume" + if entry.fsType != "" { + testName += " with " + entry.fsType + " fsType" + } + It(testName, func() { + scParams := map[string]string{framework.AttachmentType: entry.attachmentType} + vscParams := map[string]string{framework.BackupType: entry.backupType} + scParams[framework.FstypeKey] = entry.fsType + testSnapshotAndRestore(f, scParams, vscParams, v1.PersistentVolumeBlock) + }) + } + It("FS should get expanded when a raw block PVC is restored with a lesser size backup (iscsi)", func() { + checkOrInstallCRDs(f) + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + _ = pvcJig.NewPodForCSI("pod-original", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MaxVolumeBlock, scName, vs.Name, v1.ClaimPending, true, nil) + podRestoreName := pvcJig.NewPodForCSI("pod-restored", f.Namespace.Name, pvcRestore.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckUsableVolumeSizeInsidePodBlock(f.Namespace.Name, podRestoreName, "100") + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("FS should get expanded when a raw block PVC is restored with a lesser size backup (paravirtualized", func() { + checkOrInstallCRDs(f) + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized} + vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + _ = pvcJig.NewPodForCSI("pod-original", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MaxVolumeBlock, scName, vs.Name, v1.ClaimPending, true, nil) + podRestoreName := pvcJig.NewPodForCSI("pod-restored", f.Namespace.Name, pvcRestore.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckUsableVolumeSizeInsidePodBlock(f.Namespace.Name, podRestoreName, "100") + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Should be able to create and restore a snapshot from a raw block volume backup(static case)", func() { + checkOrInstallCRDs(f) + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + //creating a snapshot dynamically + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommandBlock) + vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + + //Waiting for volume snapshot content to be created and status field to be populated + time.Sleep(1 * time.Minute) + + vsName := vs.Name + + backupOCID := pvcJig.GetBackupIDFromSnapshot(vsName, f.Namespace.Name) + + //creating a snapshot statically using the backup provisioned dynamically + restoreVsName := "e2e-restore-vs" + vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name+"-e2e-snapshot-vsc", BVDriverName, backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name, v1.PersistentVolumeBlock) + + pvcJig.CreateAndAwaitVolumeSnapshotStaticOrFail(restoreVsName, f.Namespace.Name, vscontentName) + + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, true, nil) + podRestoreName := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommandBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, podRestoreName, "Hello World") + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Should be able to create a snapshot and restore from a raw block backup in another compartment", func() { + checkOrInstallCRDs(f) + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + volId := pvcJig.CreateVolume(f.BlockStorageClient, setupF.AdLocation, setupF.StaticSnapshotCompartmentOcid, "test-volume", 10) + //wait for volume to become available + time.Sleep(15 * time.Second) + + backupOCID := pvcJig.CreateVolumeBackup(f.BlockStorageClient, setupF.AdLabel, setupF.StaticSnapshotCompartmentOcid, *volId, "test-backup") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + + //creating a snapshot statically using the backup provisioned dynamically + restoreVsName := "e2e-restore-vs" + vscontentName := pvcJig.CreateVolumeSnapshotContentOrFail(f.Namespace.Name+"-e2e-snapshot-vsc", BVDriverName, *backupOCID, ReclaimPolicyDelete, restoreVsName, f.Namespace.Name, v1.PersistentVolumeBlock) + + pvcJig.CreateAndAwaitVolumeSnapshotStaticOrFail(restoreVsName, f.Namespace.Name, vscontentName) + + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, restoreVsName, v1.ClaimPending, true, nil) + pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommandBlock) + + //wait for volume to be restored before starting cleanup + time.Sleep(30 * time.Second) //cleanup pvcJig.DeleteVolume(f.BlockStorageClient, *volId) @@ -201,7 +358,7 @@ var _ = Describe("Volume Snapshot Deletion Tests", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") pvcJig.InitialiseSnapClient(f.SnapClientSet) - scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) @@ -210,7 +367,7 @@ var _ = Describe("Volume Snapshot Deletion Tests", func() { _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) - vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) //Waiting for volume snapshot content to be created and status field to be populated time.Sleep(1 * time.Minute) @@ -238,7 +395,7 @@ var _ = Describe("Volume Snapshot Deletion Tests", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") pvcJig.InitialiseSnapClient(f.SnapClientSet) - scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) @@ -247,7 +404,7 @@ var _ = Describe("Volume Snapshot Deletion Tests", func() { _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyRetain) - vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) //Waiting for volume snapshot content to be created and status field to be populated time.Sleep(1 * time.Minute) @@ -284,27 +441,134 @@ var _ = Describe("Volume Snapshot Deletion Tests", func() { }) }) -func testSnapshotAndRestore(f *framework.CloudProviderFramework, scParams map[string]string, vscParams map[string]string) { +var _ = Describe("Raw Block Volume Snapshot Deletion Tests", func() { + f := framework.NewBackupFramework("snapshot-delete") + + Context("[cloudprovider][storage][csi][snapshot][raw-block]", func() { + It("Basic Delete POD and VS", func() { + checkOrInstallCRDs(f) + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommandBlock) + + vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + + //Waiting for volume snapshot content to be created and status field to be populated + time.Sleep(1 * time.Minute) + + vsName := vs.Name + var vscontentName *string + + vscontentName = pvcJig.GetVsContentNameFromVS(vsName, f.Namespace.Name) + + err := pvcJig.DeleteVolumeSnapshot(f.Namespace.Name, vsName) + if err != nil { + framework.Failf("Failed to delete volume snapshot: %s", err.Error()) + } + err = pvcJig.WaitTimeoutForVSContentNotFound(*vscontentName, 10*time.Minute) + if err != nil { + framework.Failf("Volume Snapshot Content object did not terminate : %s", err.Error()) + } + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Test VSContent not deleted when reclaim policy is Retain", func() { + checkOrInstallCRDs(f) + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") + pvcJig.InitialiseSnapClient(f.SnapClientSet) + + scParams := map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI} + vscParams := map[string]string{framework.BackupType: framework.BackupTypeFull} + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommandBlock) + + vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyRetain) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + + //Waiting for volume snapshot content to be created and status field to be populated + time.Sleep(1 * time.Minute) + + vsName := vs.Name + var vscontentName *string + + vscontentName = pvcJig.GetVsContentNameFromVS(vsName, f.Namespace.Name) + + //for cleanup + backupId := pvcJig.GetBackupIDFromSnapshot(vsName, f.Namespace.Name) + + err := pvcJig.DeleteVolumeSnapshot(f.Namespace.Name, vsName) + if err != nil { + framework.Failf("Failed to delete volume snapshot: %s", err.Error()) + } + time.Sleep(90 * time.Second) + vscontentExists := pvcJig.CheckVSContentExists(*vscontentName) + if vscontentExists != true { + framework.Failf("Volume Snapshot Content was deleted") + } + + //cleanup + err = pvcJig.DeleteVolumeSnapshotContent(*vscontentName) + if err != nil { + framework.Failf("Failed to delete volume snapshot content: %s", err.Error()) + } + pvcJig.DeleteVolumeBackup(f.BlockStorageClient, backupId) + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) +}) + +func testSnapshotAndRestore(f *framework.CloudProviderFramework, scParams map[string]string, vscParams map[string]string, volumeMode v1.PersistentVolumeMode) { checkOrInstallCRDs(f) pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-snapshot-restore-e2e-tests") pvcJig.InitialiseSnapClient(f.SnapClientSet) scName := f.CreateStorageClassOrFail(f.Namespace.Name, BVDriverName, scParams, pvcJig.Labels, BindingModeWaitForFirstConsumer, true, ReclaimPolicyDelete, nil) - pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, volumeMode, v1.ReadWriteOnce, v1.ClaimPending) + + if volumeMode == v1.PersistentVolumeFilesystem { + _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) + } else { + _ = pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommandBlock) + } // Waiting to be sure write command runs time.Sleep(30 * time.Second) vscName := f.CreateVolumeSnapshotClassOrFail(f.Namespace.Name, BVDriverName, vscParams, ReclaimPolicyDelete) - vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) + vs := pvcJig.CreateAndAwaitVolumeSnapshotOrFail(f.Namespace.Name, vscName, pvc.Name, nil) - pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, vs.Name, v1.ClaimPending, nil) - podRestoreName := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommand) + if volumeMode == v1.PersistentVolumeFilesystem { + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, vs.Name, v1.ClaimPending, false, nil) + podRestoreName := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommand) - pvcJig.CheckFileExists(f.Namespace.Name, podRestoreName, "/usr/share/nginx/html", "testdata.txt") + // Check if the file exists in the restored pod + pvcJig.CheckFileExists(f.Namespace.Name, podRestoreName, "/usr/share/nginx/html", "testdata.txt") + } else { + pvcRestore := pvcJig.CreateAndAwaitPVCOrFailSnapshotSource(f.Namespace.Name, framework.MinVolumeBlock, scName, vs.Name, v1.ClaimPending, true, nil) + podRestoreName := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvcRestore, KeepAliveCommandBlock) + + // Check data in block device for restored pod + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, podRestoreName, "Hello World") + } + // Clean up f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) _ = f.DeleteVolumeSnapshotClass(f.Namespace.Name) _ = f.DeleteStorageClass(f.Namespace.Name) @@ -315,7 +579,7 @@ func checkOrInstallCRDs(f *framework.CloudProviderFramework) { _, err = f.CRDClientSet.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), "volumesnapshots.snapshot.storage.k8s.io", metav1.GetOptions{}) if err != nil { - if setupF.EnableCreateCluster == false{ + if setupF.EnableCreateCluster == false { Skip("Skipping test because VolumeSnapshot CRD is not present") } else { framework.RunKubectl("create", "-f", "https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/v6.2.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshots.yaml") @@ -324,7 +588,7 @@ func checkOrInstallCRDs(f *framework.CloudProviderFramework) { _, err = f.CRDClientSet.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), "volumesnapshotclasses.snapshot.storage.k8s.io", metav1.GetOptions{}) if err != nil { - if setupF.EnableCreateCluster == false{ + if setupF.EnableCreateCluster == false { Skip("Skipping test because VolumeSnapshotClass CRD is not present") } else { framework.RunKubectl("create", "-f", "https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/v6.2.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotclasses.yaml") @@ -333,7 +597,7 @@ func checkOrInstallCRDs(f *framework.CloudProviderFramework) { _, err = f.CRDClientSet.ApiextensionsV1().CustomResourceDefinitions().Get(context.TODO(), "volumesnapshotcontents.snapshot.storage.k8s.io", metav1.GetOptions{}) if err != nil { - if setupF.EnableCreateCluster == false{ + if setupF.EnableCreateCluster == false { Skip("Skipping test because VolumeSnapshotContent CRD is not present") } else { framework.RunKubectl("create", "-f", "https://raw.githubusercontent.com/kubernetes-csi/external-snapshotter/v6.2.0/client/config/crd/snapshot.storage.k8s.io_volumesnapshotcontents.yaml") diff --git a/test/e2e/cloud-provider-oci/csi_volume_cloning.go b/test/e2e/cloud-provider-oci/csi_volume_cloning.go index abddf539e7..05c5a3cdef 100644 --- a/test/e2e/cloud-provider-oci/csi_volume_cloning.go +++ b/test/e2e/cloud-provider-oci/csi_volume_cloning.go @@ -18,13 +18,13 @@ var _ = Describe("CSI Volume Creation with PVC datasource", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) // Wait for data to be written to source PV clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.DeleteAndAwaitPod(f.Namespace.Name, srcPod) @@ -40,13 +40,13 @@ var _ = Describe("CSI Volume Creation with PVC datasource", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) // Wait for data to be written to source PV clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckVolumeCapacity(framework.MaxVolumeBlock, clonePvc.Name, f.Namespace.Name) @@ -65,14 +65,14 @@ var _ = Describe("CSI Volume Creation with PVC datasource", func() { } scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckCMEKKey(f.Client.BlockStorage(), srcPvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), srcPvc.Name, f.Namespace.Name, srcPod, framework.AttachmentTypeParavirtualized) time.Sleep(60 * time.Second) // Wait for data to be written to source PV clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") @@ -94,13 +94,13 @@ var _ = Describe("CSI Volume Creation with PVC datasource", func() { } scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) // Wait for data to be written to source PV clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") }) @@ -116,19 +116,134 @@ var _ = Describe("CSI Volume Creation with PVC datasource", func() { } scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) // Wait for data to be written to source PV clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") }) }) }) +var _ = Describe("CSI Block Volume Creation with PVC datasource", func() { + f := framework.NewDefaultFramework("csi-volume-cloning") + Context("[cloudprovider][storage][csi][cloning][raw-block]", func() { + It("Create raw block PVC with source PVC name specified in dataSource", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cloning-basic") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + pvcJig.DeleteAndAwaitPod(f.Namespace.Name, srcPod) + pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, srcPvc.Name) + pvcJig.DeleteAndAwaitPod(f.Namespace.Name, clonePod) + pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, clonePvc.Name) + }) + It("Should be able to create a clone raw block volume with in-transit encryption", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cloning-cmek-iscsi-in-transit-e2e-tests") + scParameter := map[string]string{ + framework.KmsKey: setupF.CMEKKMSKey, + framework.AttachmentType: framework.AttachmentTypeParavirtualized, + } + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + srcPod := pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckCMEKKey(f.Client.BlockStorage(), srcPvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) + pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), srcPvc.Name, f.Namespace.Name, srcPod, framework.AttachmentTypeParavirtualized) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + pvcJig.CheckCMEKKey(f.Client.BlockStorage(), clonePvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) + pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), clonePvc.Name, f.Namespace.Name, clonePod, framework.AttachmentTypeParavirtualized) + + f.VolumeIds = append(f.VolumeIds, srcPvc.Spec.VolumeName, clonePvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Create raw block PVC with source PVC name specified in dataSource - ISCSI", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cloning-iscsi-test") + + scParameter := map[string]string{ + framework.KmsKey: setupF.CMEKKMSKey, + framework.AttachmentType: framework.AttachmentTypeISCSI, + } + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + }) + It("Create raw block PVC with source PVC name specified in dataSource - ParaVirtualized", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cloning-pv") + + scParameter := map[string]string{ + framework.KmsKey: setupF.CMEKKMSKey, + framework.AttachmentType: framework.AttachmentTypeParavirtualized, + } + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + }) + }) + + Context("[cloudprovider][storage][csi][cloning][expand][raw-block]", func() { + It("Create Clone raw block PVC with size greater than the source PVC", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-volume-size-test") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + pvcJig.CheckVolumeCapacity(framework.MaxVolumeBlock, clonePvc.Name, f.Namespace.Name) + pvcJig.CheckExpandedRawBlockVolumeReadWrite(f.Namespace.Name, clonePod) + pvcJig.CheckUsableVolumeSizeInsidePodBlock(f.Namespace.Name, clonePod, "100") + }) + }) +}) + var _ = Describe("CSI Volume Cloning with different storage classes", func() { f := framework.NewBackupFramework("csi-cloning-sc") Context("[cloudprovider][storage][csi][cloning]", func() { @@ -141,7 +256,7 @@ var _ = Describe("CSI Volume Cloning with different storage classes", func() { } scName1 := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameters1, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName1, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) // Wait for data to be written to source PV @@ -152,13 +267,48 @@ var _ = Describe("CSI Volume Cloning with different storage classes", func() { scName2 := f.CreateStorageClassOrFail(f.Namespace.Name+"-2", "blockvolume.csi.oraclecloud.com", scParameters2, pvcJig.Labels, "Immediate", true, "Delete", nil) clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName2, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), clonePvc.Name, f.Namespace.Name, clonePod, framework.AttachmentTypeISCSI) pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, clonePvc.Namespace, clonePvc.Name, csi_util.LowCostPerformanceOption) _ = f.DeleteStorageClass(f.Namespace.Name) - _ = f.DeleteStorageClass(f.Namespace.Name+"-2") + _ = f.DeleteStorageClass(f.Namespace.Name + "-2") + }) + }) +}) + +var _ = Describe("CSI Raw Block Volume Cloning with different storage classes", func() { + f := framework.NewBackupFramework("csi-cloning-sc") + Context("[cloudprovider][storage][csi][cloning][raw-block]", func() { + It("Should be able to create a clone with different storage class than the source raw block volume - different vpusPerGB", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-volume-sc-test") + + scParameters1 := map[string]string{ + framework.AttachmentType: framework.AttachmentTypeISCSI, + csi_util.VpusPerGB: "20", + } + scName1 := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameters1, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName1, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) // Wait for data to be written to source PV + + scParameters2 := map[string]string{ + framework.AttachmentType: framework.AttachmentTypeISCSI, + csi_util.VpusPerGB: "0", + } + scName2 := f.CreateStorageClassOrFail(f.Namespace.Name+"-2", "blockvolume.csi.oraclecloud.com", scParameters2, pvcJig.Labels, "Immediate", true, "Delete", nil) + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName2, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), clonePvc.Name, f.Namespace.Name, clonePod, framework.AttachmentTypeISCSI) + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, clonePvc.Namespace, clonePvc.Name, csi_util.LowCostPerformanceOption) + _ = f.DeleteStorageClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name + "-2") }) }) }) @@ -184,13 +334,13 @@ var _ = Describe("CSI Volume Cloning with static source Volume", func() { } srcPvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, 10, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, srcPvc.Spec.VolumeName) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(90 * time.Second) //waiting for pod to up and running pvcJig.CheckVolumeCapacity("50Gi", srcPvc.Name, f.Namespace.Name) clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckFileExists(f.Namespace.Name, clonePod, "/data", "testdata.txt") pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/data", "testdata.txt") @@ -199,6 +349,43 @@ var _ = Describe("CSI Volume Cloning with static source Volume", func() { }) }) +var _ = Describe("CSI Raw Block Volume Cloning with static source Volume", func() { + f := framework.NewBackupFramework("csi-static-cloning") + Context("[cloudprovider][storage][csi][static][cloning][raw-block]", func() { + It("Create Clone raw block PVC from a statically created source volume", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-static-cloning-test") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + framework.Failf("Compartment Id undefined.") + } + srcPvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, 10, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, srcPvc.Spec.VolumeName) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(90 * time.Second) //waiting for pod to up and running + pvcJig.CheckVolumeCapacity("50Gi", srcPvc.Name, f.Namespace.Name) + + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + clonePod := pvcJig.NewPodForCSIClone("app2", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + + f.VolumeIds = append(f.VolumeIds, volumeId) + }) + }) +}) + var _ = Describe("CSI Volume Cloning Performance Level", func() { f := framework.NewBackupFramework("csi-cloning-perf") Context("[cloudprovider][storage][csi][cloning]", func() { @@ -209,7 +396,7 @@ var _ = Describe("CSI Volume Cloning Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "0"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName1, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("low-cost-source-pvc-app", f.Namespace.Name, srcPvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("low-cost-source-pvc-app", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -219,7 +406,7 @@ var _ = Describe("CSI Volume Cloning Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "20"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName2, srcPvc.Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - clonePod := pvcJig.NewPodForCSIClone("high-cost-clone-pvc-app", f.Namespace.Name, clonePvc.Name, setupF.AdLabel) + clonePod := pvcJig.NewPodForCSIClone("high-cost-clone-pvc-app", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -229,7 +416,43 @@ var _ = Describe("CSI Volume Cloning Performance Level", func() { f.VolumeIds = append(f.VolumeIds, srcPvc.Spec.VolumeName) _ = f.DeleteStorageClass(f.Namespace.Name) - _ = f.DeleteStorageClass(f.Namespace.Name+"-2") + _ = f.DeleteStorageClass(f.Namespace.Name + "-2") + }) + }) +}) + +var _ = Describe("CSI Raw Block Volume Cloning Performance Level", func() { + f := framework.NewBackupFramework("csi-cloning-perf") + Context("[cloudprovider][storage][csi][cloning][raw-block]", func() { + It("Create high performance clone from a low performance source raw block volume", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cloning-perf-test") + + scName1 := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "0"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + srcPvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName1, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("low-cost-source-pvc-app", f.Namespace.Name, srcPvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, srcPvc.Namespace, srcPvc.Name, csi_util.LowCostPerformanceOption) + + scName2 := f.CreateStorageClassOrFail(f.Namespace.Name+"-2", "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "20"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + clonePvc := pvcJig.CreateAndAwaitClonePVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName2, srcPvc.Name, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + clonePod := pvcJig.NewPodForCSIClone("high-cost-clone-pvc-app", f.Namespace.Name, clonePvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckDataInBlockDevice(f.Namespace.Name, clonePod, "Hello World") + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, clonePod, "/dev/xvda", "/tmp/testdata.txt") + pvcJig.CheckFileCorruption(f.Namespace.Name, clonePod, "/tmp", "testdata.txt") + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, clonePvc.Namespace, clonePvc.Name, csi_util.HigherPerformanceOption) + + f.VolumeIds = append(f.VolumeIds, srcPvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + _ = f.DeleteStorageClass(f.Namespace.Name + "-2") }) }) }) diff --git a/test/e2e/cloud-provider-oci/csi_volume_creation.go b/test/e2e/cloud-provider-oci/csi_volume_creation.go index f21743ff7e..b80ad044c4 100644 --- a/test/e2e/cloud-provider-oci/csi_volume_creation.go +++ b/test/e2e/cloud-provider-oci/csi_volume_creation.go @@ -35,7 +35,7 @@ var _ = Describe("CSI Volume Creation", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) volumeName := pvcJig.GetVolumeNameFromPVC(pvc.GetName(), f.Namespace.Name) compartmentId := f.GetCompartmentId(*setupF) // read created BV @@ -57,7 +57,7 @@ var _ = Describe("CSI Volume Creation", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.VolumeFss, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - pvcJig.NewPodForCSI("app2", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app2", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -70,7 +70,7 @@ var _ = Describe("CSI Volume Creation", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - pvcJig.NewPodForCSI("app3", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app3", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -98,6 +98,69 @@ var _ = Describe("CSI Volume Creation", func() { }) }) +var _ = Describe("CSI Raw Block Volume Creation", func() { + f := framework.NewDefaultFramework("csi-basic") + Context("[cloudprovider][storage][csi][system-tags][raw-block]", func() { + It("Create raw block PVC and POD for CSI.", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests") + ctx := context.TODO() + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + volumeName := pvcJig.GetVolumeNameFromPVC(pvc.GetName(), f.Namespace.Name) + compartmentId := f.GetCompartmentId(*setupF) + // read created BV + volumes, err := f.Client.BlockStorage().GetVolumesByName(ctx, volumeName, compartmentId) + framework.ExpectNoError(err) + // volume name duplicate should not exist + for _, volume := range volumes { + framework.Logf("volume details %v :", volume) + //framework.Logf("cluster ocid from setup is %s", setupF.ClusterOcid) + if setupF.AddOkeSystemTags && !framework.HasOkeSystemTags(volume.SystemTags) { + framework.Failf("the resource %s is expected to have oke system tags", *volume.Id) + } + } + + }) + + It("Create raw block PVC with VolumeSize 1Gi but should use default 50Gi", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests-pvc-with-1gi") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.VolumeFss, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pvcJig.NewPodForCSI("app2", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumeCapacity("50Gi", pvc.Name, f.Namespace.Name) + }) + + It("Create raw block PVC with VolumeSize 100Gi should use 100Gi", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests-pvc-with-100gi") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pvcJig.NewPodForCSI("app3", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumeCapacity("100Gi", pvc.Name, f.Namespace.Name) + }) + + It("Data should persist on CSI raw block volume on pod restart", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-pod-restart-data-persistence") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pvcJig.CheckDataPersistenceForRawBlockVolumeWithDeployment(pvc.Name, f.Namespace.Name) + }) + }) +}) + var _ = Describe("CSI Volume Creation with different fstypes", func() { f := framework.NewDefaultFramework("csi-fstypes") Context("[cloudprovider][storage][csi][fstypes][iSCSI]", func() { @@ -107,7 +170,7 @@ var _ = Describe("CSI Volume Creation with different fstypes", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", map[string]string{framework.FstypeKey: "xfs"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - podName := pvcJig.NewPodForCSI("app-xfs", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("app-xfs", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -120,7 +183,7 @@ var _ = Describe("CSI Volume Creation with different fstypes", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", map[string]string{framework.FstypeKey: "ext3"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - podName := pvcJig.NewPodForCSI("app-ext3", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("app-ext3", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -135,7 +198,7 @@ var _ = Describe("CSI Volume Creation with different fstypes", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", map[string]string{framework.FstypeKey: "xfs", framework.KmsKey: setupF.CMEKKMSKey, framework.AttachmentType: framework.AttachmentTypeParavirtualized}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MaxVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - podName := pvcJig.NewPodForCSI("app-xfs", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("app-xfs", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.CheckCMEKKey(f.Client.BlockStorage(), pvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), pvc.Name, f.Namespace.Name, podName, framework.AttachmentTypeParavirtualized) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -153,7 +216,7 @@ var _ = Describe("CSI Volume Creation with different fstypes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, framework.FstypeKey: "xfs"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -178,7 +241,7 @@ var _ = Describe("CSI Volume Creation with different fstypes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, framework.FstypeKey: "ext3"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -209,7 +272,7 @@ var _ = Describe("CSI Volume Expansion iSCSI", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -238,7 +301,7 @@ var _ = Describe("CSI Volume Expansion iSCSI", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -257,6 +320,67 @@ var _ = Describe("CSI Volume Expansion iSCSI", func() { }) }) +var _ = Describe("CSI Raw Block Volume Expansion iSCSI", func() { + f := framework.NewDefaultFramework("csi-expansion") + Context("[cloudprovider][storage][csi][expand][iSCSI][raw-block]", func() { + It("Expand raw block PVC VolumeSize from 50Gi to 100Gi and asserts size, file existence and file corruptions for iSCSI volumes with existing storage class", func() { + var size = "100Gi" + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-resizer-pvc-expand-to-100gi-iscsi") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + expandedPvc := pvcJig.UpdateAndAwaitPVCOrFailCSI(pvc, pvc.Namespace, size, nil) + + time.Sleep(120 * time.Second) //waiting for expanded pvc to be functional + + pvcJig.CheckVolumeCapacity("100Gi", expandedPvc.Name, f.Namespace.Name) + pvcJig.CheckFileExists(f.Namespace.Name, podName, "/dev", "xvda") + pvcJig.CheckExpandedRawBlockVolumeReadWrite(f.Namespace.Name, podName) + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, podName, "/dev/xvda", "/tmp/testdata.txt") + // pvcJig.CheckFileCorruption(f.Namespace.Name, podName, "/tmp", "testdata.txt") + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + }) + }) +}) + +var _ = Describe("CSI Raw Block Volume Expansion iSCSI", func() { + f := framework.NewDefaultFramework("csi-expansion") + Context("[cloudprovider][storage][csi][expand][iSCSI][raw-block]", func() { + It("Expand raw block PVC VolumeSize from 50Gi to 100Gi and asserts size, file existence and file corruptions for iSCSI volumes with new storage class", func() { + var size = "100Gi" + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-resizer-pvc-expand-to-100gi-iscsi") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + expandedPvc := pvcJig.UpdateAndAwaitPVCOrFailCSI(pvc, pvc.Namespace, size, nil) + + time.Sleep(120 * time.Second) //waiting for expanded pvc to be functional + + pvcJig.CheckVolumeCapacity("100Gi", expandedPvc.Name, f.Namespace.Name) + pvcJig.CheckFileExists(f.Namespace.Name, podName, "/dev", "xvda") + pvcJig.CheckExpandedRawBlockVolumeReadWrite(f.Namespace.Name, podName) + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, podName, "/dev/xvda", "/tmp/testdata.txt") + // pvcJig.CheckFileCorruption(f.Namespace.Name, podName, "/tmp", "testdata.txt") + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) +}) + var _ = Describe("CSI Volume Performance Level", func() { f := framework.NewBackupFramework("csi-perf-level") Context("[cloudprovider][storage][csi][perf][iSCSI]", func() { @@ -267,7 +391,7 @@ var _ = Describe("CSI Volume Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "0"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -280,7 +404,7 @@ var _ = Describe("CSI Volume Performance Level", func() { scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -294,7 +418,7 @@ var _ = Describe("CSI Volume Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "20"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.HigherPerformanceOption) @@ -311,7 +435,7 @@ var _ = Describe("CSI Volume Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "0"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -326,7 +450,7 @@ var _ = Describe("CSI Volume Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "10"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -334,7 +458,6 @@ var _ = Describe("CSI Volume Performance Level", func() { f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) _ = f.DeleteStorageClass(f.Namespace.Name) }) - It("Create CSI block volume with Performance Level as High", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-paravirtual-high") @@ -342,7 +465,7 @@ var _ = Describe("CSI Volume Performance Level", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "20"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.HigherPerformanceOption) @@ -350,7 +473,6 @@ var _ = Describe("CSI Volume Performance Level", func() { _ = f.DeleteStorageClass(f.Namespace.Name) }) }) - Context("[cloudprovider][storage][csi][perf][static]", func() { It("High Performance Static Provisioning CSI", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-static-high") @@ -371,7 +493,131 @@ var _ = Describe("CSI Volume Performance Level", func() { } pvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, csi_util.HigherPerformanceOption, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - podName := pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumeCapacity("50Gi", pvc.Name, f.Namespace.Name) + pvcJig.CheckISCSIQueueDepthOnNode(pvc.Namespace, podName) + f.VolumeIds = append(f.VolumeIds, volumeId) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) +}) + +var _ = Describe("CSI Raw Block Volume Performance Level", func() { + f := framework.NewBackupFramework("csi-perf-level") + Context("[cloudprovider][storage][csi][perf][iSCSI][raw-block]", func() { + It("Create CSI raw block volume with Performance Level as Low Cost", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-iscsi-lowcost") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "0"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.LowCostPerformanceOption) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Create CSI raw block volume with no Performance Level and verify default", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-iscsi-default") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.BalancedPerformanceOption) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + }) + It("Create CSI raw block volume with Performance Level as High", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-iscsi-high") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "20"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + podName := pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.HigherPerformanceOption) + pvcJig.CheckISCSIQueueDepthOnNode(f.Namespace.Name, podName) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) + Context("[cloudprovider][storage][csi][perf][paravirtualized][raw-block]", func() { + It("Create CSI raw block volume with Performance Level as Low Cost", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-paravirtual-lowcost") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "0"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("low-cost-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.LowCostPerformanceOption) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Create CSI raw block volume with no Performance Level and verify default", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-paravirtual-balanced") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "10"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("default-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.BalancedPerformanceOption) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + It("Create CSI raw block volume with Performance Level as High", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-paravirtual-high") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "20"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("high-perf-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + pvcJig.CheckVolumePerformanceLevel(f.BlockStorageClient, pvc.Namespace, pvc.Name, csi_util.HigherPerformanceOption) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) + Context("[cloudprovider][storage][csi][perf][static][raw-block]", func() { + It("High Performance CSI raw block volume Static Provisioning", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-perf-static-high") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "20"}, + pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) + + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + framework.Failf("Compartment Id undefined.") + } + pvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, csi_util.HigherPerformanceOption, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + podName := pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -400,7 +646,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "30"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) @@ -416,7 +662,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "30"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) @@ -432,7 +678,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "30", framework.FstypeKey: "xfs"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) @@ -450,7 +696,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { pvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, 30, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - podName = pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) pvcJig.CheckVolumeCapacity("50Gi", pvc.Name, f.Namespace.Name) @@ -467,7 +713,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "30"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) volumeName := pvcJig.GetVolumeNameFromPVC(pvc.Name, f.Namespace.Name) @@ -494,7 +740,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { } scName = f.CreateStorageClassOrFail(framework.ClassOCIKMS+"-1", "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) pvcJig.CheckCMEKKey(f.Client.BlockStorage(), pvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), pvc.Name, f.Namespace.Name, podName, framework.AttachmentTypeISCSI) @@ -521,7 +767,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeISCSI, csi_util.VpusPerGB: "30"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("expanded-uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("expanded-uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running expandedPvc := pvcJig.UpdateAndAwaitPVCOrFailCSI(pvc, pvc.Namespace, size, nil) pvcJig.CheckVolumeCapacity("100Gi", expandedPvc.Name, f.Namespace.Name) @@ -539,7 +785,7 @@ var _ = Describe("CSI Ultra High Performance Volumes", func() { map[string]string{framework.AttachmentType: framework.AttachmentTypeParavirtualized, csi_util.VpusPerGB: "30"}, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc = pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName = pvcJig.NewPodForCSI("expanded-uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName = pvcJig.NewPodForCSI("expanded-uhp-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running expandedPvc = pvcJig.UpdateAndAwaitPVCOrFailCSI(pvc, pvc.Namespace, size, nil) time.Sleep(120 * time.Second) //waiting for expanded pvc to be functional @@ -611,7 +857,7 @@ var _ = Describe("CSI Volume Expansion Paravirtualized", func() { "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running @@ -630,6 +876,41 @@ var _ = Describe("CSI Volume Expansion Paravirtualized", func() { }) }) +var _ = Describe("CSI Raw Block Volume Expansion Paravirtualized", func() { + f := framework.NewDefaultFramework("csi-expansion") + Context("[cloudprovider][storage][csi][expand][paravirtualized][raw-block]", func() { + It("Expand raw block PVC VolumeSize from 50Gi to 100Gi and asserts size, file existence and file corruptions for paravirtualized volumes with new storage class", func() { + var size = "100Gi" + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-resizer-pvc-expand-to-100gi-paravirtualized") + + scParameter := map[string]string{ + framework.KmsKey: setupF.CMEKKMSKey, + framework.AttachmentType: framework.AttachmentTypeParavirtualized, + } + scName := f.CreateStorageClassOrFail(f.Namespace.Name, + "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, + "WaitForFirstConsumer", true, "Delete", nil) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + podName := pvcJig.NewPodForCSI("expanded-pvc-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + expandedPvc := pvcJig.UpdateAndAwaitPVCOrFailCSI(pvc, pvc.Namespace, size, nil) + + time.Sleep(120 * time.Second) //waiting for expanded pvc to be functional + + pvcJig.CheckVolumeCapacity("100Gi", expandedPvc.Name, f.Namespace.Name) + pvcJig.CheckFileExists(f.Namespace.Name, podName, "/dev", "xvda") + pvcJig.CheckExpandedRawBlockVolumeReadWrite(f.Namespace.Name, podName) + pvcJig.ExtractDataFromBlockDevice(f.Namespace.Name, podName, "/dev/xvda", "/tmp/testdata.txt") + // pvcJig.CheckFileCorruption(f.Namespace.Name, podName, "/tmp", "testdata.txt") + + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + _ = f.DeleteStorageClass(f.Namespace.Name) + }) + }) +}) + var _ = Describe("CSI Static Volume Creation", func() { f := framework.NewBackupFramework("csi-static") Context("[cloudprovider][storage][csi][static]", func() { @@ -650,11 +931,44 @@ var _ = Describe("CSI Static Volume Creation", func() { framework.Failf("Compartment Id undefined.") } pvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, 10, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) time.Sleep(60 * time.Second) //waiting for pod to up and running + pvcObj := pvcJig.GetPVCByName(pvc.Name, f.Namespace.Name) + f.VolumeIds = append(f.VolumeIds, pvcObj.Spec.VolumeName) + pvcJig.CheckVolumeCapacity("50Gi", pvc.Name, f.Namespace.Name) + f.VolumeIds = append(f.VolumeIds, volumeId) + }) + }) +}) + +var _ = Describe("CSI Static Raw Block Volume Creation", func() { + f := framework.NewBackupFramework("csi-static") + Context("[cloudprovider][storage][csi][static][raw-block]", func() { + It("Static Provisioning of a raw block CSI", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests-pvc-with-static") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", + nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + framework.Failf("Compartment Id undefined.") + } + pvc, volumeId := pvcJig.CreateAndAwaitStaticPVCOrFailCSI(f.BlockStorageClient, f.Namespace.Name, framework.MinVolumeBlock, 10, scName, setupF.AdLocation, compartmentId, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) + pvcJig.NewPodForCSI("app4", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + + time.Sleep(60 * time.Second) //waiting for pod to up and running + + pvcObj := pvcJig.GetPVCByName(pvc.Name, f.Namespace.Name) + f.VolumeIds = append(f.VolumeIds, pvcObj.Spec.VolumeName) pvcJig.CheckVolumeCapacity("50Gi", pvc.Name, f.Namespace.Name) f.VolumeIds = append(f.VolumeIds, volumeId) }) @@ -665,27 +979,53 @@ var _ = Describe("CSI CMEK,PV attachment and in-transit encryption test", func() f := framework.NewDefaultFramework("csi-basic") Context("[cloudprovider][storage][csi][cmek][paravirtualized]", func() { It("Create PVC and POD for CSI with CMEK,PV attachment and in-transit encryption", func() { - TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeParavirtualized) + TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeParavirtualized, false) }) }) Context("[cloudprovider][storage][csi][cmek][iscsi]", func() { It("Create PVC and POD for CSI with CMEK,ISCSI attachment and in-transit encryption", func() { - TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeISCSI) + TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeISCSI, false) + }) + }) +}) + +var _ = Describe("CSI CMEK,PV attachment and in-transit encryption test", func() { + f := framework.NewDefaultFramework("csi-basic") + Context("[cloudprovider][storage][csi][cmek][paravirtualized][raw-block]", func() { + It("Create raw block PVC and POD for CSI with CMEK,PV attachment and in-transit encryption", func() { + TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeParavirtualized, false) + }) + }) + + Context("[cloudprovider][storage][csi][cmek][iscsi][raw-block]", func() { + It("Create raw block PVC and POD for CSI with CMEK,ISCSI attachment and in-transit encryption", func() { + TestCMEKAttachmentTypeAndEncryptionType(f, framework.AttachmentTypeISCSI, false) }) }) }) -func TestCMEKAttachmentTypeAndEncryptionType(f *framework.CloudProviderFramework, expectedAttachmentType string) { +func TestCMEKAttachmentTypeAndEncryptionType(f *framework.CloudProviderFramework, expectedAttachmentType string, isRawBlockVolume bool) { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-cmek-iscsi-in-transit-e2e-tests") + volumeMode := v1.PersistentVolumeFilesystem + if isRawBlockVolume { + volumeMode = v1.PersistentVolumeBlock + } scParameter := map[string]string{ framework.KmsKey: setupF.CMEKKMSKey, framework.AttachmentType: expectedAttachmentType, } scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", scParameter, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) - pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel) + pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, volumeMode, v1.ReadWriteOnce, v1.ClaimPending) + + podName := "" + if isRawBlockVolume { + podName = pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeBlock) + } else { + podName = pvcJig.NewPodForCSI("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) + } + pvcJig.CheckCMEKKey(f.Client.BlockStorage(), pvc.Name, f.Namespace.Name, setupF.CMEKKMSKey) pvcJig.CheckAttachmentTypeAndEncryptionType(f.Client.Compute(), pvc.Name, f.Namespace.Name, podName, expectedAttachmentType) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) @@ -695,23 +1035,6 @@ func TestCMEKAttachmentTypeAndEncryptionType(f *framework.CloudProviderFramework var _ = Describe("CSI Volume Capabilites", func() { f := framework.NewDefaultFramework("csi-basic") Context("[cloudprovider][storage][csi]", func() { - It("Create volume fails with volumeMode set to block", func() { - pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests") - - scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) - pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimPending) - f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) - pvcJig.NewPodForCSIWithoutWait("app1", f.Namespace.Name, pvc.Name, setupF.AdLabel) - pvcObject := pvcJig.GetPVCByName(pvc.Name, f.Namespace.Name) - err := pvcJig.WaitTimeoutForPVCBound(pvcObject.Name, f.Namespace.Name, 8*time.Minute) - if err == nil { - framework.Failf("PVC volume mode is not in pending status") - } - if pvcObject.Status.Phase != v1.ClaimPending { - framework.Failf("PVC volume mode is not in pending status") - } - }) - It("Create volume fails with accessMode set to ReadWriteMany", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-tests") @@ -747,6 +1070,22 @@ var _ = Describe("CSI Volume Creation - Immediate Volume Binding", func() { }) }) +var _ = Describe("CSI Raw Block Volume Creation - Immediate Volume Binding", func() { + f := framework.NewDefaultFramework("csi-immediate") + Context("[cloudprovider][storage][csi][raw-block]", func() { + It("Create PVC without pod and wait to be bound.", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-provisioner-e2e-immediate-bind") + + scName := f.CreateStorageClassOrFail(f.Namespace.Name, "blockvolume.csi.oraclecloud.com", nil, pvcJig.Labels, "Immediate", true, "Delete", nil) + pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeBlock, v1.ReadWriteOnce, v1.ClaimBound) + err := f.DeleteStorageClass(f.Namespace.Name) + if err != nil { + Fail(fmt.Sprintf("deleting storage class failed %s", f.Namespace.Name)) + } + }) + }) +}) + func testTwoPVCSetup(f *framework.CloudProviderFramework, storageclass1params map[string]string, storageclass2params map[string]string) { compartmentId := f.GetCompartmentId(*setupF) if compartmentId == "" { @@ -759,7 +1098,7 @@ func testTwoPVCSetup(f *framework.CloudProviderFramework, storageclass1params ma storageclass1params, pvcJig.Labels, "WaitForFirstConsumer", true, "Delete", nil) pvc := pvcJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, sc1Name, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) - podName := pvcJig.NewPodForCSI("pvc-one-app", f.Namespace.Name, pvc.Name, setupF.AdLabel) + podName := pvcJig.NewPodForCSI("pvc-one-app", f.Namespace.Name, pvc.Name, setupF.AdLabel, v1.PersistentVolumeFilesystem) ctx := context.Background() pvcJig.VerifyMultipathEnabled(ctx, f.ComputeClient, pvc.Name, f.Namespace.Name, compartmentId) diff --git a/test/e2e/cloud-provider-oci/fss_dynamic.go b/test/e2e/cloud-provider-oci/fss_dynamic.go index 0396d73832..332daee119 100644 --- a/test/e2e/cloud-provider-oci/fss_dynamic.go +++ b/test/e2e/cloud-provider-oci/fss_dynamic.go @@ -21,12 +21,13 @@ import ( . "github.com/onsi/ginkgo" "github.com/oracle/oci-cloud-controller-manager/test/e2e/framework" + "github.com/oracle/oci-go-sdk/v65/containerengine" v1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/util/uuid" ) const ( - defaultExportOptionsJsonString = "[{\"source\":\"10.0.0.0/16\",\"requirePrivilegedSourcePort\":true,\"access\":\"READ_WRITE\",\"identitySquash\":\"NONE\",\"anonymousUid\":0,\"anonymousGid\":0}]" + defaultExportOptionsJsonString = "[{\"source\":\"10.0.0.0/16\",\"requirePrivilegedSourcePort\":false,\"access\":\"READ_WRITE\",\"identitySquash\":\"NONE\",\"anonymousUid\":0,\"anonymousGid\":0}]" ) var _ = Describe("Dynamic FSS test in cluster compartment", func() { @@ -34,7 +35,7 @@ var _ = Describe("Dynamic FSS test in cluster compartment", func() { Context("[cloudprovider][storage][csi][fss][mtexist]", func() { It("Basic Create PVC and POD for CSI-FSS", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -42,7 +43,7 @@ var _ = Describe("Dynamic FSS test in cluster compartment", func() { pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with exportPath", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-export-path-mt-exist-in-compartment" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -51,17 +52,16 @@ var _ = Describe("Dynamic FSS test in cluster compartment", func() { pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with exportPath and exportOptions", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-export-path-export-options-mt-exist-in-compartment" - scParameters["exportOptions"] = defaultExportOptionsJsonString scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with kmsKey", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["kmsKey"] = setupF.CMEKKMSKey scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -71,7 +71,7 @@ var _ = Describe("Dynamic FSS test in cluster compartment", func() { }) It("Create PVC and POD for CSI-FSS with in-transit encryption", func() { checkNodeAvailability(f) - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["encryptInTransit"] = "true" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -79,87 +79,150 @@ var _ = Describe("Dynamic FSS test in cluster compartment", func() { pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, true, []string{}) }) + It("Create PVC & POD for CSI-FSS using workload Identity Resource Principal", func() { + if f.ClusterType != containerengine.ClusterTypeEnhancedCluster { + Skip("Skipping Workload Identity test because the cluster is not an OKE ENHANCED_CLUSTER") + } + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") + saName := pvcJig.CreateServiceAccountOrFail(f.Namespace.Name, "sa") + pvcJig.CreateSecret("fss-secret", saName.Name, f.Namespace.Name) + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": f.Namespace.Name} + scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + f.StorageClasses = append(f.StorageClasses, scName) + pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) + writePod, readPod := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) + //adding pod deletion check as resources are being created by using workload identity resource principal + err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name) + if err != nil { + framework.Failf("Error deleting PVC: %v", err) + } + }) }) Context("[cloudprovider][storage][csi][fss][mtcreate]", func() { It("Dynamic FSS Mount Target Creation tests", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") By("Running test: Basic Create PVC and POD for CSI-FSS with new mount-target creation") - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "exportOptions": defaultExportOptionsJsonString} scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) writePod, readPod := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) - err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod); if err != nil { + err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Basic Create PVC and POD for CSI-FSS with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with exportPath and with new mount-target creation") - scParameters2 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid} + scParameters2 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "exportOptions": defaultExportOptionsJsonString} scParameters2["exportPath"] = "/csi-fss-e2e-export-path-mt-create-in-compartment" scName2 := f.CreateStorageClassOrFail(f.Namespace.Name+"-2", framework.FssProvisionerType, scParameters2, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName2) pvc2 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName2, v1.ClaimPending, nil) writePod2, readPod2 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc2.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod2); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod2) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod2); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod2) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc2.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc2.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with exportPath and with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with exportPath and exportOptions and with new mount-target creation") - scParameters3 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid} + scParameters3 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "exportOptions": defaultExportOptionsJsonString} scParameters3["exportPath"] = "/csi-fss-e2e-export-path-export-options-mt-create-in-compartment" scParameters3["exportOptions"] = defaultExportOptionsJsonString - scName3 := f.CreateStorageClassOrFail(f.Namespace.Name + "-3", framework.FssProvisionerType, scParameters3, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + scName3 := f.CreateStorageClassOrFail(f.Namespace.Name+"-3", framework.FssProvisionerType, scParameters3, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName3) pvc3 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName3, v1.ClaimPending, nil) writePod3, readPod3 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc3.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod3); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod3) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod3); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod3) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc3.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc3.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with exportPath and exportOptions and with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with kmsKey and with new mount-target creation") - scParameters4 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid} + scParameters4 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "exportOptions": defaultExportOptionsJsonString} scParameters4["kmsKey"] = setupF.CMEKKMSKey - scName4 := f.CreateStorageClassOrFail(f.Namespace.Name + "-4", framework.FssProvisionerType, scParameters4, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + scName4 := f.CreateStorageClassOrFail(f.Namespace.Name+"-4", framework.FssProvisionerType, scParameters4, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName4) pvc4 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName4, v1.ClaimPending, nil) writePod4, readPod4 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc4.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod4); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod4) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod4); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod4) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc4.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc4.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with kmsKey and with new mount-target creation") + + if f.ClusterType == containerengine.ClusterTypeEnhancedCluster { + By("Running test: Basic Create PVC and POD for CSI-FSS with new mount-target creation using Workload Identity Resourse Principal") + saName5 := pvcJig.CreateServiceAccountOrFail(f.Namespace.Name, "sa") + pvcJig.CreateSecret("fss-secret", saName5.Name, f.Namespace.Name) + + scParameters5 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": f.Namespace.Name} + scName5 := f.CreateStorageClassOrFail(f.Namespace.Name+"-5", framework.FssProvisionerType, scParameters5, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + f.StorageClasses = append(f.StorageClasses, scName5) + pvc5 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName5, v1.ClaimPending, nil) + writePod5, readPod5 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc5.Name, false, []string{}) + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod5) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod5) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc5.Name) + if err != nil { + framework.Failf("Error deleting PVC: %v", err) + } + By("Completed test: Basic Create PVC and POD for CSI-FSS with new mount-target creation tests using workload Identity Resource Principal") + } }) // TODO: Think of parallelising this test when there is a way to label the nodes as part of the test suite to run this test It("Create PVC and POD for CSI-FSS with in-transit encryption and with new mount-target creation", func() { checkNodeAvailability(f) - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["encryptInTransit"] = "true" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -176,7 +239,7 @@ var _ = Describe("Dynamic FSS test in different compartment", func() { Context("[cloudprovider][storage][csi][fss][mtexist]", func() { It("Basic Create PVC and POD for CSI-FSS with file-system compartment set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -184,7 +247,7 @@ var _ = Describe("Dynamic FSS test in different compartment", func() { pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with exportPath with file-system compartment set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-export-path-mt-exist-diff-compartment" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -193,17 +256,16 @@ var _ = Describe("Dynamic FSS test in different compartment", func() { pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with exportPath and exportOptions with file-system compartment set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-export-path-export-options-mt-exist-diff-compartment" - scParameters["exportOptions"] = defaultExportOptionsJsonString scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) }) It("Create PVC and POD for CSI-FSS with kmsKey and with file-system compartment set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["kmsKey"] = setupF.CMEKKMSKey scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -213,7 +275,7 @@ var _ = Describe("Dynamic FSS test in different compartment", func() { }) It("Create PVC and POD for CSI-FSS with in-transit encryption and with file-system compartment set", func() { checkNodeAvailability(f) - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["encryptInTransit"] = "true" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -221,87 +283,149 @@ var _ = Describe("Dynamic FSS test in different compartment", func() { pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, true, []string{}) }) + It("Create PVC & POD for CSI-FSS with file-system compartment set using workload Identity Resource Principal", func() { + if f.ClusterType != containerengine.ClusterTypeEnhancedCluster { + Skip("Skipping Workload Identity test because the cluster is not an OKE ENHANCED_CLUSTER") + } + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") + saName := pvcJig.CreateServiceAccountOrFail(f.Namespace.Name, "sa") + pvcJig.CreateSecret("fss-secret", saName.Name, f.Namespace.Name) + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": f.Namespace.Name} + scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + f.StorageClasses = append(f.StorageClasses, scName) + pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) + writePod, readPod := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) + //adding pod deletion check as resources are being created by using workload identity resource principal + err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name) + if err != nil { + framework.Failf("Error deleting PVC: %v", err) + } + }) }) Context("[cloudprovider][storage][csi][fss][mtcreate]", func() { It("Dynamic FSS Mount Target Creation tests", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") By("Running test: Basic Create PVC and POD for CSI-FSS with file-system compartment set and with new mount-target creation") - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) pvc := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimPending, nil) writePod, readPod := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) - err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod); if err != nil { + err := pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Basic Create PVC and POD for CSI-FSS with file-system compartment set and with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with exportPath and with file-system compartment set and with new mount-target creation") - scParameters2 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters2 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} scParameters2["exportPath"] = "/csi-fss-e2e-export-path-mt-create-diff-compartment" - scName2 := f.CreateStorageClassOrFail(f.Namespace.Name + "-2", framework.FssProvisionerType, scParameters2, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + scName2 := f.CreateStorageClassOrFail(f.Namespace.Name+"-2", framework.FssProvisionerType, scParameters2, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName2) pvc2 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName2, v1.ClaimPending, nil) writePod2, readPod2 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc2.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod2); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod2) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod2); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod2) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc2.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc2.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with exportPath and with file-system compartment set and with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with exportPath and exportOptions and with file-system compartment set and with new mount-target creation") - scParameters3 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters3 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} scParameters3["exportPath"] = "/csi-fss-e2e-export-path-export-options-mt-create-diff-compartment" - scParameters3["exportOptions"] = defaultExportOptionsJsonString - scName3 := f.CreateStorageClassOrFail(f.Namespace.Name + "-3", framework.FssProvisionerType, scParameters3, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + scName3 := f.CreateStorageClassOrFail(f.Namespace.Name+"-3", framework.FssProvisionerType, scParameters3, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName3) pvc3 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName3, v1.ClaimPending, nil) writePod3, readPod3 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc3.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod3); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod3) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod3); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod3) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc3.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc3.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with exportPath and exportOptions and with file-system compartment set and with new mount-target creation") By("Running test: Create PVC and POD for CSI-FSS with kmsKey and with file-system compartment set and with new mount-target creation") - scParameters4 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters4 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} scParameters4["kmsKey"] = setupF.CMEKKMSKey - scName4 := f.CreateStorageClassOrFail(f.Namespace.Name + "-4", framework.FssProvisionerType, scParameters4, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + scName4 := f.CreateStorageClassOrFail(f.Namespace.Name+"-4", framework.FssProvisionerType, scParameters4, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName4) pvc4 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName4, v1.ClaimPending, nil) writePod4, readPod4 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc4.Name, false, []string{}) - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod4); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod4) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod4); if err != nil { + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod4) + if err != nil { framework.Failf("Error deleting pod: %v", err) } - err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc4.Name); if err != nil { + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc4.Name) + if err != nil { framework.Failf("Error deleting PVC: %v", err) } By("Completed test: Create PVC and POD for CSI-FSS with kmsKey and with file-system compartment set and with new mount-target creation") + + if f.ClusterType == containerengine.ClusterTypeEnhancedCluster { + By("Running test: Basic Create PVC and POD for CSI-FSS with new mount-target creation and with file-system compartment set using Workload Identity Resourse Principal") + saName5 := pvcJig.CreateServiceAccountOrFail(f.Namespace.Name, "sa") + pvcJig.CreateSecret("fss-secret", saName5.Name, f.Namespace.Name) + + scParameters5 := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "csi.storage.k8s.io/provisioner-secret-name": "fss-secret", "csi.storage.k8s.io/provisioner-secret-namespace": f.Namespace.Name} + scName5 := f.CreateStorageClassOrFail(f.Namespace.Name+"-5", framework.FssProvisionerType, scParameters5, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + f.StorageClasses = append(f.StorageClasses, scName5) + pvc5 := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName5, v1.ClaimPending, nil) + writePod5, readPod5 := pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc5.Name, false, []string{}) + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, writePod5) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPod(f.Namespace.Name, readPod5) + if err != nil { + framework.Failf("Error deleting pod: %v", err) + } + err = pvcJig.DeleteAndAwaitPVC(f.Namespace.Name, pvc5.Name) + if err != nil { + framework.Failf("Error deleting PVC: %v", err) + } + By("Completed test: Basic Create PVC and POD for CSI-FSS with new mount-target creation and with file-system compartment set using workload Identity Resource Principal") + } }) // TODO: Think of parallelising this test when there is a way to label the nodes as part of the test suite to run this test It("Create PVC and POD for CSI-FSS with in-transit encryption", func() { checkNodeAvailability(f) - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetSubnetOcid": setupF.MntTargetSubnetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["encryptInTransit"] = "true" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -317,7 +441,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { Context("[cloudprovider][storage][csi][fss][mtexist]", func() { It("Basic Delete POD and PVC for CSI-FSS", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -342,7 +466,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { } }) It("Test PV not deleted when reclaim policy is Retain", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Retain", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -373,7 +497,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { f.VolumeIds = append(f.VolumeIds, volumeName) }) It("Test export is deleted in cluster compartment when export path is not set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -413,7 +537,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { } }) It("Test export is deleted in cluster compartment when export path is set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-delete-export-mt-exist-in-compartment" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -454,7 +578,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { } }) It("Test export is deleted in different compartment when export path is not set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -494,7 +618,7 @@ var _ = Describe("Dynamic FSS deletion test", func() { } }) It("Test export is deleted in different compartment when export path is set", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "compartmentOcid": setupF.MntTargetCompartmentOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scParameters["exportPath"] = "/csi-fss-e2e-delete-export-mt-exist-diff-compartment" scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) @@ -542,7 +666,7 @@ var _ = Describe("Dynamic FSS test with mount options", func() { Context("[cloudprovider][storage][csi][fss][mtexist]", func() { It("Basic Dynamic FSS test with mount options", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") mountOptions := []string{"hard"} scName := f.CreateStorageClassOrFail(framework.ClassFssDynamic, framework.FssProvisionerType, scParameters, pvcJig.Labels, "WaitForFirstConsumer", false, "Delete", mountOptions) @@ -558,7 +682,7 @@ var _ = Describe("Dynamic FSS test with immediate binding mode", func() { Context("[cloudprovider][storage][csi][fss][mtexist]", func() { It("Basic Dynamic FSS test with immediate binding mode", func() { - scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid} + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-dyn-e2e-test") scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "Immediate", false, "Delete", nil) f.StorageClasses = append(f.StorageClasses, scName) @@ -567,3 +691,20 @@ var _ = Describe("Dynamic FSS test with immediate binding mode", func() { }) }) }) + +var _ = Describe("Dynamic FSS test with ReadWriteOnce access mode", func() { + f := framework.NewDefaultFramework("fss-dynamic") + + Context("[cloudprovider][storage][csi][fss][mtexist][rwo]", func() { + It("Create PVC and POD for CSI-FSS with RWO AccessMode ", func() { + scParameters := map[string]string{"availabilityDomain": setupF.AdLabel, "mountTargetOcid": setupF.MntTargetOcid, "exportOptions": defaultExportOptionsJsonString} + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-rwo-fss-dyn-e2e-test") + scName := f.CreateStorageClassOrFail(f.Namespace.Name, framework.FssProvisionerType, scParameters, pvcJig.Labels, "Immediate", false, "Delete", nil) + f.StorageClasses = append(f.StorageClasses, scName) + pvcObject := pvcJig.CreateAndAwaitPVCOrFailDynamicFSS(f.Namespace.Name, "50Gi", scName, v1.ClaimBound, func(pvc *v1.PersistentVolumeClaim) { + pvc.Spec.AccessModes = []v1.PersistentVolumeAccessMode{"ReadWriteOnce"} + }) + pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvcObject.Name, false, []string{}) + }) + }) +}) diff --git a/test/e2e/cloud-provider-oci/fss_static.go b/test/e2e/cloud-provider-oci/fss_static.go index 9b60863f12..601a0f8ba1 100644 --- a/test/e2e/cloud-provider-oci/fss_static.go +++ b/test/e2e/cloud-provider-oci/fss_static.go @@ -16,8 +16,10 @@ package e2e import ( "context" + . "github.com/onsi/ginkgo" "github.com/oracle/oci-cloud-controller-manager/test/e2e/framework" + v1 "k8s.io/api/core/v1" v12 "k8s.io/apimachinery/pkg/apis/meta/v1" ) @@ -26,7 +28,7 @@ var _ = Describe("Basic Static FSS test", func() { Context("[cloudprovider][storage][csi][fss][static]", func() { It("Create PVC and POD for CSI-FSS", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test") - pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", []string{}) + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", "ReadWriteMany", "", []string{}) pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", nil) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, []string{}) @@ -50,7 +52,7 @@ var _ = Describe("Mount Options Static FSS test", func() { It("Create PV PVC and POD for CSI-FSS with mount options", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test") mountOptions := []string{"sync", "hard", "noac", "nolock"} - pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", mountOptions) + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", "ReadWriteMany", "", mountOptions) pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", nil) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, false, mountOptions) @@ -69,7 +71,7 @@ var _ = Describe("Mount Options Static FSS test", func() { func TestEncryptionType(f *framework.CloudProviderFramework, mountOptions []string) { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test-intransit") - pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "true", mountOptions) + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "true", "ReadWriteMany", "", mountOptions) pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", nil) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) pvcJig.CheckSinglePodReadWrite(f.Namespace.Name, pvc.Name, true, mountOptions) @@ -80,7 +82,7 @@ var _ = Describe("Multiple Pods Static FSS test", func() { Context("[cloudprovider][storage][csi][fss][static]", func() { It("Multiple Pods should be able to read write same file", func() { pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test") - pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", []string{}) + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", "ReadWriteMany", "", []string{}) pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", nil) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) pvcJig.CheckMultiplePodReadWrite(f.Namespace.Name, pvc.Name, false) @@ -89,7 +91,7 @@ var _ = Describe("Multiple Pods Static FSS test", func() { It("Multiple Pods should be able to read write same file with InTransit encryption enabled", func() { checkNodeAvailability(f) pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test") - pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "true", []string{}) + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "true", "ReadWriteMany", "", []string{}) pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", nil) f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) pvcJig.CheckMultiplePodReadWrite(f.Namespace.Name, pvc.Name, true) @@ -114,3 +116,19 @@ func checkNodeAvailability(f *framework.CloudProviderFramework) { Skip("Skipping test due to non-availability of nodes with label \"oke.oraclecloud.com/e2e.oci-fss-util\"") } } + +var _ = Describe("Static FSS RWO Tests", func() { + f := framework.NewDefaultFramework("fss-rwo") + Context("[cloudprovider][storage][csi][fss][static][rwo]", func() { + It("Verify volume group ownership change for RWO volume when fsType and fsGroup are defined", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-rwo-fss-e2e-test") + pv := pvcJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", "ReadWriteOnce", "nfs", []string{}) + pvc := pvcJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, pv.Name, "50Gi", func(pvc *v1.PersistentVolumeClaim) { + pvc.Spec.AccessModes = []v1.PersistentVolumeAccessMode{"ReadWriteOnce"} + }) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pod := pvcJig.CreateAndAwaitNginxPodOrFail(f.Namespace.Name, pvc, WriteCommand) + pvcJig.CheckVolumeOwnership(f.Namespace.Name, pod, "/usr/share/nginx/html/", "1000") + }) + }) +}) diff --git a/test/e2e/cloud-provider-oci/load_balancer.go b/test/e2e/cloud-provider-oci/load_balancer.go index ecffae5f44..fb14a1b27e 100644 --- a/test/e2e/cloud-provider-oci/load_balancer.go +++ b/test/e2e/cloud-provider-oci/load_balancer.go @@ -16,15 +16,19 @@ package e2e import ( "context" + "encoding/json" "fmt" "net" + "reflect" "strconv" "strings" + "sync" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" cloudprovider "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci" sharedfw "github.com/oracle/oci-cloud-controller-manager/test/e2e/framework" + "github.com/oracle/oci-go-sdk/v65/containerengine" "github.com/oracle/oci-go-sdk/v65/core" "go.uber.org/zap" @@ -35,11 +39,27 @@ import ( clientset "k8s.io/client-go/kubernetes" ) +var once sync.Once var _ = Describe("Service [Slow]", func() { baseName := "service" + var tcpService *v1.Service + var jig *sharedfw.ServiceTestJig f := sharedfw.NewDefaultFramework(baseName) + JustAfterEach(func() { + if tcpService == nil || jig == nil { + return + } + dp := metav1.DeletePropagationBackground // Default after k8s v1.20 + jig.Client.CoreV1().Services(f.Namespace.Name).Delete(context.Background(), tcpService.Name, metav1.DeleteOptions{ + PropagationPolicy: &dp, + }) + }) + + testDefinedTags := map[string]map[string]interface{}{"oke-tag": {"oke-tagging": "ccm-test-integ"}} + testDefinedTagsByteArray, _ := json.Marshal(testDefinedTags) + basicTestArray := []struct { lbType string CreationAnnotations map[string]string @@ -55,15 +75,36 @@ var _ = Describe("Service [Slow]", func() { cloudprovider.ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", }, }, + { + "lb-wris", + map[string]string{ + cloudprovider.ServiceAnnotationServiceAccountName: "sa", + cloudprovider.ServiceAnnotationLoadBalancerInitialDefinedTagsOverride: string(testDefinedTagsByteArray), + }, + }, + { + "nlb-wris", + map[string]string{ + cloudprovider.ServiceAnnotationServiceAccountName: "sa", + cloudprovider.ServiceAnnotationLoadBalancerType: "nlb", + cloudprovider.ServiceAnnotationNetworkLoadBalancerSecurityListManagementMode: "All", + cloudprovider.ServiceAnnotationNetworkLoadBalancerInitialDefinedTagsOverride: string(testDefinedTagsByteArray), + }, + }, } - Context("[cloudprovider][ccm][lb][SL][system-tags]", func() { + Context("[cloudprovider][ccm][lb][SL][wris][system-tags]", func() { It("should be possible to create and mutate a Service type:LoadBalancer (change nodeport) [Canary]", func() { for _, test := range basicTestArray { + if strings.HasSuffix(test.lbType, "-wris") && f.ClusterType != containerengine.ClusterTypeEnhancedCluster { + sharedfw.Logf("Skipping Workload Identity Principal test for LB Type (%s) because the cluster is not an OKE ENHANCED_CLUSTER", test.lbType) + continue + } + By("Running test for: " + test.lbType) serviceName := "basic-" + test.lbType + "-test" ns := f.Namespace.Name - jig := sharedfw.NewServiceTestJig(f.ClientSet, serviceName) + jig = sharedfw.NewServiceTestJig(f.ClientSet, serviceName) nodeIP := sharedfw.PickNodeIP(jig.Client) // for later @@ -72,18 +113,30 @@ var _ = Describe("Service [Slow]", func() { if nodes := sharedfw.GetReadySchedulableNodesOrDie(f.ClientSet); len(nodes.Items) > sharedfw.LargeClusterMinNodesNumber { loadBalancerCreateTimeout = sharedfw.LoadBalancerCreateTimeoutLarge } + var serviceAccount *v1.ServiceAccount + if sa, exists := test.CreationAnnotations[cloudprovider.ServiceAnnotationServiceAccountName]; exists { + // Create a service account in the same namespace as the service + By("creating service account \"sa\" in namespace " + ns) + serviceAccount = jig.CreateServiceAccountOrFail(ns, sa, nil) + } // TODO(apryde): Test that LoadBalancers can receive static IP addresses // (in a provider agnostic manner?). OCI does not currently // support this. requestedIP := "" - tcpService := jig.CreateTCPServiceOrFail(ns, func(s *v1.Service) { + tcpService = jig.CreateTCPServiceOrFail(ns, func(s *v1.Service) { s.Spec.Type = v1.ServiceTypeLoadBalancer s.Spec.LoadBalancerIP = requestedIP // will be "" if not applicable s.ObjectMeta.Annotations = test.CreationAnnotations }) + if _, exists := test.CreationAnnotations[cloudprovider.ServiceAnnotationServiceAccountName]; exists { + By("setting service account \"sa\" owner reference as the TCP service " + serviceName) + // Set SA owner reference as the service to prevent deletion of service account before the service + jig.SetServiceOwnerReferenceOnServiceAccountOrFail(ns, serviceAccount, tcpService) + } + svcPort := int(tcpService.Spec.Ports[0].Port) By("creating a pod to be part of the TCP service " + serviceName) @@ -96,29 +149,56 @@ var _ = Describe("Service [Slow]", func() { tcpService = jig.WaitForLoadBalancerOrFail(ns, tcpService.Name, loadBalancerCreateTimeout) jig.SanityCheckService(tcpService, v1.ServiceTypeLoadBalancer) - By("validating system tags on the loadbalancer") - lbName := cloudprovider.GetLoadBalancerName(tcpService) - sharedfw.Logf("LB Name is %s", lbName) - ctx := context.TODO() - compartmentId := "" - if setupF.Compartment1 != "" { - compartmentId = setupF.Compartment1 - } else if f.CloudProviderConfig.CompartmentID != "" { - compartmentId = f.CloudProviderConfig.CompartmentID - } else if f.CloudProviderConfig.Auth.CompartmentID != "" { - compartmentId = f.CloudProviderConfig.Auth.CompartmentID - } else { - sharedfw.Failf("Compartment Id undefined.") - } - lbType := test.lbType if strings.HasSuffix(test.lbType, "-wris") { - lbType = strings.TrimSuffix(test.lbType, "-wris") + lbName := cloudprovider.GetLoadBalancerName(tcpService) + sharedfw.Logf("LB Name is %s", lbName) + ctx := context.TODO() + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + sharedfw.Failf("Compartment Id undefined.") + } + lbType := strings.TrimSuffix(test.lbType, "-wris") + loadBalancer, err := f.Client.LoadBalancer(zap.L().Sugar(), lbType, "", nil).GetLoadBalancerByName(ctx, compartmentId, lbName) + sharedfw.ExpectNoError(err) + + if !reflect.DeepEqual(loadBalancer.DefinedTags, testDefinedTags) { + sharedfw.Failf("Defined tag mismatch! Expected: %v, Got: %v", testDefinedTags, loadBalancer.DefinedTags) + } } - loadBalancer, err := f.Client.LoadBalancer(zap.L().Sugar(), lbType, "", nil).GetLoadBalancerByName(ctx, compartmentId, lbName) - sharedfw.ExpectNoError(err) - sharedfw.Logf("Loadbalancer details %v:", loadBalancer) - if setupF.AddOkeSystemTags && !sharedfw.HasOkeSystemTags(loadBalancer.SystemTags) { - sharedfw.Failf("Loadbalancer is expected to have the system tags") + + if strings.HasSuffix(test.lbType, "-wris") { + sharedfw.Logf("skip evaluating system tag when the principal type is Workload identity") + } else { + By("validating system tags on the loadbalancer") + lbName := cloudprovider.GetLoadBalancerName(tcpService) + sharedfw.Logf("LB Name is %s", lbName) + ctx := context.TODO() + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + sharedfw.Failf("Compartment Id undefined.") + } + lbType := test.lbType + if strings.HasSuffix(test.lbType, "-wris") { + lbType = strings.TrimSuffix(test.lbType, "-wris") + } + loadBalancer, err := f.Client.LoadBalancer(zap.L().Sugar(), lbType, "", nil).GetLoadBalancerByName(ctx, compartmentId, lbName) + sharedfw.ExpectNoError(err) + sharedfw.Logf("Loadbalancer details %v:", loadBalancer) + if setupF.AddOkeSystemTags && !sharedfw.HasOkeSystemTags(loadBalancer.SystemTags) { + sharedfw.Failf("Loadbalancer is expected to have the system tags") + } } tcpNodePort := int(tcpService.Spec.Ports[0].NodePort) @@ -252,6 +332,10 @@ var _ = Describe("Service NSG [Slow]", func() { Context("[cloudprovider][ccm][lb][managedNsg]", func() { It("should be possible to create and mutate a Service type:LoadBalancer (change nodeport) [Canary]", func() { for _, test := range basicTestArray { + if strings.HasSuffix(test.lbType, "-wris") && f.ClusterType != containerengine.ClusterTypeEnhancedCluster { + sharedfw.Logf("Skipping Workload Identity Principal test for LB Type (%s) because the cluster is not an OKE ENHANCED_CLUSTER", test.lbType) + continue + } By("Running test for: " + test.lbType) serviceName := "basic-" + test.lbType + "-test" @@ -267,6 +351,11 @@ var _ = Describe("Service NSG [Slow]", func() { loadBalancerCreateTimeout = sharedfw.LoadBalancerCreateTimeoutLarge } + if sa, exists := test.CreationAnnotations[cloudprovider.ServiceAnnotationServiceAccountName]; exists { + // Create a service account in the same namespace as the service + jig.CreateServiceAccountOrFail(ns, sa, nil) + } + // TODO(apryde): Test that LoadBalancers can receive static IP addresses // (in a provider agnostic manner?). OCI does not currently // support this. @@ -470,7 +559,6 @@ var _ = Describe("ESIPP [Slow]", func() { svc.Spec.Ports[0].TargetPort = intstr.FromInt(int(svc.Spec.Ports[0].Port)) svc.Spec.Ports[0].Port = 8081 } - }) serviceLBNames = append(serviceLBNames, cloudprovider.GetLoadBalancerName(svc)) defer func() { @@ -523,7 +611,21 @@ var _ = Describe("ESIPP [Slow]", func() { jig := sharedfw.NewServiceTestJig(cs, serviceName) nodes := jig.GetNodes(sharedfw.MaxNodesForEndpointsTests) - svc := jig.CreateOnlyLocalLoadBalancerService(namespace, serviceName, loadBalancerCreateTimeout, true, test.CreationAnnotations, nil) + svc := jig.CreateOnlyLocalLoadBalancerService(namespace, serviceName, loadBalancerCreateTimeout, true, test.CreationAnnotations, func(s *v1.Service) { + if test.lbType == "lb" { + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + cloudprovider.ServiceAnnotationLoadBalancerShape: "flexible", + cloudprovider.ServiceAnnotationLoadBalancerShapeFlexMin: "10", + cloudprovider.ServiceAnnotationLoadBalancerShapeFlexMax: "100", + } + } + if test.lbType == "nlb" { + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal: "true", + } + } + }) serviceLBNames = append(serviceLBNames, cloudprovider.GetLoadBalancerName(svc)) defer func() { jig.ChangeServiceType(svc.Namespace, svc.Name, v1.ServiceTypeClusterIP, loadBalancerCreateTimeout) @@ -607,8 +709,9 @@ var _ = Describe("End to end TLS", func() { v1.ServicePort{Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = map[string]string{cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslSecretName, - cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName} - + cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -649,6 +752,122 @@ var _ = Describe("End to end TLS", func() { }) }) +var _ = Describe("CipherSuite tests Loadbalancer TLS", func() { + baseName := "endtoendtls-service" + f := sharedfw.NewDefaultFramework(baseName) + + Context("[cloudprovider][ccm][lb][sslconfig]", func() { + It("should be possible to create and mutate a CipherSuite for Service type:LoadBalancer [Canary]", func() { + serviceName := "e2e-tls-lb-test" + ns := f.Namespace.Name + + jig := sharedfw.NewServiceTestJig(f.ClientSet, serviceName) + + sslSecretName := "ssl-certificate-secret" + _, err := f.ClientSet.CoreV1().Secrets(ns).Create(context.Background(), &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: ns, + Name: sslSecretName, + }, + Data: map[string][]byte{ + cloudprovider.SSLCAFileName: []byte(sharedfw.SSLCAData), + cloudprovider.SSLCertificateFileName: []byte(sharedfw.SSLCertificateData), + cloudprovider.SSLPrivateKeyFileName: []byte(sharedfw.SSLPrivateData), + cloudprovider.SSLPassphrase: []byte(sharedfw.SSLPassphrase), + }, + }, metav1.CreateOptions{}) + sharedfw.ExpectNoError(err) + loadBalancerCreateTimeout := sharedfw.LoadBalancerCreateTimeoutDefault + if nodes := sharedfw.GetReadySchedulableNodesOrDie(f.ClientSet); len(nodes.Items) > sharedfw.LargeClusterMinNodesNumber { + loadBalancerCreateTimeout = sharedfw.LoadBalancerCreateTimeoutLarge + } + + requestedIP := "" + tcpService := jig.CreateTCPServiceOrFail(ns, func(s *v1.Service) { + s.Spec.Type = v1.ServiceTypeLoadBalancer + s.Spec.LoadBalancerIP = requestedIP + s.Spec.Ports = []v1.ServicePort{v1.ServicePort{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, + v1.ServicePort{Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", + cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + cloudprovider.ServiceAnnotationLoadbalancerBackendSetSSLConfig: `{"CipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "Protocols":["TLSv1.2"]}`, + cloudprovider.ServiceAnnotationLoadbalancerListenerSSLConfig: `{"CipherSuiteName":"oci-default-http2-ssl-cipher-suite-v1", "Protocols":["TLSv1.2"]}`} + }) + + svcPort := int(tcpService.Spec.Ports[0].Port) + + By("creating a pod to be part of the TCP service " + serviceName) + jig.RunOrFail(ns, nil) + + By("waiting for the TCP service to have a load balancer") + // Wait for the load balancer to be created asynchronously + tcpService = jig.WaitForLoadBalancerOrFail(ns, tcpService.Name, loadBalancerCreateTimeout) + jig.SanityCheckService(tcpService, v1.ServiceTypeLoadBalancer) + + tcpNodePort := int(tcpService.Spec.Ports[0].NodePort) + sharedfw.Logf("TCP node port: %d", tcpNodePort) + + lbName := cloudprovider.GetLoadBalancerName(tcpService) + sharedfw.Logf("LB Name is %s", lbName) + ctx := context.TODO() + compartmentId := "" + if setupF.Compartment1 != "" { + compartmentId = setupF.Compartment1 + } else if f.CloudProviderConfig.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.CompartmentID + } else if f.CloudProviderConfig.Auth.CompartmentID != "" { + compartmentId = f.CloudProviderConfig.Auth.CompartmentID + } else { + sharedfw.Failf("Compartment Id undefined.") + } + if requestedIP != "" && sharedfw.GetIngressPoint(&tcpService.Status.LoadBalancer.Ingress[0]) != requestedIP { + sharedfw.Failf("unexpected TCP Status.LoadBalancer.Ingress (expected %s, got %s)", requestedIP, sharedfw.GetIngressPoint(&tcpService.Status.LoadBalancer.Ingress[0])) + } + tcpIngressIP := sharedfw.GetIngressPoint(&tcpService.Status.LoadBalancer.Ingress[0]) + sharedfw.Logf("TCP load balancer: %s", tcpIngressIP) + + loadBalancer, err := f.Client.LoadBalancer(zap.L().Sugar(), "lb", "", nil).GetLoadBalancerByName(ctx, compartmentId, lbName) + sharedfw.ExpectNoError(err) + + err = f.WaitForLoadBalancerSSLConfigurationChange(loadBalancer, tcpService) + sharedfw.ExpectNoError(err) + + By("changing the TCP service's CipherSuite and Protocols") + tcpService = jig.UpdateServiceOrFail(ns, tcpService.Name, func(s *v1.Service) { + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", + cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + cloudprovider.ServiceAnnotationLoadbalancerListenerSSLConfig: `{"CipherSuiteName":"oci-tls-13-recommended-ssl-cipher-suite-v1", "Protocols":["TLSv1.3"]}`, + cloudprovider.ServiceAnnotationLoadbalancerBackendSetSSLConfig: `{"CipherSuiteName":"oci-tls-13-recommended-ssl-cipher-suite-v1", "Protocols":["TLSv1.3"]}`, + } + }) + jig.SanityCheckService(tcpService, v1.ServiceTypeLoadBalancer) + + err = f.WaitForLoadBalancerSSLConfigurationChange(loadBalancer, tcpService) + sharedfw.ExpectNoError(err) + + By("changing TCP service back to type=ClusterIP") + tcpService = jig.UpdateServiceOrFail(ns, tcpService.Name, func(s *v1.Service) { + s.Spec.Type = v1.ServiceTypeClusterIP + s.Spec.Ports[0].NodePort = 0 + s.Spec.Ports[1].NodePort = 0 + }) + + // Wait for the load balancer to be destroyed asynchronously + tcpService = jig.WaitForLoadBalancerDestroyOrFail(ns, tcpService.Name, tcpIngressIP, svcPort, loadBalancerCreateTimeout) + jig.SanityCheckService(tcpService, v1.ServiceTypeClusterIP) + + err = f.ClientSet.CoreV1().Secrets(ns).Delete(context.Background(), sslSecretName, metav1.DeleteOptions{}) + sharedfw.ExpectNoError(err) + }) + }) +}) + var _ = Describe("BackendSet only enabled TLS", func() { baseName := "backendset-service" @@ -688,8 +907,9 @@ var _ = Describe("BackendSet only enabled TLS", func() { s.Spec.Ports = []v1.ServicePort{v1.ServicePort{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, v1.ServicePort{Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = map[string]string{cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", - cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName} - + cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -766,9 +986,11 @@ var _ = Describe("Listener only enabled TLS", func() { s.Spec.LoadBalancerIP = requestedIP s.Spec.Ports = []v1.ServicePort{v1.ServicePort{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, v1.ServicePort{Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} - s.ObjectMeta.Annotations = map[string]string{cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", - cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslSecretName} - + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", + cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -858,10 +1080,12 @@ var _ = Describe("End to end enabled TLS - different certificates", func() { s.Spec.LoadBalancerIP = requestedIP s.Spec.Ports = []v1.ServicePort{v1.ServicePort{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, v1.ServicePort{Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} - s.ObjectMeta.Annotations = map[string]string{cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", + s.ObjectMeta.Annotations = map[string]string{ + cloudprovider.ServiceAnnotationLoadBalancerSSLPorts: "443", cloudprovider.ServiceAnnotationLoadBalancerTLSSecret: sslListenerSecretName, - cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslBackendSetSecretName} - + cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret: sslBackendSetSecretName, + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -920,6 +1144,7 @@ var _ = Describe("Configure preservation of source IP in NLB", func() { map[string]string{ cloudprovider.ServiceAnnotationLoadBalancerType: "nlb", cloudprovider.ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "true", + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", }, true, }, @@ -929,6 +1154,7 @@ var _ = Describe("Configure preservation of source IP in NLB", func() { map[string]string{ cloudprovider.ServiceAnnotationLoadBalancerType: "nlb", cloudprovider.ServiceAnnotationNetworkLoadBalancerIsPreserveSource: "false", + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", }, false, }, @@ -955,6 +1181,7 @@ var _ = Describe("Configure preservation of source IP in NLB", func() { {Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = test.annotations s.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -1012,7 +1239,7 @@ var _ = Describe("LB Properties", func() { baseName := "lb-properties" f := sharedfw.NewDefaultFramework(baseName) - Context("[cloudprovider][ccm][lb]", func() { + Context("[cloudprovider][ccm][lb][properties]", func() { healthCheckTestArray := []struct { lbType string @@ -1080,6 +1307,12 @@ var _ = Describe("LB Properties", func() { s.Spec.Ports = []v1.ServicePort{{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, {Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = test.CreationAnnotations + if test.lbType == "lb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" + } + if test.lbType == "nlb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal] = "true" + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -1117,6 +1350,12 @@ var _ = Describe("LB Properties", func() { By("changing TCP service health check config") tcpService = jig.UpdateServiceOrFail(ns, tcpService.Name, func(s *v1.Service) { s.ObjectMeta.Annotations = test.UpdatedAnnotations + if test.lbType == "lb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" + } + if test.lbType == "nlb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal] = "true" + } }) By("waiting upto 5m0s to verify health check config after modification to initial") @@ -1126,6 +1365,12 @@ var _ = Describe("LB Properties", func() { By("changing TCP service health check config - remove annotations") tcpService = jig.UpdateServiceOrFail(ns, tcpService.Name, func(s *v1.Service) { s.ObjectMeta.Annotations = test.RemovedAnnotations + if test.lbType == "lb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" + } + if test.lbType == "nlb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal] = "true" + } }) By("waiting upto 5m0s to verify health check config should fall back to default after removing annotations") @@ -1213,7 +1458,6 @@ var _ = Describe("LB Properties", func() { s.Spec.LoadBalancerIP = requestedIP s.Spec.Ports = []v1.ServicePort{{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, {Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} - }) By("creating a pod to be part of the TCP service " + serviceName) jig.RunOrFail(ns, nil) @@ -1229,6 +1473,7 @@ var _ = Describe("LB Properties", func() { // Setting default values for Min and Max (Does not matter for fixed shape test) cloudprovider.ServiceAnnotationLoadBalancerShapeFlexMin: "10", cloudprovider.ServiceAnnotationLoadBalancerShapeFlexMax: "100", + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", } }) @@ -1303,6 +1548,7 @@ var _ = Describe("LB Properties", func() { {Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = map[string]string{ cloudprovider.ServiceAnnotationLoadBalancerConnectionIdleTimeout: "500", + cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", } }) @@ -1379,8 +1625,8 @@ var _ = Describe("LB Properties", func() { { "nlb", map[string]string{ - cloudprovider.ServiceAnnotationLoadBalancerInternal: "true", - cloudprovider.ServiceAnnotationLoadBalancerType: "nlb", + cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal: "true", + cloudprovider.ServiceAnnotationLoadBalancerType: "nlb", }, cloudprovider.ServiceAnnotationNetworkLoadBalancerNetworkSecurityGroups, }, @@ -1473,6 +1719,12 @@ var _ = Describe("LB Properties", func() { test.Annotations[test.nsgAnnotation] = nsgIds tcpService = jig.UpdateServiceOrFail(ns, tcpService.Name, func(s *v1.Service) { s.ObjectMeta.Annotations = test.Annotations + if test.lbtype == "lb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" + } + if test.lbtype == "nlb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal] = "true" + } }) err = f.WaitForLoadBalancerNSGChange(loadBalancer, t.resultantNsgIds, test.lbtype) sharedfw.ExpectNoError(err) @@ -1548,6 +1800,12 @@ var _ = Describe("LB Properties", func() { s.Spec.Ports = []v1.ServicePort{{Name: "http", Port: 80, TargetPort: intstr.FromInt(80)}, {Name: "https", Port: 443, TargetPort: intstr.FromInt(80)}} s.ObjectMeta.Annotations = test.CreationAnnotations + if test.lbType == "lb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationLoadBalancerInternal] = "true" + } + if test.lbType == "nlb" { + s.ObjectMeta.Annotations[cloudprovider.ServiceAnnotationNetworkLoadBalancerInternal] = "true" + } }) svcPort := int(tcpService.Spec.Ports[0].Port) @@ -1640,6 +1898,7 @@ var _ = Describe("LB Properties", func() { reservedIP := setupF.ReservedIP sharedfw.Logf(reservedIP) + tcpService := jig.CreateTCPServiceOrFail(ns, func(s *v1.Service) { s.Spec.Type = v1.ServiceTypeLoadBalancer s.Spec.LoadBalancerIP = reservedIP @@ -1680,7 +1939,7 @@ var _ = Describe("LB Properties", func() { sharedfw.ExpectNoError(err) By("waiting upto 5m0s to verify whether LB has been created with public reservedIP") - reservedIPOCID, err := f.Client.Networking().GetPublicIpByIpAddress(ctx, reservedIP) + reservedIPOCID, err := f.Client.Networking(nil).GetPublicIpByIpAddress(ctx, reservedIP) sharedfw.Logf("Loadbalancer reserved IP OCID is: %s Expected reserved IP OCID: %s", *loadBalancer.IpAddresses[0].ReservedIp.Id, *reservedIPOCID.Id) Expect(strings.Compare(*loadBalancer.IpAddresses[0].ReservedIp.Id, *reservedIPOCID.Id) == 0).To(BeTrue()) diff --git a/test/e2e/cloud-provider-oci/lustre_static.go b/test/e2e/cloud-provider-oci/lustre_static.go new file mode 100644 index 0000000000..95af9bb838 --- /dev/null +++ b/test/e2e/cloud-provider-oci/lustre_static.go @@ -0,0 +1,64 @@ +// Copyright 2021 Oracle and/or its affiliates. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package e2e + +import ( + . "github.com/onsi/ginkgo" + v1 "k8s.io/api/core/v1" + + "github.com/oracle/oci-cloud-controller-manager/test/e2e/framework" +) + +var _ = Describe("Lustre Static", func() { + f := framework.NewDefaultFramework("lustre-static-e2e") + Context("[lustre]", func() { + + It("Multiple Pods should be able consume same PVC and read, write to same file", func() { + pvcJig := framework.NewPVCTestJig(f.ClientSet, "csi-lustre-e2e-test") + pvVolumeAttributes := map[string]string{"lustreSubnetCidr": setupF.LustreSubnetCidr, "setupLnet": "true"} + + pv := pvcJig.CreatePVorFailLustre(f.Namespace.Name, setupF.LustreVolumeHandle, []string{}, pvVolumeAttributes) + pvc := pvcJig.CreateAndAwaitPVCOrFailStaticLustre(f.Namespace.Name, pv.Name, "50Gi", nil) + f.VolumeIds = append(f.VolumeIds, pvc.Spec.VolumeName) + pvcJig.CheckMultiplePodReadWrite(f.Namespace.Name, pvc.Name, false) + }) + + It("Multiple CSI Drivers (BV, FSS, Lustre) should work in same cluster and be able to handle mount, unmounts", func() { + + //BV + bvPVCJig := framework.NewPVCTestJig(f.ClientSet, "csi-bv-e2e-test") + scName := f.CreateStorageClassOrFail(framework.ClassOCICSI, "blockvolume.csi.oraclecloud.com", nil, bvPVCJig.Labels, "WaitForFirstConsumer", false, "Delete", nil) + bvPVC := bvPVCJig.CreateAndAwaitPVCOrFailCSI(f.Namespace.Name, framework.MinVolumeBlock, scName, nil, v1.PersistentVolumeFilesystem, v1.ReadWriteOnce, v1.ClaimPending) + + //FSS + fssPVCJig := framework.NewPVCTestJig(f.ClientSet, "csi-fss-e2e-test") + fssPV := fssPVCJig.CreatePVorFailFSS(f.Namespace.Name, setupF.VolumeHandle, "false", "ReadWriteMany", "", []string{}) + fssPVC := fssPVCJig.CreateAndAwaitPVCOrFailStaticFSS(f.Namespace.Name, fssPV.Name, "50Gi", nil) + f.VolumeIds = append(f.VolumeIds, fssPVC.Spec.VolumeName) + + //LUSTRE + lusterPVCJig := framework.NewPVCTestJig(f.ClientSet, "csi-lustre-e2e-test") + pvVolumeAttributes := map[string]string{"lustreSubnetCidr": setupF.LustreSubnetCidr, "setupLnet": "true"} + lustrePV := lusterPVCJig.CreatePVorFailLustre(f.Namespace.Name, setupF.LustreVolumeHandle, []string{}, pvVolumeAttributes) + lustrePVC := lusterPVCJig.CreateAndAwaitPVCOrFailStaticLustre(f.Namespace.Name, lustrePV.Name, "50Gi", nil) + f.VolumeIds = append(f.VolumeIds, lustrePVC.Spec.VolumeName) + + bvPVCJig.CheckSinglePodReadWrite(f.Namespace.Name, bvPVC.Name, false, []string{}) + fssPVCJig.CheckSinglePodReadWrite(f.Namespace.Name, fssPVC.Name, false, []string{}) + lusterPVCJig.CheckSinglePodReadWrite(f.Namespace.Name, lustrePVC.Name, false, []string{}) + + }) + }) +}) diff --git a/test/e2e/framework/cloud_provider_framework.go b/test/e2e/framework/cloud_provider_framework.go index 2800af9c80..1d12f5215f 100644 --- a/test/e2e/framework/cloud_provider_framework.go +++ b/test/e2e/framework/cloud_provider_framework.go @@ -21,19 +21,11 @@ import ( "strings" "time" - ocicore "github.com/oracle/oci-go-sdk/v65/core" - snapclientset "github.com/kubernetes-csi/external-snapshotter/client/v6/clientset/versioned" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci" // register oci cloud provider - providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" - "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" - "github.com/oracle/oci-go-sdk/v65/common" - "github.com/oracle/oci-go-sdk/v65/core" "github.com/pkg/errors" "go.uber.org/zap" - v1 "k8s.io/api/core/v1" crdclientset "k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" apierrors "k8s.io/apimachinery/pkg/api/errors" @@ -45,6 +37,14 @@ import ( "k8s.io/client-go/tools/cache" "k8s.io/client-go/tools/clientcmd" cloudprovider "k8s.io/cloud-provider" + + "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci" // register oci cloud provider + providercfg "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci/config" + "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" + "github.com/oracle/oci-go-sdk/v65/common" + "github.com/oracle/oci-go-sdk/v65/containerengine" + "github.com/oracle/oci-go-sdk/v65/core" + ocicore "github.com/oracle/oci-go-sdk/v65/core" ) // CloudProviderFramework is used in the execution of e2e tests. @@ -85,9 +85,13 @@ type CloudProviderFramework struct { // NB: This can fail from the CI when external temrination (e.g. timeouts) occur. cleanupHandle CleanupActionHandle + ClusterType containerengine.ClusterTypeEnum + // Backend Nsg ocids test BackendNsgOcids string RunUhpE2E bool + + OkeClusterK8sVersion string } // NewDefaultFramework constructs a new e2e test CloudProviderFramework with default options. @@ -125,6 +129,11 @@ func NewCcmFramework(baseName string, client clientset.Interface, backup bool) * if k8sSeclistID != "" { f.K8SSecListID = k8sSeclistID } + if strings.ToUpper(clusterType) == "ENHANCED_CLUSTER" { + f.ClusterType = containerengine.ClusterTypeEnhancedCluster + } else { + f.ClusterType = containerengine.ClusterTypeBasicCluster + } if backendNsgIds != "" { f.BackendNsgOcids = backendNsgIds } @@ -286,6 +295,9 @@ func (f *CloudProviderFramework) BeforeEach() { f.BlockStorageClient = f.createStorageClient() f.ComputeClient = f.createComputeClient() } + + k8sVersion, _ := f.ClientSet.Discovery().ServerVersion() + f.OkeClusterK8sVersion = fmt.Sprintf("v%s", k8sVersion) } // AfterEach deletes the namespace(s). @@ -358,7 +370,7 @@ func createOCIClient(cloudProviderConfig *providercfg.Config) (client.Interface, ociClientConfig := common.NewRawConfigurationProvider(cpc.TenancyID, cpc.UserID, cpc.Region, cpc.Fingerprint, cpc.PrivateKey, &cpc.PrivateKeyPassphrase) logger := zap.L() rateLimiter := client.NewRateLimiter(logger.Sugar(), cloudProviderConfig.RateLimiter) - ociClient, err := client.New(logger.Sugar(), ociClientConfig, &rateLimiter) + ociClient, err := client.New(logger.Sugar(), ociClientConfig, &rateLimiter, cloudProviderConfig.Auth.TenancyID) if err != nil { return nil, errors.Wrapf(err, "Couldn't create oci client from configuration: %s.", cloudConfigFile) } diff --git a/test/e2e/framework/deployment_util.go b/test/e2e/framework/deployment_util.go index 3cb33d80d0..d56328ced6 100644 --- a/test/e2e/framework/deployment_util.go +++ b/test/e2e/framework/deployment_util.go @@ -16,15 +16,46 @@ package framework import ( "context" + "time" + appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/utils/pointer" - "time" ) -func (j *PVCTestJig) createDeploymentOnNodeAndWait(command string, pvcName string, ns string, name string, replicas int32, nodeSelectorLabels map[string]string) string { +func (j *PVCTestJig) createDeploymentOnNodeAndWait(command string, pvcName string, ns string, name string, replicas int32, nodeSelectorLabels map[string]string, isRawBlockVolume bool) string { + + var container v1.Container + + if isRawBlockVolume { + container = v1.Container{ + Name: name, + Image: centos, + Command: []string{"/bin/sh"}, + Args: []string{"-c", command}, + VolumeDevices: []v1.VolumeDevice{ + { + Name: "persistent-storage", + DevicePath: "/dev/xvda", + }, + }, + } + } else { + container = v1.Container{ + Name: name, + Image: centos, + Command: []string{"/bin/sh"}, + Args: []string{"-c", command}, + VolumeMounts: []v1.VolumeMount{ + { + Name: "persistent-storage", + MountPath: "/data", + }, + }, + } + } deployment, err := j.KubeClient.AppsV1().Deployments(ns).Create(context.Background(), &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ @@ -45,18 +76,7 @@ func (j *PVCTestJig) createDeploymentOnNodeAndWait(command string, pvcName strin }, Spec: v1.PodSpec{ Containers: []v1.Container{ - { - Name: name, - Image: centos, - Command: []string{"/bin/sh"}, - Args: []string{"-c", command}, - VolumeMounts: []v1.VolumeMount{ - { - Name: "persistent-storage", - MountPath: "/data", - }, - }, - }, + container, }, Volumes: []v1.Volume{ { diff --git a/test/e2e/framework/framework.go b/test/e2e/framework/framework.go index 238ddba901..bf6c2cf68f 100644 --- a/test/e2e/framework/framework.go +++ b/test/e2e/framework/framework.go @@ -21,6 +21,7 @@ import ( "strings" "time" + oke "github.com/oracle/oci-go-sdk/v65/containerengine" imageutils "k8s.io/kubernetes/test/utils/image" ) @@ -87,10 +88,15 @@ var ( reservedIP string // Testing public reserved IP feature architecture string volumeHandle string // The FSS mount volume handle + lustreVolumeHandle string // The Lustre mount volume handle + lustreSubnetCidr string // The Lustre Subnet Cidr staticSnapshotCompartmentOCID string // Compartment ID for cross compartment snapshot test runUhpE2E bool // Whether to run UHP E2Es, requires Volume Management Plugin enabled on the node and 16+ cores (check blockvolumeperformance public doc for the exact requirements) enableParallelRun bool addOkeSystemTags bool + clusterID string // Ocid of the newly created E2E cluster + clusterType string // Cluster type can be BASIC_CLUSTER or ENHANCED_CLUSTER (Default: BASIC_CLUSTER) + clusterTypeEnum oke.ClusterTypeEnum // Enum for OKE Cluster Type ) func init() { @@ -111,6 +117,8 @@ func init() { flag.StringVar(&mntTargetSubnetOCID, "mnt-target-subnet-id", "", "Mount Target Subnet is required for creating storage class for FSS dynamic testing") flag.StringVar(&mntTargetCompartmentOCID, "mnt-target-compartment-id", "", "Mount Target Compartment is required for creating storage class for FSS dynamic testing with cross compartment") flag.StringVar(&volumeHandle, "volume-handle", "", "FSS volume handle used to mount the File System") + flag.StringVar(&lustreVolumeHandle, "lustre-volume-handle", "", "Lustre volume handle used to mount the File System") + flag.StringVar(&lustreSubnetCidr, "lustre-subnet-cidr", "", "Lustre subnet cidr to identify SVNIC in lustre subnet to configure lnet.") flag.StringVar(&imagePullRepo, "image-pull-repo", "", "Repo to pull images from. Will pull public images if not specified.") flag.StringVar(&cmekKMSKey, "cmek-kms-key", "", "KMS key to be used for CMEK testing") @@ -123,12 +131,18 @@ func init() { flag.BoolVar(&runUhpE2E, "run-uhp-e2e", false, "Run UHP E2Es as well") flag.BoolVar(&enableParallelRun, "enable-parallel-run", true, "Enables parallel running of test suite") flag.BoolVar(&addOkeSystemTags, "add-oke-system-tags", false, "Adds oke system tags to new and existing loadbalancers and storage resources") + + flag.StringVar(&clusterType, "cluster-type", "BASIC_CLUSTER", "Cluster type can be BASIC_CLUSTER or ENHANCED_CLUSTER") } // Framework is the context of the text execution. type Framework struct { // The compartment1 the cluster is running in. Compartment1 string + + // Cluster Type + ClusterType oke.ClusterTypeEnum + // Default adLocation AdLocation string @@ -152,6 +166,9 @@ type Framework struct { Architecture string VolumeHandle string + LustreVolumeHandle string + + LustreSubnetCidr string // Compartment ID for cross compartment snapshot test StaticSnapshotCompartmentOcid string @@ -179,9 +196,12 @@ func NewWithConfig() *Framework { NsgOCIDS: nsgOCIDS, ReservedIP: reservedIP, VolumeHandle: volumeHandle, + LustreVolumeHandle: lustreVolumeHandle, + LustreSubnetCidr: lustreSubnetCidr, StaticSnapshotCompartmentOcid: staticSnapshotCompartmentOCID, RunUhpE2E: runUhpE2E, AddOkeSystemTags: addOkeSystemTags, + ClusterType: clusterTypeEnum, } f.CloudConfigPath = cloudConfigFile @@ -214,6 +234,10 @@ func (f *Framework) Initialize() { Logf("OCI Mount Target Compartment OCID: %s", f.MntTargetCompartmentOcid) f.VolumeHandle = volumeHandle Logf("FSS Volume Handle is : %s", f.VolumeHandle) + f.LustreVolumeHandle = lustreVolumeHandle + Logf("Lustre Volume Handle is : %s", f.LustreVolumeHandle) + f.LustreSubnetCidr = lustreSubnetCidr + Logf("Lustre Subnet CIDR is : %s", f.LustreSubnetCidr) f.StaticSnapshotCompartmentOcid = staticSnapshotCompartmentOCID Logf("Static Snapshot Compartment OCID: %s", f.StaticSnapshotCompartmentOcid) f.RunUhpE2E = runUhpE2E @@ -231,6 +255,13 @@ func (f *Framework) Initialize() { f.Compartment1 = compartment1 Logf("OCI compartment1 OCID: %s", f.Compartment1) f.setImages() + if strings.ToUpper(clusterType) == "ENHANCED_CLUSTER" { + clusterTypeEnum = oke.ClusterTypeEnhancedCluster + } else { + clusterTypeEnum = oke.ClusterTypeBasicCluster + } + f.ClusterType = clusterTypeEnum + Logf("Cluster Type: %s", f.ClusterType) f.ClusterKubeconfigPath = clusterkubeconfig f.CloudConfigPath = cloudConfigFile } diff --git a/test/e2e/framework/fss_util.go b/test/e2e/framework/fss_util.go index e08a8cdc71..01b3c3ef2a 100644 --- a/test/e2e/framework/fss_util.go +++ b/test/e2e/framework/fss_util.go @@ -21,7 +21,7 @@ import ( ) func (f *CloudProviderFramework) GetFSIdByDisplayName(ctx context.Context, compartmentId, adLocation, pvName string) (string, error) { - _, fsVolumeSummaryList, err := f.Client.FSS().GetFileSystemSummaryByDisplayName(ctx, compartmentId, adLocation, pvName) + _, fsVolumeSummaryList, err := f.Client.FSS(nil).GetFileSystemSummaryByDisplayName(ctx, compartmentId, adLocation, pvName) if client.IsNotFound(err) { return "", err } @@ -32,7 +32,7 @@ func (f *CloudProviderFramework) GetFSIdByDisplayName(ctx context.Context, compa } func (f *CloudProviderFramework) GetExportsSetIdByMountTargetId(ctx context.Context, mountTargetId string) (string, error) { - mountTarget, err := f.Client.FSS().GetMountTarget(ctx, mountTargetId) + mountTarget, err := f.Client.FSS(nil).GetMountTarget(ctx, mountTargetId) if client.IsNotFound(err) { return "", err } @@ -43,7 +43,7 @@ func (f *CloudProviderFramework) GetExportsSetIdByMountTargetId(ctx context.Cont } func (f *CloudProviderFramework) CheckFSVolumeExist(ctx context.Context, fsId string) bool { - fs, err := f.Client.FSS().GetFileSystem(ctx, fsId) + fs, err := f.Client.FSS(nil).GetFileSystem(ctx, fsId) if client.IsNotFound(err) { return false } @@ -57,7 +57,7 @@ func (f *CloudProviderFramework) CheckFSVolumeExist(ctx context.Context, fsId st } func (f *CloudProviderFramework) CheckExportExists(ctx context.Context, fsId, exportPath, exportSetId string) bool { - export, err := f.Client.FSS().FindExport(ctx, fsId, exportPath, exportSetId) + export, err := f.Client.FSS(nil).FindExport(ctx, fsId, exportPath, exportSetId) if client.IsNotFound(err) { return false } diff --git a/test/e2e/framework/nsg_util.go b/test/e2e/framework/nsg_util.go index b1d3120b12..3aa7f3aaa7 100644 --- a/test/e2e/framework/nsg_util.go +++ b/test/e2e/framework/nsg_util.go @@ -28,11 +28,11 @@ import ( func CountSinglePortRules(oci client.Interface, nsgId string, port int, direction core.SecurityRuleDirectionEnum) int { count := 0 if oci != nil && nsgId != "" { - _, _, err := oci.Networking().GetNetworkSecurityGroup(context.Background(), nsgId) + _, _, err := oci.Networking(nil).GetNetworkSecurityGroup(context.Background(), nsgId) if err != nil { Failf("Could not obtain nsg: %v", err) } - response, err := oci.Networking().ListNetworkSecurityGroupSecurityRules(context.Background(), nsgId, + response, err := oci.Networking(nil).ListNetworkSecurityGroupSecurityRules(context.Background(), nsgId, core.ListNetworkSecurityGroupSecurityRulesDirectionEnum(direction)) filteredRules := []core.SecurityRule{} for _, rule := range response { diff --git a/test/e2e/framework/pod_util.go b/test/e2e/framework/pod_util.go index 0fa5c08205..1da2faf794 100644 --- a/test/e2e/framework/pod_util.go +++ b/test/e2e/framework/pod_util.go @@ -88,6 +88,21 @@ func (j *PVCTestJig) CheckFileExists(namespace string, podName string, dir strin } } +func (j *PVCTestJig) CheckDataInBlockDevice(namespace string, podName string, fileName string) { + By("check if the block device has data") + command := "dd if=/dev/xvda bs=2048 count=1 status=none" + if pollErr := wait.PollImmediate(K8sResourcePoll, DefaultTimeout, func() (bool, error) { + stdout, err := RunHostCmd(namespace, podName, command) + if err != nil { + Logf("got err: %v, retry until timeout", err) + return false, nil + } + return strings.Contains(stdout, fileName), nil + }); pollErr != nil { + Failf("File does not exist in pod '%v'", podName) + } +} + func (j *PVCTestJig) CheckMountOptions(namespace string, podName string, expectedPath string, expectedOptions []string) { By("check if NFS mount options are applied") command := fmt.Sprintf("mount -t nfs") @@ -107,7 +122,22 @@ func (j *PVCTestJig) CheckMountOptions(namespace string, podName string, expecte } return true, nil }); pollErr != nil { - Failf("NFS mount with Mount Options failed in pod '%v'", podName) + Failf("NFS mount with Mount Options failed in pod '%v' with error '%v'", podName, pollErr.Error()) + } +} + +func (j *PVCTestJig) ExtractDataFromBlockDevice(namespace string, podName string, devicePath string, outFile string) { + By("extract data from block device") + command := fmt.Sprintf("dd if=%s count=1 | tr -d '\\000' > %s", devicePath, outFile) + if pollErr := wait.PollImmediate(K8sResourcePoll, DefaultTimeout, func() (bool, error) { + _, err := RunHostCmd(namespace, podName, command) + if err != nil { + Logf("got err: %v, retry until timeout", err) + return false, nil + } + return true, nil + }); pollErr != nil { + Failf("File does not exist in pod '%v'", podName) } } @@ -199,6 +229,23 @@ func (j *PVCTestJig) CheckExpandedVolumeReadWrite(namespace string, podName stri } +// CheckExpandedRawBlockVolumeReadWrite checks a pvc expanded pod with a dymincally provisioned raw block volume +func (j *PVCTestJig) CheckExpandedRawBlockVolumeReadWrite(namespace string, podName string) { + text := fmt.Sprintf("Hello New World") + command := fmt.Sprintf("echo '%s' > /tmp/test.txt; dd if=/tmp/test.txt of=/dev/xvda count=1; dd if=/dev/xvda bs=512 count=1", text) + + if pollErr := wait.PollImmediate(K8sResourcePoll, DefaultTimeout, func() (bool, error) { + stdout, err := RunHostCmd(namespace, podName, command) + if err != nil { + Logf("got err: %v, retry until timeout", err) + return false, nil + } + return strings.Contains(stdout, text), nil + }); pollErr != nil { + Failf("Write Test failed in pod '%v' after expanding pvc", podName) + } +} + // CheckUsableVolumeSizeInsidePod checks a pvc expanded pod with a dymincally provisioned volume func (j *PVCTestJig) CheckUsableVolumeSizeInsidePod(namespace string, podName string, capacity string) { @@ -222,6 +269,36 @@ func (j *PVCTestJig) CheckUsableVolumeSizeInsidePod(namespace string, podName st } +// CheckUsableVolumeSizeInsidePodBlock checks a pvc expanded pod with a dymincally provisioned volume +/* + Example output of `fdisk -l /dev/block`: + + Disk /dev/block: 55 GiB, 59055800320 bytes, 115343360 sectors + Units: sectors of 1 * 512 = 512 bytes + Sector size (logical/physical): 512 bytes / 4096 bytes + I/O size (minimum/optimal): 4096 bytes / 1048576 bytes + + The expression strings.Fields(strings.TrimSpace(stdout))[2] returns "55". +*/ +func (j *PVCTestJig) CheckUsableVolumeSizeInsidePodBlock(namespace string, podName string, capacity string) { + command := fmt.Sprintf("fdisk -l /dev/xvda") + if pollErr := wait.PollImmediate(K8sResourcePoll, DefaultTimeout, func() (bool, error) { + stdout, err := RunHostCmd(namespace, podName, command) + if err != nil { + Logf("got err: %v, retry until timeout", err) + return false, nil + } + if strings.Fields(strings.TrimSpace(stdout))[2] != capacity { + Logf("Expected capacity: %v, got capacity: %v", capacity, strings.Fields(strings.TrimSpace(stdout))[1]) + return false, nil + } else { + return true, nil + } + }); pollErr != nil { + Failf("Check Usable Volume Size Inside Pod Test failed in pod '%v' after expanding pvc", podName) + } +} + // CheckFilesystemTypeOfVolumeInsidePod Checks the volume is provisioned with FsType as requested func (j *PVCTestJig) CheckFilesystemTypeOfVolumeInsidePod(namespace string, podName string, expectedFsType string) { command := fmt.Sprintf("df -Th | grep '/data'") @@ -238,8 +315,46 @@ func (j *PVCTestJig) CheckFilesystemTypeOfVolumeInsidePod(namespace string, podN // CreateAndAwaitNginxPodOrFail returns a pod definition based on the namespace using nginx image func (j *PVCTestJig) CreateAndAwaitNginxPodOrFail(ns string, pvc *v1.PersistentVolumeClaim, command string) string { - By("Creating a pod with the dynamically provisioned volume") + volumeMode := v1.PersistentVolumeFilesystem + if *pvc.Spec.VolumeMode != "" { + volumeMode = *pvc.Spec.VolumeMode + } + + By("Creating a pod with the dynamically provisioned volume or raw block volume") fsGroup := int64(1000) + + // Define the container spec based on volume mode + container := v1.Container{ + Name: "write-pod", + Image: nginx, + Ports: []v1.ContainerPort{ + { + Name: "http-server", + ContainerPort: 80, + }, + }, + Command: []string{"/bin/sh"}, + Args: []string{"-c", command}, + VolumeMounts: []v1.VolumeMount{ + { + Name: "nginx-storage", + MountPath: "/usr/share/nginx/html/", + }, + }, + } + + // Modify container spec for block volume mode + if volumeMode == v1.PersistentVolumeBlock { + container.VolumeMounts = nil + container.VolumeDevices = []v1.VolumeDevice{ + { + Name: "nginx-storage", + DevicePath: "/dev/xvda", + }, + } + } + + // Create the pod pod, err := j.KubeClient.CoreV1().Pods(ns).Create(context.Background(), &v1.Pod{ TypeMeta: metav1.TypeMeta{ Kind: "Pod", @@ -253,26 +368,7 @@ func (j *PVCTestJig) CreateAndAwaitNginxPodOrFail(ns string, pvc *v1.PersistentV SecurityContext: &v1.PodSecurityContext{ FSGroup: &fsGroup, }, - Containers: []v1.Container{ - { - Name: "write-pod", - Image: nginx, - Ports: []v1.ContainerPort{ - { - Name: "http-server", - ContainerPort: 80, - }, - }, - Command: []string{"/bin/sh"}, - Args: []string{"-c", command}, - VolumeMounts: []v1.VolumeMount{ - { - Name: "nginx-storage", - MountPath: "/usr/share/nginx/html/", - }, - }, - }, - }, + Containers: []v1.Container{container}, Volumes: []v1.Volume{ { Name: "nginx-storage", @@ -294,6 +390,7 @@ func (j *PVCTestJig) CreateAndAwaitNginxPodOrFail(ns string, pvc *v1.PersistentV if err != nil { Failf("Pod %q is not Running: %v", pod.Name, err) } + return pod.Name } @@ -369,3 +466,17 @@ func (j *PVCTestJig) GetNodeHostnameFromPod(podName, namespace string) string { hostName := pod.Labels[NodeHostnameLabel] return hostName } + +func (j *PVCTestJig) CheckVolumeOwnership(namespace, podName, mountPath, expectedOwner string) { + cmd := "ls -l " + mountPath + " | awk 'NR==2 { print $4 }'" + cmdOutput, err := RunHostCmd(namespace, podName, cmd) + if err != nil { + Failf("Failed to check volume ownership in pod %q: %v", podName, err) + } + cmdOutput = strings.ReplaceAll(cmdOutput, "\n", "") + if cmdOutput == expectedOwner { + Logf("Verified volume group owner for PV in pod %q is %v", podName, cmdOutput) + } else { + Failf("Actual Volume group ownership: %v and expected ownership: %v is not matching", cmdOutput, expectedOwner) + } +} diff --git a/test/e2e/framework/pvc_util.go b/test/e2e/framework/pvc_util.go index 8ee4259487..5ccf949cf8 100644 --- a/test/e2e/framework/pvc_util.go +++ b/test/e2e/framework/pvc_util.go @@ -53,6 +53,8 @@ const ( DataSourceVolumeSnapshotKind = "VolumeSnapshot" DataSourceVolumeSnapshotAPIGroup = "snapshot.storage.k8s.io" DataSourceVolumePVCKind = "PersistentVolumeClaim" + + FsTypeLustre = "lustre" ) // PVCTestJig is a jig to help create PVC tests. @@ -183,10 +185,10 @@ func (j *PVCTestJig) pvcExpandVolume(claim *v1.PersistentVolumeClaim, size strin return pvc } -// newPVCTemplate returns the default template for this jig, but +// NewPVCTemplate returns the default template for this jig, but // does not actually create the PVC. The default PVC has the same name // as the jig -func (j *PVCTestJig) newPVCTemplate(namespace, volumeSize, scName, adLabel string) *v1.PersistentVolumeClaim { +func (j *PVCTestJig) NewPVCTemplate(namespace, volumeSize, scName, adLabel string) *v1.PersistentVolumeClaim { pvc := j.CreatePVCTemplate(namespace, volumeSize) pvc = j.pvcAddAccessMode(pvc, v1.ReadWriteOnce) pvc = j.pvcAddLabelSelector(pvc, adLabel) @@ -194,10 +196,10 @@ func (j *PVCTestJig) newPVCTemplate(namespace, volumeSize, scName, adLabel strin return pvc } -// newPVCTemplateCSI returns the default template for this jig, but +// NewPVCTemplateCSI returns the default template for this jig, but // does not actually create the PVC. The default PVC has the same name // as the jig -func (j *PVCTestJig) newPVCTemplateCSI(namespace string, volumeSize string, scName string, volumeMode v1.PersistentVolumeMode, accessMode v1.PersistentVolumeAccessMode) *v1.PersistentVolumeClaim { +func (j *PVCTestJig) NewPVCTemplateCSI(namespace string, volumeSize string, scName string, volumeMode v1.PersistentVolumeMode, accessMode v1.PersistentVolumeAccessMode) *v1.PersistentVolumeClaim { pvc := j.CreatePVCTemplate(namespace, volumeSize) pvc = j.pvcAddAccessMode(pvc, accessMode) pvc = j.pvcAddStorageClassName(pvc, scName) @@ -205,6 +207,17 @@ func (j *PVCTestJig) newPVCTemplateCSI(namespace string, volumeSize string, scNa return pvc } +// newPVCTemplateStaticFSS returns the default template for this jig, but +// does not actually create the PVC. The default PVC has the same name +// as the jig +func (j *PVCTestJig) newPVCTemplateStaticLustre(namespace, volumeSize, volumeName string) *v1.PersistentVolumeClaim { + pvc := j.CreatePVCTemplate(namespace, volumeSize) + pvc = j.pvcAddAccessMode(pvc, v1.ReadWriteMany) + pvc = j.pvcAddStorageClassName(pvc, "") + pvc = j.pvcAddVolumeName(pvc, volumeName) + return pvc +} + // newPVCTemplateStaticFSS returns the default template for this jig, but // does not actually create the PVC. The default PVC has the same name // as the jig @@ -216,10 +229,10 @@ func (j *PVCTestJig) newPVCTemplateStaticFSS(namespace, volumeSize, volumeName s return pvc } -// newPVCTemplateDynamicFSS returns the default template for this jig, but +// NewPVCTemplateDynamicFSS returns the default template for this jig, but // does not actually create the PVC. The default PVC has the same name // as the jig -func (j *PVCTestJig) newPVCTemplateDynamicFSS(namespace, volumeSize, scName string) *v1.PersistentVolumeClaim { +func (j *PVCTestJig) NewPVCTemplateDynamicFSS(namespace, volumeSize, scName string) *v1.PersistentVolumeClaim { pvc := j.CreatePVCTemplate(namespace, volumeSize) pvc = j.pvcAddAccessMode(pvc, v1.ReadWriteMany) pvc = j.pvcAddStorageClassName(pvc, scName) @@ -229,11 +242,15 @@ func (j *PVCTestJig) newPVCTemplateDynamicFSS(namespace, volumeSize, scName stri // newPVCTemplateSnapshotRestore returns the default template for this jig, but // does not actually create the PVC. The default PVC has the same name // as the jig -func (j *PVCTestJig) newPVCTemplateSnapshotSource(namespace, volumeSize, scName string, vsName string) *v1.PersistentVolumeClaim { +func (j *PVCTestJig) newPVCTemplateSnapshotSource(namespace, volumeSize, scName string, vsName string, isRawBlockVolume bool) *v1.PersistentVolumeClaim { pvc := j.CreatePVCTemplate(namespace, volumeSize) pvc = j.pvcAddAccessMode(pvc, v1.ReadWriteOnce) pvc = j.pvcAddStorageClassName(pvc, scName) pvc = j.pvcAddDataSource(pvc, vsName) + + if isRawBlockVolume { + pvc = j.pvcAddVolumeMode(pvc, v1.PersistentVolumeBlock) + } return pvc } @@ -286,7 +303,7 @@ func (j *PVCTestJig) UpdatePVCorFail(pvc *v1.PersistentVolumeClaim, tweak func(p // before it is created. func (j *PVCTestJig) CreatePVCorFail(namespace string, volumeSize string, scName string, adLabel string, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { - pvc := j.newPVCTemplate(namespace, volumeSize, scName, adLabel) + pvc := j.NewPVCTemplate(namespace, volumeSize, scName, adLabel) return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) } @@ -295,7 +312,7 @@ func (j *PVCTestJig) CreatePVCorFail(namespace string, volumeSize string, scName // before it is created. func (j *PVCTestJig) CreatePVCorFailCSI(namespace string, volumeSize string, scName string, tweak func(pvc *v1.PersistentVolumeClaim), volumeMode v1.PersistentVolumeMode, accessMode v1.PersistentVolumeAccessMode) *v1.PersistentVolumeClaim { - pvc := j.newPVCTemplateCSI(namespace, volumeSize, scName, volumeMode, accessMode) + pvc := j.NewPVCTemplateCSI(namespace, volumeSize, scName, volumeMode, accessMode) return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) } @@ -313,21 +330,29 @@ func (j *PVCTestJig) CreatePVCorFailStaticFSS(namespace, volumeName, volumeSize return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) } +// CreatePVCorFailStaticLustre creates a new claim based on the jig's +// defaults. Callers can provide a function to tweak the claim object +// before it is created. +func (j *PVCTestJig) CreatePVCorFailStaticLustre(namespace, volumeName, volumeSize string, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { + pvc := j.newPVCTemplateStaticLustre(namespace, volumeSize, volumeName) + return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) +} + // CreatePVCorFailDynamicFSS creates a new claim based on the jig's // defaults. Callers can provide a function to tweak the claim object // before it is created. func (j *PVCTestJig) CreatePVCorFailDynamicFSS(namespace, volumeSize string, scName string, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { - pvc := j.newPVCTemplateDynamicFSS(namespace, volumeSize, scName) + pvc := j.NewPVCTemplateDynamicFSS(namespace, volumeSize, scName) return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) } // CreatePVCorFailSnapshotSource creates a new claim based on the jig's // defaults. Callers can provide a function to tweak the claim object // before it is created. -func (j *PVCTestJig) CreatePVCorFailSnapshotSource(namespace, volumeSize string, scName string, vsName string, +func (j *PVCTestJig) CreatePVCorFailSnapshotSource(namespace, volumeSize string, scName string, vsName string, isRawBlockVolume bool, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { - pvc := j.newPVCTemplateSnapshotSource(namespace, volumeSize, scName, vsName) + pvc := j.newPVCTemplateSnapshotSource(namespace, volumeSize, scName, vsName, isRawBlockVolume) return j.CheckPVCorFail(pvc, tweak, namespace, volumeSize) } @@ -378,6 +403,15 @@ func (j *PVCTestJig) CreateAndAwaitPVCOrFailStaticFSS(namespace, volumeName, vol return j.CheckAndAwaitPVCOrFail(pvc, namespace, v1.ClaimBound) } +// CreateAndAwaitPVCOrFailStaticLustre creates a new PVC based on the +// jig's defaults, waits for it to become ready, and then sanity checks it and +// its dependant resources. Callers can provide a function to tweak the +// PVC object before it is created. +func (j *PVCTestJig) CreateAndAwaitPVCOrFailStaticLustre(namespace, volumeName, volumeSize string, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { + pvc := j.CreatePVCorFailStaticLustre(namespace, volumeName, volumeSize, tweak) + return j.CheckAndAwaitPVCOrFail(pvc, namespace, v1.ClaimBound) +} + // CreateAndAwaitPVCOrFailCSI creates a new PVC based on the // jig's defaults, waits for it to become ready, and then sanity checks it and // its dependant resources. Callers can provide a function to tweak the @@ -409,8 +443,8 @@ func (j *PVCTestJig) CreateAndAwaitPVCOrFailDynamicFSS(namespace, volumeSize, sc // its dependant resources. Callers can provide a function to tweak the // PVC object before it is created. func (j *PVCTestJig) CreateAndAwaitPVCOrFailSnapshotSource(namespace, volumeSize, scName string, - vsName string, phase v1.PersistentVolumeClaimPhase, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { - pvc := j.CreatePVCorFailSnapshotSource(namespace, volumeSize, scName, vsName, tweak) + vsName string, phase v1.PersistentVolumeClaimPhase, isRawBlockVolume bool, tweak func(pvc *v1.PersistentVolumeClaim)) *v1.PersistentVolumeClaim { + pvc := j.CreatePVCorFailSnapshotSource(namespace, volumeSize, scName, vsName, isRawBlockVolume, tweak) return j.CheckAndAwaitPVCOrFail(pvc, namespace, phase) } @@ -506,15 +540,16 @@ func (j *PVCTestJig) pvAddMountOptions(pv *v1.PersistentVolume, // newPVTemplateFSS returns the default template for this jig, but // does not actually create the PV. The default PV has the same name // as the jig -func (j *PVCTestJig) newPVTemplateFSS(namespace, volumeHandle, enableIntransitEncrypt string, mountOptions []string) *v1.PersistentVolume { +func (j *PVCTestJig) newPVTemplateFSS(namespace, volumeHandle, enableIntransitEncrypt, accessMode, fsType string, mountOptions []string) *v1.PersistentVolume { pv := j.CreatePVTemplate(namespace, "fss.csi.oraclecloud.com", "", "Retain") pv = j.pvAddVolumeMode(pv, v1.PersistentVolumeFilesystem) - pv = j.pvAddAccessMode(pv, "ReadWriteMany") + pv = j.pvAddAccessMode(pv, v1.PersistentVolumeAccessMode(accessMode)) pv = j.pvAddMountOptions(pv, mountOptions) pv = j.pvAddPersistentVolumeSource(pv, v1.PersistentVolumeSource{ CSI: &v1.CSIPersistentVolumeSource{ Driver: driver.FSSDriverName, VolumeHandle: volumeHandle, + FSType: fsType, VolumeAttributes: map[string]string{ "encryptInTransit": enableIntransitEncrypt, }, @@ -524,6 +559,27 @@ func (j *PVCTestJig) newPVTemplateFSS(namespace, volumeHandle, enableIntransitEn return pv } +// newPVTemplateLustre returns the default template for this jig, but +// does not actually create the PV. The default PV has the same name +// as the jig +func (j *PVCTestJig) newPVTemplateLustre(namespace, volumeHandle string, mountOptions []string, pvVolumeAttributes map[string]string) *v1.PersistentVolume { + pv := j.CreatePVTemplate(namespace, driver.LustreDriverName, "", "Retain") + pv = j.pvAddVolumeMode(pv, v1.PersistentVolumeFilesystem) + pv = j.pvAddAccessMode(pv, v1.ReadWriteMany) + pv = j.pvAddMountOptions(pv, mountOptions) + + pv = j.pvAddPersistentVolumeSource(pv, v1.PersistentVolumeSource{ + CSI: &v1.CSIPersistentVolumeSource{ + Driver: driver.LustreDriverName, + VolumeHandle: volumeHandle, + FSType: FsTypeLustre, + VolumeAttributes: pvVolumeAttributes, + }, + }) + + return pv +} + // newPVTemplateCSI returns the default template for this jig, but // does not actually create the PV. The default PV has the same name // as the jig @@ -562,8 +618,21 @@ func (j *PVCTestJig) newPVTemplateCSIHighPerf(namespace string, scName string, o // CreatePVForFSSorFail creates a new claim based on the jig's // defaults. Callers can provide a function to tweak the claim object // before it is created. -func (j *PVCTestJig) CreatePVorFailFSS(namespace, volumeHandle, encryptInTransit string, mountOptions []string) *v1.PersistentVolume { - pv := j.newPVTemplateFSS(namespace, volumeHandle, encryptInTransit, mountOptions) +func (j *PVCTestJig) CreatePVorFailFSS(namespace, volumeHandle, encryptInTransit, accessMode, fsType string, mountOptions []string) *v1.PersistentVolume { + pv := j.newPVTemplateFSS(namespace, volumeHandle, encryptInTransit, accessMode, fsType, mountOptions) + + result, err := j.KubeClient.CoreV1().PersistentVolumes().Create(context.Background(), pv, metav1.CreateOptions{}) + if err != nil { + Failf("Failed to create persistent volume claim %q: %v", pv.Name, err) + } + return result +} + +// CreatePVorFailLustre creates a new claim based on the jig's +// defaults. Callers can provide a function to tweak the claim object +// before it is created. +func (j *PVCTestJig) CreatePVorFailLustre(namespace, volumeHandle string, mountOptions []string, pvVolumeAttributes map[string]string) *v1.PersistentVolume { + pv := j.newPVTemplateLustre(namespace, volumeHandle, mountOptions, pvVolumeAttributes) result, err := j.KubeClient.CoreV1().PersistentVolumes().Create(context.Background(), pv, metav1.CreateOptions{}) if err != nil { @@ -630,11 +699,77 @@ func (j *PVCTestJig) DeleteVolume(bs ocicore.BlockstorageClient, volId string) { } } -// newPODTemplate returns the default template for this jig, -// creates the Pod. Attaches PVC to the Pod which is created by CSI -func (j *PVCTestJig) NewPodForCSI(name string, namespace string, claimName string, adLabel string) string { +// NewPodForCSI creates a pod with the specified volume mode, using the CentOS image for both cases. +func (j *PVCTestJig) NewPodForCSI(name string, namespace string, claimName string, adLabel string, volumeMode v1.PersistentVolumeMode) string { + + if volumeMode == "" { + volumeMode = v1.PersistentVolumeFilesystem + } + By("Creating a pod with the claiming PVC created by CSI") + var containers []v1.Container + var volumes []v1.Volume + var args []string + + // Determine Args and configuration based on volumeMode + switch volumeMode { + case v1.PersistentVolumeFilesystem: + args = []string{"-c", "echo 'Hello World' > /data/testdata.txt; while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"} + containers = []v1.Container{ + { + Name: name, + Image: centos, + Command: []string{"/bin/sh"}, + Args: args, + VolumeMounts: []v1.VolumeMount{ + { + Name: "persistent-storage", + MountPath: "/data", + }, + }, + }, + } + volumes = []v1.Volume{ + { + Name: "persistent-storage", + VolumeSource: v1.VolumeSource{ + PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ + ClaimName: claimName, + }, + }, + }, + } + case v1.PersistentVolumeBlock: + args = []string{"-c", "echo 'Hello World' > /tmp/test.txt; dd if=/tmp/test.txt of=/dev/xvda count=1; while true; do sleep 5; done"} + containers = []v1.Container{ + { + Name: name, + Image: centos, + Command: []string{"/bin/sh"}, + Args: args, + VolumeDevices: []v1.VolumeDevice{ + { + Name: "persistent-storage", + DevicePath: "/dev/xvda", + }, + }, + }, + } + volumes = []v1.Volume{ + { + Name: "persistent-storage", + VolumeSource: v1.VolumeSource{ + PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ + ClaimName: claimName, + }, + }, + }, + } + default: + Failf("Unsupported volumeMode: %s", volumeMode) + } + pod, err := j.KubeClient.CoreV1().Pods(namespace).Create(context.Background(), &v1.Pod{ TypeMeta: metav1.TypeMeta{ Kind: "Pod", @@ -645,30 +780,8 @@ func (j *PVCTestJig) NewPodForCSI(name string, namespace string, claimName strin Namespace: namespace, }, Spec: v1.PodSpec{ - Containers: []v1.Container{ - { - Name: name, - Image: centos, - Command: []string{"/bin/sh"}, - Args: []string{"-c", "echo 'Hello World' > /data/testdata.txt; while true; do echo $(date -u) >> /data/out.txt; sleep 5; done"}, - VolumeMounts: []v1.VolumeMount{ - { - Name: "persistent-storage", - MountPath: "/data", - }, - }, - }, - }, - Volumes: []v1.Volume{ - { - Name: "persistent-storage", - VolumeSource: v1.VolumeSource{ - PersistentVolumeClaim: &v1.PersistentVolumeClaimVolumeSource{ - ClaimName: claimName, - }, - }, - }, - }, + Containers: containers, + Volumes: volumes, NodeSelector: map[string]string{ plugin.LabelZoneFailureDomain: adLabel, }, @@ -742,9 +855,37 @@ func (j *PVCTestJig) NewPodWithLabels(name string, namespace string, claimName s return pod.Name } -func (j *PVCTestJig) NewPodForCSIClone(name string, namespace string, claimName string, adLabel string) string { +// NewPodForCSIClone creates a pod with the specified volume type (filesystem or block). +func (j *PVCTestJig) NewPodForCSIClone(name string, namespace string, claimName string, adLabel string, volumeType v1.PersistentVolumeMode) string { + if volumeType == "" { + volumeType = v1.PersistentVolumeFilesystem + } + By("Creating a pod with the claiming PVC created by CSI") + // Define the container spec based on volume type + container := v1.Container{ + Name: name, + Image: nginx, + VolumeMounts: []v1.VolumeMount{ + { + Name: "persistent-storage", + MountPath: "/data", + }, + }, + } + + // Define volume devices for block volume mode + if volumeType == v1.PersistentVolumeBlock { + container.VolumeMounts = nil + container.VolumeDevices = []v1.VolumeDevice{ + { + Name: "persistent-storage", + DevicePath: "/dev/xvda", + }, + } + } + pod, err := j.KubeClient.CoreV1().Pods(namespace).Create(context.Background(), &v1.Pod{ TypeMeta: metav1.TypeMeta{ Kind: "Pod", @@ -755,18 +896,7 @@ func (j *PVCTestJig) NewPodForCSIClone(name string, namespace string, claimName Namespace: namespace, }, Spec: v1.PodSpec{ - Containers: []v1.Container{ - { - Name: name, - Image: nginx, - VolumeMounts: []v1.VolumeMount{ - { - Name: "persistent-storage", - MountPath: "/data", - }, - }, - }, - }, + Containers: []v1.Container{container}, Volumes: []v1.Volume{ { Name: "persistent-storage", @@ -1047,7 +1177,7 @@ func (j *PVCTestJig) SanityCheckPV(pvc *v1.PersistentVolumeClaim) { claimCapacity := pvc.Spec.Resources.Requests[v1.ResourceStorage] Expect(pvCapacity.Value()).To(Equal(claimCapacity.Value()), "pvCapacity is not equal to expectedCapacity") - if strings.HasPrefix(pvc.Name, "csi-fss") { + if strings.HasPrefix(pvc.Name, "csi-fss") || strings.HasPrefix(pvc.Name, "csi-lustre") { expectedAccessModes := []v1.PersistentVolumeAccessMode{v1.ReadWriteMany} Expect(pv.Spec.AccessModes).To(Equal(expectedAccessModes)) } else { @@ -1261,17 +1391,17 @@ func (j *PVCTestJig) CheckAttachmentTypeAndEncryptionType(compute client.Compute // CheckEncryptionType verifies encryption type func (j *PVCTestJig) CheckEncryptionType(namespace, podName string) { By("Checking encryption type") - dfCommand := "df | grep data" + dfCommand := "mount | grep data" // This test is written this way, since the only way to verify if in-transit encryption is present on FSS is by checking the df command on the pod - // and if the IP starts with 192.x.x.x is present on the FSS mount + // and if the IP starts with 192.x.x.x or fd40:: is present on the FSS mount output, err := RunHostCmd(namespace, podName, dfCommand) if err != nil || output == "" { Failf("kubectl exec failed or output is nil") } - ipStart192 := output[0:3] - if ipStart192 == "192" { + ipStart := output[0:5] + if strings.HasPrefix(ipStart, "192") || strings.HasPrefix(ipStart, "[fd40") { Logf("FSS has in-transit encryption %s", output) } else { Failf("FSS does not have in-transit encryption") @@ -1294,8 +1424,10 @@ func (j *PVCTestJig) CheckSinglePodReadWrite(namespace string, pvcName string, c By("check if the file exists") j.CheckFileExists(namespace, podName, "/data", fileName) - By("Check Mount Options") - j.CheckMountOptions(namespace, podName, "/data", expectedMountOptions) + if strings.HasPrefix(pvcName, "csi-fss") { + By("Check NFS Mount Options") + j.CheckMountOptions(namespace, podName, "/data", expectedMountOptions) + } By("Creating Pod that can read contents of existing file") readPodName := j.NewPodForCSIFSSRead(string(uid), namespace, pvcName, fileName, checkEncryption) @@ -1336,7 +1468,39 @@ func (j *PVCTestJig) CheckMultiplePodReadWrite(namespace string, pvcName string, j.NewPodForCSIFSSRead(string(uuid2), namespace, pvcName, fileName, checkEncryption) } +type PodCommands struct { + podRunning string + dataWritten string + write string + read string + isRawBlockVolume bool +} + func (j *PVCTestJig) CheckDataPersistenceWithDeployment(pvcName string, ns string) { + dataWritten := "Data written" + commands := PodCommands{ + podRunning: " while true; do true; done;", + dataWritten: dataWritten, + write: "echo \"" + dataWritten + "\" >> /data/out.txt;", + read: "cat /data/out.txt", + isRawBlockVolume: false, + } + j.CheckDataPersistenceWithDeploymentImpl(pvcName, ns, commands) +} + +func (j *PVCTestJig) CheckDataPersistenceForRawBlockVolumeWithDeployment(pvcName string, ns string) { + dataWritten := "Hello CSI Tester for RBV" + commands := PodCommands{ + podRunning: " while true; do true; done;", + dataWritten: dataWritten, + write: "echo \"" + dataWritten + "\" > /tmp/test.txt; dd if=/tmp/test.txt of=/dev/xvda count=1;", + read: "dd if=/dev/xvda bs=512 count=1", + isRawBlockVolume: true, + } + j.CheckDataPersistenceWithDeploymentImpl(pvcName, ns, commands) +} + +func (j *PVCTestJig) CheckDataPersistenceWithDeploymentImpl(pvcName string, ns string, podCommands PodCommands) { nodes, err := j.KubeClient.CoreV1().Nodes().List(context.Background(), metav1.ListOptions{}) if err != nil { @@ -1370,13 +1534,8 @@ func (j *PVCTestJig) CheckDataPersistenceWithDeployment(pvcName string, ns strin podRunningCommand := " while true; do true; done;" - dataWritten := "Data written" - - writeCommand := "echo \"" + dataWritten + "\" >> /data/out.txt;" - readCommand := "cat /data/out.txt" - By("Creating a deployment") - deploymentName := j.createDeploymentOnNodeAndWait(podRunningCommand, pvcName, ns, "data-persistence-deployment", 1, nodeSelectorLabels) + deploymentName := j.createDeploymentOnNodeAndWait(podRunningCommand, pvcName, ns, "data-persistence-deployment", 1, nodeSelectorLabels, podCommands.isRawBlockVolume) deployment, err := j.KubeClient.AppsV1().Deployments(ns).Get(context.Background(), deploymentName, metav1.GetOptions{}) @@ -1394,7 +1553,7 @@ func (j *PVCTestJig) CheckDataPersistenceWithDeployment(pvcName string, ns strin podName := pods.Items[0].Name By("Writing to the volume using the pod") - _, err = RunHostCmd(ns, podName, writeCommand) + _, err = RunHostCmd(ns, podName, podCommands.write) if err != nil { Failf("Error executing write command a pod: %v", err) @@ -1430,14 +1589,14 @@ func (j *PVCTestJig) CheckDataPersistenceWithDeployment(pvcName string, ns strin podName = pods.Items[0].Name By("Reading from the volume using the pod and checking data integrity") - output, err := RunHostCmd(ns, podName, readCommand) + output, err := RunHostCmd(ns, podName, podCommands.read) if err != nil { Failf("Error executing write command a pod: %v", err) } - if dataWritten != strings.TrimSpace(output) { - Failf("Written data not found on the volume, written: %v, found: %v", dataWritten, strings.TrimSpace(output)) + if !strings.Contains(strings.TrimSpace(output), podCommands.dataWritten) { + Failf("Written data not found on the volume, written: %v, found: %v\n", podCommands.dataWritten, strings.TrimSpace(output)) } } @@ -1637,3 +1796,70 @@ func (j *PVCTestJig) GetVolumeNameFromPVC(pvcName string, ns string) string { Logf("Found pvc %s bound to pv %s", pvcName, pvName) return pvName } + +func (j *PVCTestJig) newServiceAccountTemplate(namespace, name string) *v1.ServiceAccount { + serviceAccount := &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Namespace: namespace, + Name: name, + }, + } + return serviceAccount +} + +// CreateServiceAccountOrFail creates a new Service Account based on the default SA template +// in the namespace and with a name provided by the caller. +// Callers can provide a function to tweak the Service object before it is created. +func (j *PVCTestJig) CreateServiceAccountOrFail(namespace, name string) *v1.ServiceAccount { + sa := j.newServiceAccountTemplate(namespace, name) + + result, err := j.KubeClient.CoreV1().ServiceAccounts(namespace).Get(context.Background(), name, metav1.GetOptions{}) + if err == nil { + return result + } + + result, err = j.KubeClient.CoreV1().ServiceAccounts(namespace).Create(context.Background(), sa, metav1.CreateOptions{}) + if err != nil { + Failf("Failed to create Service Account %q: %v", sa.Name, err) + } + return result +} + +func (j *PVCTestJig) newSecretTemplate(secretName, namespace, saName string) *v1.Secret { + secret := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretName, + Namespace: namespace, + }, + Data: map[string][]byte{ + "serviceAccount": []byte(saName), + "serviceAccountNamespace": []byte(namespace), + }, + Type: v1.SecretTypeOpaque, + } + return secret +} + +func (j *PVCTestJig) CreateSecret(secretName, saName, saNamespace string) error { + + secret := j.newSecretTemplate(secretName, saNamespace, saName) + + _, err := j.KubeClient.CoreV1().Secrets(saNamespace).Create(context.Background(), secret, metav1.CreateOptions{}) + if err != nil { + return fmt.Errorf("failed to create secret: %v", err) + } + fmt.Printf("Secret %s created in namespace %s\n", secretName, saNamespace) + return nil +} + +func (j *PVCTestJig) GetOcidFromPV(pv v1.PersistentVolume) string { + pvSource := pv.Spec.PersistentVolumeSource + + if pvSource.CSI != nil { + return pvSource.CSI.VolumeHandle + } + if pvSource.FlexVolume != nil { + return pv.Name + } + return "" +} diff --git a/test/e2e/framework/seclist_util.go b/test/e2e/framework/seclist_util.go index 2782e1bf0e..fe057a7fa6 100644 --- a/test/e2e/framework/seclist_util.go +++ b/test/e2e/framework/seclist_util.go @@ -36,7 +36,7 @@ func CountSinglePortSecListRules(oci client.Interface, egressSecListID, ingressS func CountEgressSinglePortRules(oci client.Interface, seclistID string, port int) int { count := 0 if oci != nil && seclistID != "" { - secList, err := oci.Networking().GetSecurityList(context.Background(), seclistID) + secList, err := oci.Networking(nil).GetSecurityList(context.Background(), seclistID) if err != nil { Failf("Could not obtain security list: %v", err) } @@ -91,7 +91,7 @@ func WaitForSinglePortEgressRulesAfterPortChangeOrFail(oci client.Interface, sec func CountIngressSinglePortRules(oci client.Interface, seclistID string, port int) int { count := 0 if oci != nil && seclistID != "" { - secList, err := oci.Networking().GetSecurityList(context.Background(), seclistID) + secList, err := oci.Networking(nil).GetSecurityList(context.Background(), seclistID) if err != nil { Failf("Could not obtain security list: %v", err) } diff --git a/test/e2e/framework/service_account_util.go b/test/e2e/framework/service_account_util.go index f92cd7c4d7..ea7bfdcc64 100644 --- a/test/e2e/framework/service_account_util.go +++ b/test/e2e/framework/service_account_util.go @@ -55,3 +55,25 @@ func (j *ServiceTestJig) CreateServiceAccountOrFail(namespace, name string, twea } return result } + +// SetServiceOwnerReferenceOnServiceAccountOrFail sets Owner reference for parent Service in Service Account +func (j *ServiceTestJig) SetServiceOwnerReferenceOnServiceAccountOrFail(namespace string, serviceAccount *v1.ServiceAccount, svc *v1.Service) *v1.ServiceAccount { + + // Create new Owner Reference with given service as parent + ownerRef := metav1.OwnerReference{ + Kind: "Service", + Name: svc.Name, + APIVersion: "v1", + UID: svc.UID, + } + + // Update owner references slice + serviceAccount.OwnerReferences = append(serviceAccount.OwnerReferences, ownerRef) + + // Update service account with new owner reference + serviceAccount, err := j.Client.CoreV1().ServiceAccounts(namespace).Update(context.Background(), serviceAccount, metav1.UpdateOptions{}) + if err != nil { + Failf("Failed to update service Owner Reference on Service Account %q: %v", serviceAccount.Name, err) + } + return serviceAccount +} diff --git a/test/e2e/framework/service_util.go b/test/e2e/framework/service_util.go index d653664ab7..5891bad422 100644 --- a/test/e2e/framework/service_util.go +++ b/test/e2e/framework/service_util.go @@ -19,6 +19,7 @@ import ( "context" "fmt" "net" + "reflect" "sort" "strconv" "strings" @@ -26,10 +27,10 @@ import ( . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" - gerrors "github.com/pkg/errors" - cloudprovider "github.com/oracle/oci-cloud-controller-manager/pkg/cloudprovider/providers/oci" "github.com/oracle/oci-cloud-controller-manager/pkg/oci/client" + gerrors "github.com/pkg/errors" + "go.uber.org/zap" v1 "k8s.io/api/core/v1" policyv1beta1 "k8s.io/api/policy/v1beta1" @@ -98,6 +99,9 @@ const ( // OCI LB NSG Update Timeout OCILBNSGUpdateTimeout = 5 * time.Minute + + // SSL config update timeout + OCISSLConfigUpdateTimeout = 10 * time.Minute ) // This should match whatever the default/configured range is @@ -263,10 +267,10 @@ func (j *ServiceTestJig) CreateOnlyLocalLoadBalancerService(namespace, serviceNa // We need to turn affinity off for our LB distribution tests svc.Spec.SessionAffinity = v1.ServiceAffinityNone svc.Spec.ExternalTrafficPolicy = v1.ServiceExternalTrafficPolicyTypeLocal + svc.ObjectMeta.Annotations = creationAnnotations if tweak != nil { tweak(svc) } - svc.ObjectMeta.Annotations = creationAnnotations }) if createPod { @@ -697,6 +701,40 @@ func (j *ServiceTestJig) RunOrFail(namespace string, tweak func(rc *v1.Replicati return result } +// UpdateReplicationControllerOrFail - updates the given replication controller and waits for the desired Pods +func (j *ServiceTestJig) UpdateReplicationControllerOrFail(namespace, name string, update func(controller *v1.ReplicationController)) *v1.ReplicationController { + rc, err := j.updateReplicationController(namespace, name, update) + if err != nil { + Failf(err.Error()) + } + pods, err := j.waitForPodsCreated(namespace, int(*(rc.Spec.Replicas))) + if err != nil { + Failf("Failed to create pods: %v", err) + } + if err := j.waitForPodsReady(namespace, pods); err != nil { + Failf("Failed waiting for pods to be running: %v", err) + } + return rc +} + +func (j *ServiceTestJig) updateReplicationController(namespace, name string, update func(controller *v1.ReplicationController)) (*v1.ReplicationController, error) { + for i := 0; i < 3; i++ { + rc, err := j.Client.CoreV1().ReplicationControllers(namespace).Get(context.Background(), name, metav1.GetOptions{}) + if err != nil { + return nil, fmt.Errorf("Failed to get Replication Controller %q: %v", name, err) + } + update(rc) + rc, err = j.Client.CoreV1().ReplicationControllers(namespace).Update(context.Background(), rc, metav1.UpdateOptions{}) + if err == nil { + return rc, nil + } + if !errors.IsConflict(err) && !errors.IsServerTimeout(err) { + return nil, fmt.Errorf("Failed to update Replication Controller %q: %v", name, err) + } + } + return nil, fmt.Errorf("Too many retries updating Replication Controller %q", name) +} + func (j *ServiceTestJig) waitForPdbReady(namespace string) error { timeout := 2 * time.Minute for start := time.Now(); time.Since(start) < timeout; time.Sleep(2 * time.Second) { @@ -867,6 +905,40 @@ func (f *CloudProviderFramework) VerifyHealthCheckConfig(loadBalancerId string, return gerrors.Errorf("Timeout waiting for Health check config to be as expected.") } +func (f *CloudProviderFramework) VerifyProxyProtocolV2(loadBalancerId string, lbtype string, expectPpv2 bool) error { + for start := time.Now(); time.Since(start) < 5*time.Minute; time.Sleep(5 * time.Second) { + loadBalancer, err := f.Client.LoadBalancer(zap.L().Sugar(), lbtype, "", nil).GetLoadBalancer(context.TODO(), loadBalancerId) + if err != nil { + return err + } + success := testProxyProtocolV2(loadBalancer, lbtype, expectPpv2) + if err != nil { + return err + } + if success { + Logf("Proxy Protocol matches expected config.") + return nil + } + Logf("Proxy Protocol did not match expected - will retry") + } + return gerrors.Errorf("Timeout waiting for Proxy Protocol to be as expected.") +} + +func testProxyProtocolV2(loadBalancer *client.GenericLoadBalancer, lbtype string, expectPpv2 bool) (expected bool) { + for _, l := range loadBalancer.Listeners { + if lbtype == "nlb" { + if expectPpv2 != *l.IsPpv2Enabled { + return false + } + } else { + if expectPpv2 != (*l.ConnectionConfiguration.BackendTcpProxyProtocolVersion == 2) { + return false + } + } + } + return true +} + // WaitForLoadBalancerNSGChange polls for validating the associated NSGs // to be the same as the spec func (f *CloudProviderFramework) WaitForLoadBalancerNSGChange(lb *client.GenericLoadBalancer, nsgIds []string, lbtype string) error { @@ -886,6 +958,21 @@ func (f *CloudProviderFramework) WaitForLoadBalancerNSGChange(lb *client.Generic return nil } +// WaitForLoadBalancerSSLConfigurationChange polls for validating the associated Listener SSL config to be the same as the spec +func (f *CloudProviderFramework) WaitForLoadBalancerSSLConfigurationChange(lb *client.GenericLoadBalancer, service *v1.Service) error { + condition := func() (bool, error) { + updatedLB, err := f.Client.LoadBalancer(zap.L().Sugar(), "lb", "", nil).GetLoadBalancer(context.TODO(), *lb.Id) + if err != nil { + return false, err + } + return ValidateSSLConfiguration(service, updatedLB) + } + if err := wait.Poll(15*time.Second, OCISSLConfigUpdateTimeout, condition); err != nil { + return fmt.Errorf("Failed to update SSLconfiguration, error: %s", err.Error()) + } + return nil +} + // WaitForLoadBalancerShapeChange polls for the shape of the LB // to be the same as the spec func (f *CloudProviderFramework) WaitForLoadBalancerShapeChange(lb *client.GenericLoadBalancer, shape, fMin, fMax string) error { @@ -1249,3 +1336,94 @@ func testLoadBalancerPolicy(loadBalancer *client.GenericLoadBalancer, loadbalanc } return true, nil } + +func prettifyBackendSetsMap(backendSets map[string]client.GenericBackendSetDetails) (backendSetMap map[string][]string) { + backendSetMap = make(map[string][]string) + + for _, backendSet := range backendSets { + var backendsList []string + for _, backend := range backendSet.Backends { + backendsList = append(backendsList, *backend.IpAddress) + } + backendSetMap[*backendSet.Name] = backendsList + } + return +} + +func prettifyIpMap(backendSets map[string]interface{}) (backends []string) { + for backend, _ := range backendSets { + backends = append(backends, backend) + } + return +} + +func ValidateSSLConfiguration(tcpService *v1.Service, loadBalancer *client.GenericLoadBalancer) (bool, error) { + var sslConfig *cloudprovider.SSLConfig + sslEnabledPorts, err := cloudprovider.GetSSLEnabledPorts(tcpService) + if err != nil { + + return false, fmt.Errorf("Unable to get SSL Enabled Ports for the service: %v", tcpService.Name) + } + secretListenerString := tcpService.Annotations[cloudprovider.ServiceAnnotationLoadBalancerTLSSecret] + secretBackendSetString := tcpService.Annotations[cloudprovider.ServiceAnnotationLoadBalancerTLSBackendSetSecret] + backendSslConfigAnnotation := tcpService.Annotations[cloudprovider.ServiceAnnotationLoadbalancerBackendSetSSLConfig] + listenerSslConfigAnnotation := tcpService.Annotations[cloudprovider.ServiceAnnotationLoadbalancerListenerSSLConfig] + sslConfig = cloudprovider.NewSSLConfig(secretListenerString, secretBackendSetString, tcpService, sslEnabledPorts, nil) + + for listenername, listener := range loadBalancer.Listeners { + if *loadBalancer.Listeners[listenername].Port == sslEnabledPorts[0] { + expectedSSL, err := cloudprovider.GetSSLConfiguration(sslConfig, sslConfig.BackendSetSSLSecretName, sslEnabledPorts[0], listenerSslConfigAnnotation) + if err != nil { + return false, fmt.Errorf(err.Error()) + } + fmt.Println("Listener Actual SSL Config for ", sslEnabledPorts[0], ":", *listener.SslConfiguration.CertificateName) + fmt.Println("Listener Expected SSL Config for ", sslEnabledPorts[0], ":", *expectedSSL.CertificateName) + fmt.Println("Listener Expected SSL Config for CipherSuiteName", sslEnabledPorts[0], ":", *expectedSSL.CipherSuiteName) + fmt.Println("Listener Expected SSL Config for Protocols", sslEnabledPorts[0], ":", strings.Join(expectedSSL.Protocols, ",")) + if !reflect.DeepEqual(listener.SslConfiguration.CertificateName, expectedSSL.CertificateName) { + fmt.Errorf("Listener SSL Config Mismatch! Expected: %s, Got: %s", *listener.SslConfiguration.CertificateName, *expectedSSL.CertificateName) + return false, nil + } + if !reflect.DeepEqual(listener.SslConfiguration.CipherSuiteName, expectedSSL.CipherSuiteName) { + fmt.Errorf("Listener SSL Config Mismatch! Expected CipherSuiteName: %s, Got: %s", *expectedSSL.CipherSuiteName, *listener.SslConfiguration.CipherSuiteName) + return false, nil + } + if !reflect.DeepEqual(listener.SslConfiguration.Protocols, expectedSSL.Protocols) { + fmt.Errorf("Listener SSL Config Mismatch! Expected CipherSuite Protocols: %s, Got: %s", + strings.Join(expectedSSL.Protocols, ","), + strings.Join(listener.SslConfiguration.Protocols, ",")) + return false, nil + + } + } + } + + sslConfig = cloudprovider.NewSSLConfig(secretListenerString, secretBackendSetString, tcpService, sslEnabledPorts, nil) + for backendSetName, backendSet := range loadBalancer.BackendSets { + if *loadBalancer.Listeners[backendSetName].Port == sslEnabledPorts[0] { + expectedSSL, err := cloudprovider.GetSSLConfiguration(sslConfig, sslConfig.BackendSetSSLSecretName, sslEnabledPorts[0], backendSslConfigAnnotation) + if err != nil { + return false, fmt.Errorf(err.Error()) + } + fmt.Println("BackendSet Actual SSL Config for ", sslEnabledPorts[0], ":", *backendSet.SslConfiguration.CertificateName) + fmt.Println("BackendSet Expected SSL Config for ", sslEnabledPorts[0], ":", *expectedSSL.CertificateName) + fmt.Println("BackendSet Expected SSL Config for CipherSuiteName", sslEnabledPorts[0], ":", *expectedSSL.CipherSuiteName) + fmt.Println("BackendSet Expected SSL Config for Protocols", sslEnabledPorts[0], ":", strings.Join(expectedSSL.Protocols, ",")) + if !reflect.DeepEqual(backendSet.SslConfiguration.CertificateName, expectedSSL.CertificateName) { + fmt.Errorf("BackendSet SSL Config Mismatch! Expected: %s, Got: %s", *expectedSSL.CertificateName, *backendSet.SslConfiguration.CertificateName) + return false, nil + } + if !reflect.DeepEqual(backendSet.SslConfiguration.CipherSuiteName, expectedSSL.CipherSuiteName) { + fmt.Errorf("BackendSet SSL Config Mismatch! Expected CipherSuiteName: %s, Got: %s", *expectedSSL.CipherSuiteName, *backendSet.SslConfiguration.CipherSuiteName) + return false, nil + } + if !reflect.DeepEqual(backendSet.SslConfiguration.Protocols, expectedSSL.Protocols) { + fmt.Errorf("BackendSet SSL Config Mismatch! Expected CipherSuite Protocols: %s, Got: %s", + strings.Join(expectedSSL.Protocols, ","), + strings.Join(backendSet.SslConfiguration.Protocols, ",")) + return false, nil + } + } + } + return true, nil +} diff --git a/test/e2e/framework/volumesnapshot_util.go b/test/e2e/framework/volumesnapshot_util.go index 04d6479025..997c52de15 100644 --- a/test/e2e/framework/volumesnapshot_util.go +++ b/test/e2e/framework/volumesnapshot_util.go @@ -17,11 +17,11 @@ package framework import ( "context" "fmt" - ocicore "github.com/oracle/oci-go-sdk/v65/core" "time" snapshot "github.com/kubernetes-csi/external-snapshotter/client/v6/apis/volumesnapshot/v1" . "github.com/onsi/ginkgo" + ocicore "github.com/oracle/oci-go-sdk/v65/core" v1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -197,14 +197,14 @@ func (j *PVCTestJig) GetBackupIDFromSnapshot(vsName string, ns string) string { // CreateVolumeSnapshotContentOrFail creates a new volume snapshot content based on the jig's defaults. func (j *PVCTestJig) CreateVolumeSnapshotContentOrFail(name string, driverType string, - backupOCID string, deletionPolicy string, vsName string, ns string) string { + backupOCID string, deletionPolicy string, vsName string, ns string, volumeMode v1.PersistentVolumeMode) string { snapshotDeletionPolicy := snapshot.VolumeSnapshotContentDelete if deletionPolicy == "Retain" { snapshotDeletionPolicy = snapshot.VolumeSnapshotContentRetain } - contentTemp := j.NewVolumeSnapshotContentTemplate(name, backupOCID, driverType, snapshotDeletionPolicy, vsName, ns) + contentTemp := j.NewVolumeSnapshotContentTemplate(name, backupOCID, driverType, volumeMode, snapshotDeletionPolicy, vsName, ns) content, err := j.SnapClient.SnapshotV1().VolumeSnapshotContents().Create(context.Background(), contentTemp, metav1.CreateOptions{}) if err != nil { @@ -221,7 +221,7 @@ func (j *PVCTestJig) CreateVolumeSnapshotContentOrFail(name string, driverType s // does not actually create the storage content. The default storage content has the same name // as the jig func (j *PVCTestJig) NewVolumeSnapshotContentTemplate(name string, backupOCID string, - driverType string, deletionPolicy snapshot.DeletionPolicy, vsName string, ns string) *snapshot.VolumeSnapshotContent { + driverType string, volumeMode v1.PersistentVolumeMode, deletionPolicy snapshot.DeletionPolicy, vsName string, ns string) *snapshot.VolumeSnapshotContent { return &snapshot.VolumeSnapshotContent{ TypeMeta: metav1.TypeMeta{ Kind: "VolumeSnapshotContent", @@ -236,6 +236,7 @@ func (j *PVCTestJig) NewVolumeSnapshotContentTemplate(name string, backupOCID st Source: snapshot.VolumeSnapshotContentSource{ SnapshotHandle: &backupOCID, }, + SourceVolumeMode: &volumeMode, VolumeSnapshotRef: v1.ObjectReference{ Name: vsName, Namespace: ns, @@ -319,9 +320,10 @@ func (j *PVCTestJig) CheckVSContentExists(pvName string) bool { func (j *PVCTestJig) CreateVolumeBackup(bs ocicore.BlockstorageClient, adLabel string, compartmentId string, volumeId string, backupName string) *string { request := ocicore.CreateVolumeBackupRequest{ CreateVolumeBackupDetails: ocicore.CreateVolumeBackupDetails{ - VolumeId: &volumeId, - DisplayName: &backupName, - Type: ocicore.CreateVolumeBackupDetailsTypeFull, + VolumeId: &volumeId, + //CompartmentId: &compartmentId, + DisplayName: &backupName, + Type: ocicore.CreateVolumeBackupDetailsTypeFull, }, } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/federation_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/federation_client.go index dbb74c6c00..e3805e3931 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/federation_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/federation_client.go @@ -203,6 +203,13 @@ func newAuthClient(region common.Region, provider common.KeyProvider) *common.Ba client.Host = region.Endpoint("auth") } client.BasePath = "v1/x509" + + if common.GlobalAuthClientCircuitBreakerSetting != nil { + client.Configuration.CircuitBreaker = common.NewCircuitBreaker(common.GlobalAuthClientCircuitBreakerSetting) + } else if !common.IsEnvVarFalse("OCI_SDK_AUTH_CLIENT_CIRCUIT_BREAKER_ENABLED") { + common.Logf("Configuring DefaultAuthClientCircuitBreakerSetting for federation client") + client.Configuration.CircuitBreaker = common.NewCircuitBreaker(common.DefaultAuthClientCircuitBreakerSetting()) + } return &client } @@ -288,7 +295,7 @@ func (c *x509FederationClient) getSecurityToken() (securityToken, error) { var httpResponse *http.Response defer common.CloseBodyIfValid(httpResponse) - for retry := 0; retry < 5; retry++ { + for retry := 0; retry < 3; retry++ { request := c.makeX509FederationRequest() if httpRequest, err = common.MakeDefaultHTTPRequestWithTaggedStruct(http.MethodPost, "", request); err != nil { @@ -298,7 +305,10 @@ func (c *x509FederationClient) getSecurityToken() (securityToken, error) { if httpResponse, err = c.authClient.Call(context.Background(), &httpRequest); err == nil { break } - + // Don't retry on 4xx errors + if httpResponse != nil && httpResponse.StatusCode >= 400 && httpResponse.StatusCode <= 499 { + return nil, fmt.Errorf("error %s returned by auth service: %s", httpResponse.Status, err.Error()) + } nextDuration := time.Duration(1000.0*(math.Pow(2.0, float64(retry)))) * time.Millisecond time.Sleep(nextDuration) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_key_provider.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_key_provider.go index b51c349095..6ae1348d1d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_key_provider.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_key_provider.go @@ -35,6 +35,23 @@ const ( ResourcePrincipalSessionTokenEndpoint = "OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT" //ResourcePrincipalTokenEndpoint endpoint for retrieving the Resource Principal Token ResourcePrincipalTokenEndpoint = "OCI_RESOURCE_PRINCIPAL_RPT_ENDPOINT" + + //ResourcePrincipalVersion3_0 is a supported version for resource principals + ResourcePrincipalVersion3_0 = "3.0" + ResourcePrincipalVersionForLeaf = "OCI_RESOURCE_PRINCIPAL_VERSION_FOR_LEAF_RESOURCE" + ResourcePrincipalRptEndpointForLeaf = "OCI_RESOURCE_PRINCIPAL_RPT_ENDPOINT_FOR_LEAF_RESOURCE" + ResourcePrincipalRptPathForLeaf = "OCI_RESOURCE_PRINCIPAL_RPT_PATH_FOR_LEAF_RESOURCE" + ResourcePrincipalRpstEndpointForLeaf = "OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT_FOR_LEAF_RESOURCE" + ResourcePrincipalResourceIdForLeaf = "OCI_RESOURCE_PRINCIPAL_RESOURCE_ID_FOR_LEAF_RESOURCE" + ResourcePrincipalPrivatePemForLeaf = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_FOR_LEAF_RESOURCE" + ResourcePrincipalPrivatePemPassphraseForLeaf = "OCI_RESOURCE_PRINCIPAL_PRIVATE_PEM_PASSPHRASE_FOR_LEAF_RESOURCE" + ResourcePrincipalRpstForLeaf = "OCI_RESOURCE_PRINCIPAL_RPST_FOR_LEAF_RESOURCE" + ResourcePrincipalRegionForLeaf = "OCI_RESOURCE_PRINCIPAL_REGION_FOR_LEAF_RESOURCE" + ResourcePrincipalRptURLForParent = "OCI_RESOURCE_PRINCIPAL_RPT_URL_FOR_PARENT_RESOURCE" + ResourcePrincipalRpstEndpointForParent = "OCI_RESOURCE_PRINCIPAL_RPST_ENDPOINT_FOR_PARENT_RESOURCE" + ResourcePrincipalTenancyIDForLeaf = "OCI_RESOURCE_PRINCIPAL_TENANCY_ID_FOR_LEAF_RESOURCE" + OpcParentRptUrlHeader = "opc-parent-rpt-url" + // KubernetesServiceAccountTokenPath that contains cluster information KubernetesServiceAccountTokenPath = "/var/run/secrets/kubernetes.io/serviceaccount/token" // DefaultKubernetesServiceAccountCertPath that contains cluster information @@ -90,6 +107,8 @@ func ResourcePrincipalConfigurationProvider() (ConfigurationProviderWithClaimAcc *rpst, *private, passphrase, *region) case ResourcePrincipalVersion1_1: return newResourcePrincipalKeyProvider11(DefaultRptPathProvider{}) + case ResourcePrincipalVersion3_0: + return newResourcePrincipalKeyProvider30() default: err := fmt.Errorf("can not create resource principal, environment variable: %s, must be valid", ResourcePrincipalVersionEnvVar) return nil, resourcePrincipalError{err: err} @@ -151,6 +170,41 @@ func OkeWorkloadIdentityConfigurationProviderWithServiceAccountTokenProvider(saT return nil, resourcePrincipalError{err: err} } +func OkeWorkloadIdentityConfigurationProviderWithServiceAccountTokenProviderK8sService(k8sServiceHost *string, saTokenProvider ServiceAccountTokenProvider, remoteCAbytes []byte) (ConfigurationProviderWithClaimAccess, error) { + saCertPath := requireEnv(OciKubernetesServiceAccountCertPath) + + if saCertPath == nil { + tmp := DefaultKubernetesServiceAccountCertPath + saCertPath = &tmp + } + + kubernetesServiceAccountCertRaw, err := ioutil.ReadFile(*saCertPath) + if err != nil { + err = fmt.Errorf("can not create resource principal, error getting Kubernetes Service Account Token at %s", *saCertPath) + return nil, resourcePrincipalError{err: err} + } + + kubernetesServiceAccountCert := x509.NewCertPool() + kubernetesServiceAccountCert.AppendCertsFromPEM(kubernetesServiceAccountCertRaw) + if ok := kubernetesServiceAccountCert.AppendCertsFromPEM(remoteCAbytes); !ok { + err := fmt.Errorf("failed to load remote CA") + return nil, resourcePrincipalError{err: err} + } + + region := requireEnv(ResourcePrincipalRegionEnvVar) + if region == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", + ResourcePrincipalRegionEnvVar) + return nil, resourcePrincipalError{err: err} + } + + proxymuxEndpoint := fmt.Sprintf("https://%s:%s/resourcePrincipalSessionTokens", *k8sServiceHost, KubernetesProxymuxServicePort) + + return newOkeWorkloadIdentityProvider(proxymuxEndpoint, saTokenProvider, kubernetesServiceAccountCert, *region) + + return nil, resourcePrincipalError{err: err} +} + // ResourcePrincipalConfigurationProviderForRegion returns a resource principal configuration provider using well known // environment variables to look up token information, for a given region. The environment variables can either paths or contain the material value // of the keys. However, in the case of the keys and tokens paths and values can not be mixed @@ -295,6 +349,51 @@ func newResourcePrincipalKeyProvider22(sessionTokenLocation, privatePemLocation return &rs, nil } +func newResourcePrincipalKeyProvider30() (ConfigurationProviderWithClaimAccess, error) { + rpVersionForLeafResource := requireEnv(ResourcePrincipalVersionForLeaf) + if rpVersionForLeafResource == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", ResourcePrincipalVersionForLeaf) + return nil, resourcePrincipalError{err: err} + } + var leafResourceAuthProvider ConfigurationProviderWithClaimAccess + var err error + switch *rpVersionForLeafResource { + case ResourcePrincipalVersion1_1: + leafResourceAuthProvider, err = newResourcePrincipalKeyProvider11(RptPathProviderForLeafResource{}) + if err != nil { + return nil, err + } + return ResourcePrincipalConfigurationProviderV3(leafResourceAuthProvider) + case ResourcePrincipalVersion2_2: + rpst := requireEnv(ResourcePrincipalRpstForLeaf) + if rpst == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", ResourcePrincipalRpstForLeaf) + return nil, resourcePrincipalError{err: err} + } + private := requireEnv(ResourcePrincipalPrivatePemForLeaf) + if private == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", ResourcePrincipalPrivatePemForLeaf) + return nil, resourcePrincipalError{err: err} + } + passphrase := requireEnv(ResourcePrincipalPrivatePemPassphraseForLeaf) + region := requireEnv(ResourcePrincipalRegionForLeaf) + if region == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", ResourcePrincipalRegionForLeaf) + return nil, resourcePrincipalError{err: err} + } + leafResourceAuthProvider, err = newResourcePrincipalKeyProvider22( + *rpst, *private, passphrase, *region) + if err != nil { + return nil, err + } + return ResourcePrincipalConfigurationProviderV3(leafResourceAuthProvider) + default: + err := fmt.Errorf("can not create resource principal, environment variable: %s, must be valid", ResourcePrincipalVersionForLeaf) + return nil, resourcePrincipalError{err: err} + + } +} + func newOkeWorkloadIdentityProvider(proxymuxEndpoint string, saTokenProvider ServiceAccountTokenProvider, kubernetesServiceAccountCert *x509.CertPool, region string) (*resourcePrincipalKeyProvider, error) { var err error diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_token_path_provider.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_token_path_provider.go index 7b52f8c7fd..2c958880f9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_token_path_provider.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principal_token_path_provider.go @@ -118,6 +118,33 @@ func (pp DefaultRptPathProvider) ResourceID() (*string, error) { return rpID, nil } +type RptPathProviderForLeafResource struct { + path string + resourceID string +} + +func (pp RptPathProviderForLeafResource) Path() (*string, error) { + path := requireEnv(ResourcePrincipalRptPathForLeaf) + if path == nil { + rpPath := imdsPathTemplate + return &rpPath, nil + } + return path, nil +} + +// ResourceID returns the resource associated with the resource principal +func (pp RptPathProviderForLeafResource) ResourceID() (*string, error) { + rpID := requireEnv(ResourcePrincipalResourceIdForLeaf) + if rpID == nil { + instanceID, err := getInstanceIDFromMetadata() + if err != nil { + return nil, err + } + return &instanceID, nil + } + return rpID, nil +} + func getInstanceIDFromMetadata() (instanceID string, err error) { client := &http.Client{} req, err := http.NewRequest("GET", instanceIDURL, nil) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principals_v3.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principals_v3.go new file mode 100644 index 0000000000..61ac2dbf94 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/auth/resource_principals_v3.go @@ -0,0 +1,351 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. + +package auth + +import ( + "context" + "crypto/rsa" + "fmt" + "net/http" + "net/url" + "strings" + "sync" + "time" + + "github.com/oracle/oci-go-sdk/v65/common" +) + +type resourcePrincipalV3Client struct { + securityToken securityToken + mux sync.Mutex + sessionKeySupplier sessionKeySupplier + rptUrl string + rpstUrl string + + leafResourcePrincipalKeyProvider ConfigurationProviderWithClaimAccess + + //ResourcePrincipalTargetServiceClient client that calls the target service to acquire a resource principal token + //ResourcePrincipalTargetServiceClient common.BaseClient + + //ResourcePrincipalSessionTokenClient. The client used to communicate with identity to exchange a resource principal for + // resource principal session token + //ResourcePrincipalSessionTokenClient common.BaseClient +} + +// acquireResourcePrincipalToken acquires the resource principal from the target service +func (c *resourcePrincipalV3Client) acquireResourcePrincipalToken(rptClient common.BaseClient, path string, signer common.HTTPRequestSigner) (tokenResponse resourcePrincipalTokenResponse, parentRptURL string, err error) { + rpServiceClient := rptClient + rpServiceClient.Signer = signer + + //Create a request with the instanceId + request := common.MakeDefaultHTTPRequest(http.MethodGet, path) + + //Call the target service + response, err := rpServiceClient.Call(context.Background(), &request) + if err != nil { + return + } + + defer common.CloseBodyIfValid(response) + + // Extract the opc-parent-rpt-url header value + parentRptURL = response.Header.Get(OpcParentRptUrlHeader) + + tokenResponse = resourcePrincipalTokenResponse{} + err = common.UnmarshalResponse(response, &tokenResponse) + return +} + +// exchangeToken exchanges a resource principal token from the target service with a session token from identity +func (c *resourcePrincipalV3Client) exchangeToken(rpstClient common.BaseClient, signer common.HTTPRequestSigner, publicKeyBase64 string, tokenResponse resourcePrincipalTokenResponse) (sessionToken string, err error) { + rpServiceClient := rpstClient + rpServiceClient.Signer = signer + + // Call identity service to get resource principal session token + sessionTokenReq := resourcePrincipalSessionTokenRequest{ + resourcePrincipalSessionTokenRequestBody{ + ServicePrincipalSessionToken: tokenResponse.Body.ServicePrincipalSessionToken, + ResourcePrincipalToken: tokenResponse.Body.ResourcePrincipalToken, + SessionPublicKey: publicKeyBase64, + }, + } + + sessionTokenHTTPReq, err := common.MakeDefaultHTTPRequestWithTaggedStruct(http.MethodPost, + "", sessionTokenReq) + if err != nil { + return + } + + sessionTokenHTTPRes, err := rpServiceClient.Call(context.Background(), &sessionTokenHTTPReq) + if err != nil { + return + } + defer common.CloseBodyIfValid(sessionTokenHTTPRes) + + sessionTokenRes := x509FederationResponse{} + err = common.UnmarshalResponse(sessionTokenHTTPRes, &sessionTokenRes) + if err != nil { + return + } + + sessionToken = sessionTokenRes.Token.Token + return +} + +// getSecurityToken makes the appropriate calls to acquire a resource principal security token +func (c *resourcePrincipalV3Client) getSecurityToken() (securityToken, error) { + + //c.leafResourcePrincipalKeyProvider.KeyID() + //common.Debugf("Refreshing resource principal token") + + //Read the public key from the session supplier. + pem := c.sessionKeySupplier.PublicKeyPemRaw() + pemSanitized := sanitizeCertificateString(string(pem)) + + return c.getSecurityTokenWithDepth(c.leafResourcePrincipalKeyProvider, 1, c.rptUrl, pemSanitized) + +} + +func (c *resourcePrincipalV3Client) getSecurityTokenWithDepth(keyProvider ConfigurationProviderWithClaimAccess, depth int, rptUrl, publicKey string) (securityToken, error) { + //Build the target service client + rpTargetServiceClient, err := common.NewClientWithConfig(keyProvider) + if err != nil { + return nil, err + } + + rpTokenURL, err := url.Parse(rptUrl) + if err != nil { + return nil, err + } + + common.Debugf("rptURL: %v", rpTokenURL) + + rpTargetServiceClient.Host = rpTokenURL.Scheme + "://" + rpTokenURL.Host + + //Build the identity client for token service + rpTokenSessionClient, err := common.NewClientWithConfig(keyProvider) + if err != nil { + return nil, err + } + + // Set RPST endpoint if passed in from env var, otherwise create it from region + if c.rpstUrl != "" { + rpSessionTokenURL, err := url.Parse(c.rpstUrl) + if err != nil { + return nil, err + } + + rpTokenSessionClient.Host = rpSessionTokenURL.Scheme + "://" + rpSessionTokenURL.Host + } else { + regionStr, err := c.leafResourcePrincipalKeyProvider.Region() + if err != nil { + return nil, fmt.Errorf("missing RPST env var and cannot determine region: %v", err) + } + region := common.StringToRegion(regionStr) + rpTokenSessionClient.Host = fmt.Sprintf("https://%s", region.Endpoint("auth")) + } + + rpTokenSessionClient.BasePath = identityResourcePrincipalSessionTokenPath + + //Acquire resource principal token from target service + common.Debugf("Acquiring resource principal token from target service") + tokenResponse, parentRptURL, err := c.acquireResourcePrincipalToken(rpTargetServiceClient, rpTokenURL.Path, common.DefaultRequestSigner(keyProvider)) + if err != nil { + return nil, err + } + + //Exchange resource principal token for session token from identity + common.Debugf("Exchanging resource principal token for resource principal session token") + sessionToken, err := c.exchangeToken(rpTokenSessionClient, common.DefaultRequestSigner(keyProvider), publicKey, tokenResponse) + if err != nil { + return nil, err + } + + // Base condition for recursion + // return the security token obtained last in the following cases + // 1. if depth is more than 10 + // 2. if opc-parent-rpt-url header is not passed or is empty + // 3. if opc-parent-rpt-url matches the last rpt url + if depth >= 10 || parentRptURL == "" || strings.EqualFold(parentRptURL, rptUrl) { + return newPrincipalToken(sessionToken) + } + + fd, err := newStaticFederationClient(sessionToken, c.sessionKeySupplier) + + if err != nil { + err := fmt.Errorf("can not create resource principal, due to: %s ", err.Error()) + return nil, resourcePrincipalError{err: err} + } + + region, _ := keyProvider.Region() + + configProviderForNextCall := resourcePrincipalKeyProvider{ + fd, common.Region(region), + } + + return c.getSecurityTokenWithDepth(&configProviderForNextCall, depth+1, parentRptURL, publicKey) + +} + +func (c *resourcePrincipalV3Client) renewSecurityToken() (err error) { + if err = c.sessionKeySupplier.Refresh(); err != nil { + return fmt.Errorf("failed to refresh session key: %s", err.Error()) + } + + common.Logf("Renewing security token at: %v\n", time.Now().Format("15:04:05.000")) + if c.securityToken, err = c.getSecurityToken(); err != nil { + return fmt.Errorf("failed to get security token: %s", err.Error()) + } + common.Logf("Security token renewed at: %v\n", time.Now().Format("15:04:05.000")) + + return nil +} + +func (c *resourcePrincipalV3Client) renewSecurityTokenIfNotValid() (err error) { + if c.securityToken == nil || !c.securityToken.Valid() { + if err = c.renewSecurityToken(); err != nil { + return fmt.Errorf("failed to renew resource principal security token: %s", err.Error()) + } + } + return nil +} + +func (c *resourcePrincipalV3Client) PrivateKey() (*rsa.PrivateKey, error) { + c.mux.Lock() + defer c.mux.Unlock() + if err := c.renewSecurityTokenIfNotValid(); err != nil { + return nil, err + } + return c.sessionKeySupplier.PrivateKey(), nil +} + +func (c *resourcePrincipalV3Client) SecurityToken() (token string, err error) { + c.mux.Lock() + defer c.mux.Unlock() + + if err = c.renewSecurityTokenIfNotValid(); err != nil { + return "", err + } + return c.securityToken.String(), nil +} + +type resourcePrincipalKeyProviderV3 struct { + resourcePrincipalClient resourcePrincipalV3Client +} + +type resourcePrincipalV30ConfigurationProvider struct { + keyProvider resourcePrincipalKeyProviderV3 + region *common.Region +} + +func (r *resourcePrincipalV30ConfigurationProvider) Refreshable() bool { + return true +} + +func (r *resourcePrincipalV30ConfigurationProvider) PrivateRSAKey() (*rsa.PrivateKey, error) { + privateKey, err := r.keyProvider.resourcePrincipalClient.PrivateKey() + if err != nil { + err = fmt.Errorf("failed to get resource principal private key: %s", err.Error()) + return nil, err + } + return privateKey, nil +} + +func (r *resourcePrincipalV30ConfigurationProvider) KeyID() (string, error) { + var securityToken string + var err error + if securityToken, err = r.keyProvider.resourcePrincipalClient.SecurityToken(); err != nil { + return "", fmt.Errorf("failed to get resource principal security token: %s", err.Error()) + } + return fmt.Sprintf("ST$%s", securityToken), nil +} + +func (r *resourcePrincipalV30ConfigurationProvider) TenancyOCID() (string, error) { + return r.keyProvider.resourcePrincipalClient.leafResourcePrincipalKeyProvider.TenancyOCID() +} + +func (r *resourcePrincipalV30ConfigurationProvider) UserOCID() (string, error) { + return "", nil +} + +func (r *resourcePrincipalV30ConfigurationProvider) KeyFingerprint() (string, error) { + return "", nil +} + +func (r *resourcePrincipalV30ConfigurationProvider) Region() (string, error) { + if r.region == nil { + common.Debugf("Region in resource principal configuration provider v30 is nil.") + return "", nil + } + return string(*r.region), nil +} + +func (r *resourcePrincipalV30ConfigurationProvider) AuthType() (common.AuthConfig, error) { + return common.AuthConfig{common.UnknownAuthenticationType, false, nil}, + fmt.Errorf("unsupported, keep the interface") +} + +func (r *resourcePrincipalV30ConfigurationProvider) GetClaim(key string) (interface{}, error) { + //TODO implement me + panic("implement me") +} + +type resourcePrincipalV30ConfiguratorBuilder struct { + leafResourcePrincipalKeyProvider ConfigurationProviderWithClaimAccess + rptUrlForParent, rpstUrlForParent *string +} + +// ResourcePrincipalV3ConfiguratorBuilder creates a new resourcePrincipalV30ConfiguratorBuilder. +func ResourcePrincipalV3ConfiguratorBuilder(leafResourcePrincipalKeyProvider ConfigurationProviderWithClaimAccess) *resourcePrincipalV30ConfiguratorBuilder { + return &resourcePrincipalV30ConfiguratorBuilder{ + leafResourcePrincipalKeyProvider: leafResourcePrincipalKeyProvider, + } +} + +// WithParentRPTURL sets the rptUrlForParent field. +func (b *resourcePrincipalV30ConfiguratorBuilder) WithParentRPTURL(rptUrlForParent string) *resourcePrincipalV30ConfiguratorBuilder { + b.rptUrlForParent = &rptUrlForParent + return b +} + +// WithParentRPSTURL sets the rpstUrlForParent field. +func (b *resourcePrincipalV30ConfiguratorBuilder) WithParentRPSTURL(rpstUrlForParent string) *resourcePrincipalV30ConfiguratorBuilder { + b.rpstUrlForParent = &rpstUrlForParent + return b +} + +// Build creates a ConfigurationProviderWithClaimAccess based on the configured values. +func (b *resourcePrincipalV30ConfiguratorBuilder) Build() (ConfigurationProviderWithClaimAccess, error) { + + if b.rptUrlForParent == nil { + err := fmt.Errorf("can not create resource principal, environment variable: %s, not present", + ResourcePrincipalRptURLForParent) + return nil, resourcePrincipalError{err: err} + } + + if b.rpstUrlForParent == nil { + common.Debugf("Environment variable %s not present, setting to empty string", ResourcePrincipalRpstEndpointForParent) + *b.rpstUrlForParent = "" + } + + rpFedClient := resourcePrincipalV3Client{} + rpFedClient.rptUrl = *b.rptUrlForParent + rpFedClient.rpstUrl = *b.rpstUrlForParent + rpFedClient.sessionKeySupplier = newSessionKeySupplier() + rpFedClient.leafResourcePrincipalKeyProvider = b.leafResourcePrincipalKeyProvider + region, _ := b.leafResourcePrincipalKeyProvider.Region() + + return &resourcePrincipalV30ConfigurationProvider{ + keyProvider: resourcePrincipalKeyProviderV3{rpFedClient}, + region: (*common.Region)(®ion), + }, nil +} + +// ResourcePrincipalConfigurationProviderV3 ResourcePrincipalConfigurationProvider is a function that creates and configures a resource principal. +func ResourcePrincipalConfigurationProviderV3(leafResourcePrincipalKeyProvider ConfigurationProviderWithClaimAccess) (ConfigurationProviderWithClaimAccess, error) { + builder := ResourcePrincipalV3ConfiguratorBuilder(leafResourcePrincipalKeyProvider) + builder.rptUrlForParent = requireEnv(ResourcePrincipalRptURLForParent) + builder.rpstUrlForParent = requireEnv(ResourcePrincipalRpstEndpointForParent) + return builder.Build() +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/circuit_breaker.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/circuit_breaker.go index 96e9323147..b6635f0d48 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/circuit_breaker.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/circuit_breaker.go @@ -5,6 +5,7 @@ package common import ( "fmt" + "math/rand" "net/http" "os" "strconv" @@ -29,6 +30,16 @@ const ( DefaultCircuitBreakerServiceName string = "" // DefaultCircuitBreakerHistoryCount is the default count of failed response history in circuit breaker DefaultCircuitBreakerHistoryCount int = 5 + // MinAuthClientCircuitBreakerResetTimeout is the min value of openStateWindow, which is the wait time before setting the breaker to halfOpen state from open state + MinAuthClientCircuitBreakerResetTimeout = 30 + // MaxAuthClientCircuitBreakerResetTimeout is the max value of openStateWindow, which is the wait time before setting the breaker to halfOpen state from open state + MaxAuthClientCircuitBreakerResetTimeout = 49 + // AuthClientCircuitBreakerName is the default circuit breaker name for the DefaultAuthClientCircuitBreakerSetting + AuthClientCircuitBreakerName = "FederationClientCircuitBreaker" + // AuthClientCircuitBreakerDefaultFailureThreshold is the default requests failure rate for the DefaultAuthClientCircuitBreakerSetting + AuthClientCircuitBreakerDefaultFailureThreshold float64 = 0.65 + // AuthClientCircuitBreakerDefaultMinimumRequests is the default value of minimumRequests in closed status + AuthClientCircuitBreakerDefaultMinimumRequests uint32 = 3 ) // CircuitBreakerSetting wraps all exposed configurable params of circuit breaker @@ -213,7 +224,7 @@ func NewCircuitBreakerSettingWithOptions(opts ...CircuitBreakerOption) *CircuitB for _, opt := range opts { opt(cbst) } - if defaultLogger.LogLevel() == verboseLogging { + if defaultLogger != nil && defaultLogger.LogLevel() == verboseLogging { Debugf("Circuit Breaker setting: %s\n", cbst.String()) } @@ -383,3 +394,17 @@ func ConfigCircuitBreakerFromGlobalVar(baseClient *BaseClient) { baseClient.Configuration.CircuitBreaker = NewCircuitBreaker(GlobalCircuitBreakerSetting) } } + +// DefaultAuthClientCircuitBreakerSetting returns the default circuit breaker setting for the Auth Client +func DefaultAuthClientCircuitBreakerSetting() *CircuitBreakerSetting { + return NewCircuitBreakerSettingWithOptions( + WithOpenStateWindow(time.Duration(rand.Intn(MaxAuthClientCircuitBreakerResetTimeout+1-MinAuthClientCircuitBreakerResetTimeout)+MinAuthClientCircuitBreakerResetTimeout)*time.Second), + WithName(AuthClientCircuitBreakerName), + WithFailureRateThreshold(AuthClientCircuitBreakerDefaultFailureThreshold), + WithMinimumRequests(AuthClientCircuitBreakerDefaultMinimumRequests), + ) +} + +// GlobalAuthClientCircuitBreakerSetting is global level circuit breaker setting for the Auth Client +// than client level circuit breaker +var GlobalAuthClientCircuitBreakerSetting *CircuitBreakerSetting = nil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/client.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/client.go index 37e8f307e3..2ee83ae518 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/client.go @@ -713,6 +713,9 @@ func (client BaseClient) httpDo(request *http.Request) (response *http.Response, // CloseBodyIfValid closes the body of an http response if the response and the body are valid func CloseBodyIfValid(httpResponse *http.Response) { if httpResponse != nil && httpResponse.Body != nil { + if httpResponse.Header != nil && strings.ToLower(httpResponse.Header.Get("content-type")) == "text/event-stream" { + return + } httpResponse.Body.Close() } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/http.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/http.go index 9927366e07..1f57b3a6fb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/http.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/http.go @@ -1068,6 +1068,11 @@ func responseToStruct(response *http.Response, val *reflect.Value, unmarshaler P // Notice the current implementation only supports native types:int, strings, floats, bool as the field types func UnmarshalResponse(httpResponse *http.Response, responseStruct interface{}) (err error) { + // Check for text/event-stream content type, and return without unmarshalling + if httpResponse != nil && httpResponse.Header != nil && strings.ToLower(httpResponse.Header.Get("content-type")) == "text/event-stream" { + return + } + var val *reflect.Value if val, err = checkForValidResponseStruct(responseStruct); err != nil { return diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.go index ec5192307f..98075ae994 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.go @@ -80,6 +80,10 @@ const ( RegionSABogota1 Region = "sa-bogota-1" //RegionSAValparaiso1 region Valparaiso RegionSAValparaiso1 Region = "sa-valparaiso-1" + //RegionAPSingapore2 region Singapore + RegionAPSingapore2 Region = "ap-singapore-2" + //RegionMERiyadh1 region Riyadh + RegionMERiyadh1 Region = "me-riyadh-1" //RegionUSLangley1 region Langley RegionUSLangley1 Region = "us-langley-1" //RegionUSLuke1 region Luke @@ -114,14 +118,38 @@ const ( RegionEUDccRating1 Region = "eu-dcc-rating-1" //RegionEUDccDublin1 region Dublin RegionEUDccDublin1 Region = "eu-dcc-dublin-1" + //RegionAPDccGazipur1 region Gazipur + RegionAPDccGazipur1 Region = "ap-dcc-gazipur-1" //RegionEUMadrid2 region Madrid RegionEUMadrid2 Region = "eu-madrid-2" //RegionEUFrankfurt2 region Frankfurt RegionEUFrankfurt2 Region = "eu-frankfurt-2" //RegionEUJovanovac1 region Jovanovac RegionEUJovanovac1 Region = "eu-jovanovac-1" + //RegionMEDccDoha1 region Doha + RegionMEDccDoha1 Region = "me-dcc-doha-1" + //RegionUSSomerset1 region Somerset + RegionUSSomerset1 Region = "us-somerset-1" + //RegionUSThames1 region Thames + RegionUSThames1 Region = "us-thames-1" //RegionEUDccZurich1 region Zurich RegionEUDccZurich1 Region = "eu-dcc-zurich-1" + //RegionEUCrissier1 region Crissier + RegionEUCrissier1 Region = "eu-crissier-1" + //RegionMEAbudhabi3 region Abudhabi + RegionMEAbudhabi3 Region = "me-abudhabi-3" + //RegionMEAlain1 region Alain + RegionMEAlain1 Region = "me-alain-1" + //RegionMEAbudhabi2 region Abudhabi + RegionMEAbudhabi2 Region = "me-abudhabi-2" + //RegionMEAbudhabi4 region Abudhabi + RegionMEAbudhabi4 Region = "me-abudhabi-4" + //RegionAPSeoul2 region Seoul + RegionAPSeoul2 Region = "ap-seoul-2" + //RegionAPSuwon1 region Suwon + RegionAPSuwon1 Region = "ap-suwon-1" + //RegionAPChuncheon2 region Chuncheon + RegionAPChuncheon2 Region = "ap-chuncheon-2" ) var shortNameRegion = map[string]Region{ @@ -163,6 +191,8 @@ var shortNameRegion = map[string]Region{ "aga": RegionUSSaltlake2, "bog": RegionSABogota1, "vap": RegionSAValparaiso1, + "xsp": RegionAPSingapore2, + "ruh": RegionMERiyadh1, "lfi": RegionUSLangley1, "luf": RegionUSLuke1, "ric": RegionUSGovAshburn1, @@ -180,10 +210,22 @@ var shortNameRegion = map[string]Region{ "dtm": RegionEUDccRating2, "dus": RegionEUDccRating1, "ork": RegionEUDccDublin1, + "dac": RegionAPDccGazipur1, "vll": RegionEUMadrid2, "str": RegionEUFrankfurt2, "beg": RegionEUJovanovac1, + "doh": RegionMEDccDoha1, + "ebb": RegionUSSomerset1, + "ebl": RegionUSThames1, "avz": RegionEUDccZurich1, + "avf": RegionEUCrissier1, + "ahu": RegionMEAbudhabi3, + "rba": RegionMEAlain1, + "rkt": RegionMEAbudhabi2, + "shj": RegionMEAbudhabi4, + "dtz": RegionAPSeoul2, + "dln": RegionAPSuwon1, + "bno": RegionAPChuncheon2, } var realm = map[string]string{ @@ -195,9 +237,15 @@ var realm = map[string]string{ "oc9": "oraclecloud9.com", "oc10": "oraclecloud10.com", "oc14": "oraclecloud14.com", + "oc15": "oraclecloud15.com", "oc19": "oraclecloud.eu", "oc20": "oraclecloud20.com", + "oc21": "oraclecloud21.com", + "oc23": "oraclecloud23.com", "oc24": "oraclecloud24.com", + "oc26": "oraclecloud26.com", + "oc29": "oraclecloud29.com", + "oc35": "oraclecloud35.com", } var regionRealm = map[Region]string{ @@ -239,6 +287,8 @@ var regionRealm = map[Region]string{ RegionUSSaltlake2: "oc1", RegionSABogota1: "oc1", RegionSAValparaiso1: "oc1", + RegionAPSingapore2: "oc1", + RegionMERiyadh1: "oc1", RegionUSLangley1: "oc2", RegionUSLuke1: "oc2", @@ -264,10 +314,28 @@ var regionRealm = map[Region]string{ RegionEUDccRating1: "oc14", RegionEUDccDublin1: "oc14", + RegionAPDccGazipur1: "oc15", + RegionEUMadrid2: "oc19", RegionEUFrankfurt2: "oc19", RegionEUJovanovac1: "oc20", + RegionMEDccDoha1: "oc21", + + RegionUSSomerset1: "oc23", + RegionUSThames1: "oc23", + RegionEUDccZurich1: "oc24", + RegionEUCrissier1: "oc24", + + RegionMEAbudhabi3: "oc26", + RegionMEAlain1: "oc26", + + RegionMEAbudhabi2: "oc29", + RegionMEAbudhabi4: "oc29", + + RegionAPSeoul2: "oc35", + RegionAPSuwon1: "oc35", + RegionAPChuncheon2: "oc35", } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.json b/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.json index 86417493c1..84ffa621cd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.json +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/regions.json @@ -352,5 +352,89 @@ "realmKey": "oc1", "regionIdentifier": "sa-valparaiso-1", "realmDomainComponent": "oraclecloud.com" + }, + { + "regionKey": "doh", + "realmKey": "oc21", + "regionIdentifier": "me-dcc-doha-1", + "realmDomainComponent": "oraclecloud21.com" + }, + { + "regionKey": "ahu", + "realmKey": "oc26", + "regionIdentifier": "me-abudhabi-3", + "realmDomainComponent": "oraclecloud26.com" + }, + { + "regionKey": "dac", + "realmKey": "oc15", + "regionIdentifier": "ap-dcc-gazipur-1", + "realmDomainComponent": "oraclecloud15.com" + }, + { + "regionKey": "xsp", + "realmKey": "oc1", + "regionIdentifier": "ap-singapore-2", + "realmDomainComponent": "oraclecloud.com" + }, + { + "regionKey": "rkt", + "realmKey": "oc29", + "regionIdentifier": "me-abudhabi-2", + "realmDomainComponent": "oraclecloud29.com" + }, + { + "regionKey": "ruh", + "realmKey": "oc1", + "regionIdentifier": "me-riyadh-1", + "realmDomainComponent": "oraclecloud.com" + }, + { + "regionKey": "shj", + "realmKey": "oc29", + "regionIdentifier": "me-abudhabi-4", + "realmDomainComponent": "oraclecloud29.com" + }, + { + "regionKey": "avf", + "realmKey": "oc24", + "regionIdentifier": "eu-crissier-1", + "realmDomainComponent": "oraclecloud24.com" + }, + { + "regionKey": "ebb", + "realmKey": "oc23", + "regionIdentifier": "us-somerset-1", + "realmDomainComponent": "oraclecloud23.com" + }, + { + "regionKey": "ebl", + "realmKey": "oc23", + "regionIdentifier": "us-thames-1", + "realmDomainComponent": "oraclecloud23.com" + }, + { + "regionKey": "dtz", + "realmKey": "oc35", + "regionIdentifier": "ap-seoul-2", + "realmDomainComponent": "oraclecloud35.com" + }, + { + "regionKey": "dln", + "realmKey": "oc35", + "regionIdentifier": "ap-suwon-1", + "realmDomainComponent": "oraclecloud35.com" + }, + { + "regionKey": "bno", + "realmKey": "oc35", + "regionIdentifier": "ap-chuncheon-2", + "realmDomainComponent": "oraclecloud35.com" + }, + { + "regionKey": "rba", + "realmKey": "oc26", + "regionIdentifier": "me-alain-1", + "realmDomainComponent": "oraclecloud26.com" } ] \ No newline at end of file diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go b/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go index ab4bfdf198..af27c28086 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/common/version.go @@ -12,7 +12,7 @@ import ( const ( major = "65" - minor = "56" + minor = "79" patch = "0" tag = "" ) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/add_on_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/add_on_options.go index f21717d807..d7944957ed 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/add_on_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/add_on_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon.go index a181fe9b2c..c6247ce6ad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_configuration.go index 18e45e98ca..4d79d670b8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_configuration.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_error.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_error.go index 76a0c6249d..2f10b7f933 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_error.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_error.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_lifecycle_state.go index 37347a6fb3..e7339e90ce 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_option_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_option_summary.go index a8d46800c9..46210220f7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_option_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_option_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_summary.go index b4bf81ebb2..aaf7c03f3f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_version_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_version_configuration.go index fec500f1f0..8c8d9c3eef 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_version_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_version_configuration.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_versions.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_versions.go index 01a61fab55..2296534d31 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_versions.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/addon_versions.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/admission_controller_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/admission_controller_options.go index 36a22ba20c..d80d33ca8c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/admission_controller_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/admission_controller_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go index 0df24041d1..65f3d4dd43 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -62,7 +62,7 @@ type Cluster struct { // Metadata about the cluster. Metadata *ClusterMetadata `mandatory:"false" json:"metadata"` - // The state of the cluster masters. + // The state of the cluster masters. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState ClusterLifecycleStateEnum `mandatory:"false" json:"lifecycleState,omitempty"` // Details about the state of the cluster masters. @@ -82,6 +82,9 @@ type Cluster struct { // Type of cluster Type ClusterTypeEnum `mandatory:"false" json:"type,omitempty"` + + // The cluster-specific OpenID Connect Discovery endpoint + OpenIdConnectDiscoveryEndpoint *string `mandatory:"false" json:"openIdConnectDiscoveryEndpoint"` } func (m Cluster) String() string { @@ -109,25 +112,26 @@ func (m Cluster) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *Cluster) UnmarshalJSON(data []byte) (e error) { model := struct { - Id *string `json:"id"` - Name *string `json:"name"` - CompartmentId *string `json:"compartmentId"` - EndpointConfig *ClusterEndpointConfig `json:"endpointConfig"` - VcnId *string `json:"vcnId"` - KubernetesVersion *string `json:"kubernetesVersion"` - KmsKeyId *string `json:"kmsKeyId"` - FreeformTags map[string]string `json:"freeformTags"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - SystemTags map[string]map[string]interface{} `json:"systemTags"` - Options *ClusterCreateOptions `json:"options"` - Metadata *ClusterMetadata `json:"metadata"` - LifecycleState ClusterLifecycleStateEnum `json:"lifecycleState"` - LifecycleDetails *string `json:"lifecycleDetails"` - Endpoints *ClusterEndpoints `json:"endpoints"` - AvailableKubernetesUpgrades []string `json:"availableKubernetesUpgrades"` - ImagePolicyConfig *ImagePolicyConfig `json:"imagePolicyConfig"` - ClusterPodNetworkOptions []clusterpodnetworkoptiondetails `json:"clusterPodNetworkOptions"` - Type ClusterTypeEnum `json:"type"` + Id *string `json:"id"` + Name *string `json:"name"` + CompartmentId *string `json:"compartmentId"` + EndpointConfig *ClusterEndpointConfig `json:"endpointConfig"` + VcnId *string `json:"vcnId"` + KubernetesVersion *string `json:"kubernetesVersion"` + KmsKeyId *string `json:"kmsKeyId"` + FreeformTags map[string]string `json:"freeformTags"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SystemTags map[string]map[string]interface{} `json:"systemTags"` + Options *ClusterCreateOptions `json:"options"` + Metadata *ClusterMetadata `json:"metadata"` + LifecycleState ClusterLifecycleStateEnum `json:"lifecycleState"` + LifecycleDetails *string `json:"lifecycleDetails"` + Endpoints *ClusterEndpoints `json:"endpoints"` + AvailableKubernetesUpgrades []string `json:"availableKubernetesUpgrades"` + ImagePolicyConfig *ImagePolicyConfig `json:"imagePolicyConfig"` + ClusterPodNetworkOptions []clusterpodnetworkoptiondetails `json:"clusterPodNetworkOptions"` + Type ClusterTypeEnum `json:"type"` + OpenIdConnectDiscoveryEndpoint *string `json:"openIdConnectDiscoveryEndpoint"` }{} e = json.Unmarshal(data, &model) @@ -183,5 +187,7 @@ func (m *Cluster) UnmarshalJSON(data []byte) (e error) { } m.Type = model.Type + m.OpenIdConnectDiscoveryEndpoint = model.OpenIdConnectDiscoveryEndpoint + return } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go index ca766bbffc..e9c0a3dac1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_create_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -35,6 +35,10 @@ type ClusterCreateOptions struct { PersistentVolumeConfig *PersistentVolumeConfigDetails `mandatory:"false" json:"persistentVolumeConfig"` ServiceLbConfig *ServiceLbConfigDetails `mandatory:"false" json:"serviceLbConfig"` + + OpenIdConnectTokenAuthenticationConfig *OpenIdConnectTokenAuthenticationConfig `mandatory:"false" json:"openIdConnectTokenAuthenticationConfig"` + + OpenIdConnectDiscovery *OpenIdConnectDiscovery `mandatory:"false" json:"openIdConnectDiscovery"` } func (m ClusterCreateOptions) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoint_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoint_config.go index c4dbd716af..4d2db14a0a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoint_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoint_config.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoints.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoints.go index 03596b64c1..d0b7e5bc56 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoints.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_endpoints.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_lifecycle_state.go index bcd6912603..67cb898583 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_metadata.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_metadata.go index d95f01c117..25a4ddce7f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_metadata.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_metadata.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_details.go index 666ba6fab8..829b4308aa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_status.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_status.go index 950acfb5e6..e57770322b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_status.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_migrate_to_native_vcn_status.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_options.go index cd4839078f..f1790141ba 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_pod_network_option_details.go index 5d5caf2ae8..dc854ded84 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_summary.go index 9f75d7e7d4..d84864fb28 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -59,7 +59,7 @@ type ClusterSummary struct { // Metadata about the cluster. Metadata *ClusterMetadata `mandatory:"false" json:"metadata"` - // The state of the cluster masters. + // The state of the cluster masters. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState ClusterLifecycleStateEnum `mandatory:"false" json:"lifecycleState,omitempty"` // Details about the state of the cluster masters. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_type.go index bd036e1c4d..52e7876580 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_type.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/cluster_type.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/containerengine_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/containerengine_client.go index bb64cd79f2..fc94e57af9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/containerengine_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/containerengine_client.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -2259,7 +2259,7 @@ func (client ContainerEngineClient) listWorkloadMappings(ctx context.Context, re defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/containerengine/20180222/WorkloadMappingSummary/ListWorkloadMappings" + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/containerengine/20180222/WorkloadMapping/ListWorkloadMappings" err = common.PostProcessServiceError(err, "ContainerEngine", "ListWorkloadMappings", apiReferenceLink) return response, err } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_details.go index b7fe3ddc51..60c01becbc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_endpoint_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_endpoint_config_details.go index 9a00e3ad11..f847686e7c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_endpoint_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_endpoint_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_kubeconfig_content_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_kubeconfig_content_details.go index 0524c448bf..e108dded1c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_kubeconfig_content_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_cluster_kubeconfig_content_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_image_policy_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_image_policy_config_details.go index dbbfedadad..b7abd79282 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_image_policy_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_image_policy_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_details.go index 2f13ea482f..3dfdfdf2e3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_node_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_node_config_details.go index caf3056bc6..1b229cd542 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_node_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_pool_node_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_shape_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_shape_config_details.go index b4a4e022e6..0e1efee1f8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_shape_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_node_shape_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_virtual_node_pool_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_virtual_node_pool_details.go index ba8d283e69..212c656681 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_virtual_node_pool_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_virtual_node_pool_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_workload_mapping_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_workload_mapping_details.go index c154a70501..080a552bd3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_workload_mapping_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/create_workload_mapping_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/credential_rotation_status.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/credential_rotation_status.go index 50903c9cf7..f3a3bce1e4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/credential_rotation_status.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/credential_rotation_status.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/delete_virtual_node_pool_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/delete_virtual_node_pool_request_response.go index 5cc62ebc83..394309a191 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/delete_virtual_node_pool_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/delete_virtual_node_pool_request_response.go @@ -30,11 +30,11 @@ type DeleteVirtualNodePoolRequest struct { // Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` - // Duration after which Sk8s will give up eviction of the pods on the node. + // Duration after which SKE will give up eviction of the pods on the node. // PT0M will indicate you want to delete the virtual node without cordon and drain. Default PT60M, Min PT0M, Max: PT60M. Format ISO 8601 e.g PT30M OverrideEvictionGraceDurationVnp *string `mandatory:"false" contributesTo:"query" name:"overrideEvictionGraceDurationVnp"` - // If the underlying compute instance should be deleted if you cannot evict all the pods in grace period + // If the underlying virtual node should be force deleted if all the pods are not evicted in the evictionGraceDuration. IsForceDeletionAfterOverrideGraceDurationVnp *bool `mandatory:"false" contributesTo:"query" name:"isForceDeletionAfterOverrideGraceDurationVnp"` // Metadata about the request. This information will not be transmitted to the service, but diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_cluster_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_cluster_pod_network_option_details.go index 67caae6aad..73031e9184 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_cluster_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_cluster_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_node_pool_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_node_pool_pod_network_option_details.go index ab642e48b2..54e054c010 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_node_pool_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/flannel_overlay_node_pool_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/image_policy_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/image_policy_config.go index 00d7e80e00..30a0bbc59f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/image_policy_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/image_policy_config.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/initial_virtual_node_label.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/initial_virtual_node_label.go index 5e8c051822..e4165e880a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/initial_virtual_node_label.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/initial_virtual_node_label.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/install_addon_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/install_addon_details.go index d4d09745f4..4fe7ad4787 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/install_addon_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/install_addon_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -28,6 +28,9 @@ type InstallAddonDetails struct { // Addon configuration details. Configurations []AddonConfiguration `mandatory:"false" json:"configurations"` + + // Whether or not to override an existing addon installation. Defaults to false. If set to true, any existing addon installation would be overridden as per new installation details. + IsOverrideExisting *bool `mandatory:"false" json:"isOverrideExisting"` } func (m InstallAddonDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_details.go index 18be063db5..9d9e670cdb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_value.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_value.go index e787c82afc..8857b46467 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_value.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/key_value.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_network_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_network_config.go index 1e48b57f0a..b19c03a3a2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_network_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_network_config.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_versions_filters.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_versions_filters.go index 87bc039e37..3c39420337 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_versions_filters.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/kubernetes_versions_filters.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_clusters_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_clusters_request_response.go index 4ea045c9c2..114fd486db 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_clusters_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_clusters_request_response.go @@ -21,7 +21,7 @@ type ListClustersRequest struct { // The OCID of the compartment. CompartmentId *string `mandatory:"true" contributesTo:"query" name:"compartmentId"` - // A cluster lifecycle state to filter on. Can have multiple parameters of this name. + // A cluster lifecycle state to filter on. Can have multiple parameters of this name. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState []ClusterLifecycleStateEnum `contributesTo:"query" name:"lifecycleState" omitEmpty:"true" collectionFormat:"multi"` // The name to filter on. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_node_pools_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_node_pools_request_response.go index 1b761b07d8..9052e163d1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_node_pools_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/list_node_pools_request_response.go @@ -46,7 +46,7 @@ type ListNodePoolsRequest struct { // Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` - // A list of nodepool lifecycle states on which to filter on, matching any of the list items (OR logic). eg. [ACTIVE, DELETING] + // A list of nodepool lifecycle states on which to filter on, matching any of the list items (OR logic). eg. ACTIVE, DELETING. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState []NodePoolLifecycleStateEnum `contributesTo:"query" name:"lifecycleState" omitEmpty:"true" collectionFormat:"multi"` // Metadata about the request. This information will not be transmitted to the service, but diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node.go index cf8a5b44e3..643d95669f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -64,7 +64,7 @@ type Node struct { // Example: `{"orcl-cloud": {"free-tier-retained": "true"}}` SystemTags map[string]map[string]interface{} `mandatory:"false" json:"systemTags"` - // The state of the node. + // The state of the node. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState NodeLifecycleStateEnum `mandatory:"false" json:"lifecycleState,omitempty"` // Details about the state of the node. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_error.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_error.go index 837fd903ba..f25519f5c0 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_error.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_error.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_eviction_node_pool_settings.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_eviction_node_pool_settings.go index f9272eaba8..cee7b51792 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_eviction_node_pool_settings.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_eviction_node_pool_settings.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool.go index c5a0f8167e..562cb9eabf 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -24,7 +24,7 @@ type NodePool struct { // The OCID of the node pool. Id *string `mandatory:"false" json:"id"` - // The state of the nodepool. + // The state of the nodepool. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState NodePoolLifecycleStateEnum `mandatory:"false" json:"lifecycleState,omitempty"` // Details about the state of the nodepool. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_cycling_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_cycling_details.go index 0f35181c6b..63e7923b69 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_cycling_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_cycling_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_lifecycle_state.go index 8d1d8c39e9..1f74dbd290 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_node_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_node_config_details.go index 2de50c7a2e..ae8faf928b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_node_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_node_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_options.go index d4fd90df60..b9332dd200 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_placement_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_placement_config_details.go index 0afa620ef4..1baeb94de9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_placement_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_placement_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_pod_network_option_details.go index 64924b8926..96b1b7d6ad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_summary.go index ce46b04f97..3d8f8e22c1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_pool_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -24,7 +24,7 @@ type NodePoolSummary struct { // The OCID of the node pool. Id *string `mandatory:"false" json:"id"` - // The state of the nodepool. + // The state of the nodepool. For more information, see Monitoring Clusters (https://docs.cloud.oracle.com/Content/ContEng/Tasks/contengmonitoringclusters.htm) LifecycleState NodePoolLifecycleStateEnum `mandatory:"false" json:"lifecycleState,omitempty"` // Details about the state of the nodepool. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_shape_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_shape_config.go index ede30810c1..b5a24ef74d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_shape_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_shape_config.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_details.go index 4a9ec7c67e..8fdbe27c19 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_option.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_option.go index c13fa545e1..a56ad2fafc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_option.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_option.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_type.go index 7696620c27..6aa63cec48 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_type.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_type.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_details.go index 86e7bc7034..d8f9bb2060 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_option.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_option.go index 2eca0010fd..3dea684936 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_option.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/node_source_via_image_option.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_cluster_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_cluster_pod_network_option_details.go index 24ba042adf..2cc1f3d7ad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_cluster_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_cluster_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_node_pool_pod_network_option_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_node_pool_pod_network_option_details.go index 778a7839de..a3e715a560 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_node_pool_pod_network_option_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/oci_vcn_ip_native_node_pool_pod_network_option_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go new file mode 100644 index 0000000000..b4a842ea0e --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_discovery.go @@ -0,0 +1,41 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Kubernetes Engine API +// +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, +// and manage cloud-native applications. For more information, see +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// + +package containerengine + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// OpenIdConnectDiscovery The property that define the status of the OIDC Discovery feature for a cluster. +type OpenIdConnectDiscovery struct { + + // Whether the cluster has OIDC Discovery enabled. Defaults to false. If set to true, the cluster will be assigned a public OIDC Discovery endpoint. + IsOpenIdConnectDiscoveryEnabled *bool `mandatory:"false" json:"isOpenIdConnectDiscoveryEnabled"` +} + +func (m OpenIdConnectDiscovery) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m OpenIdConnectDiscovery) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go new file mode 100644 index 0000000000..f8b2c9157b --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/open_id_connect_token_authentication_config.go @@ -0,0 +1,77 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Kubernetes Engine API +// +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, +// and manage cloud-native applications. For more information, see +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// + +package containerengine + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// OpenIdConnectTokenAuthenticationConfig The properties that configure OIDC token authentication in kube-apiserver. +// For more information, see Configuring the API Server (https://kubernetes.io/docs/reference/access-authn-authz/authentication/#using-flags). +type OpenIdConnectTokenAuthenticationConfig struct { + + // Whether the cluster has OIDC Auth Config enabled. Defaults to false. + IsOpenIdConnectAuthEnabled *bool `mandatory:"true" json:"isOpenIdConnectAuthEnabled"` + + // URL of the provider that allows the API server to discover public signing keys. + // Only URLs that use the https:// scheme are accepted. This is typically the provider's discovery URL, + // changed to have an empty path. + IssuerUrl *string `mandatory:"false" json:"issuerUrl"` + + // A client id that all tokens must be issued for. + ClientId *string `mandatory:"false" json:"clientId"` + + // JWT claim to use as the user name. By default sub, which is expected to be a unique identifier of the end + // user. Admins can choose other claims, such as email or name, depending on their provider. However, claims + // other than email will be prefixed with the issuer URL to prevent naming clashes with other plugins. + UsernameClaim *string `mandatory:"false" json:"usernameClaim"` + + // Prefix prepended to username claims to prevent clashes with existing names (such as system:users). + // For example, the value oidc: will create usernames like oidc:jane.doe. If this flag isn't provided and + // --oidc-username-claim is a value other than email the prefix defaults to ( Issuer URL )# where + // ( Issuer URL ) is the value of --oidc-issuer-url. The value - can be used to disable all prefixing. + UsernamePrefix *string `mandatory:"false" json:"usernamePrefix"` + + // JWT claim to use as the user's group. If the claim is present it must be an array of strings. + GroupsClaim *string `mandatory:"false" json:"groupsClaim"` + + // Prefix prepended to group claims to prevent clashes with existing names (such as system:groups). + GroupsPrefix *string `mandatory:"false" json:"groupsPrefix"` + + // A key=value pair that describes a required claim in the ID Token. If set, the claim is verified to be present + // in the ID Token with a matching value. Repeat this flag to specify multiple claims. + RequiredClaims []KeyValue `mandatory:"false" json:"requiredClaims"` + + // A Base64 encoded public RSA or ECDSA certificates used to signed your identity provider's web certificate. + CaCertificate *string `mandatory:"false" json:"caCertificate"` + + // The signing algorithms accepted. Default is ["RS256"]. + SigningAlgorithms []string `mandatory:"false" json:"signingAlgorithms"` +} + +func (m OpenIdConnectTokenAuthenticationConfig) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m OpenIdConnectTokenAuthenticationConfig) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/persistent_volume_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/persistent_volume_config_details.go index 0e4876dd3f..7a98797c96 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/persistent_volume_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/persistent_volume_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/placement_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/placement_configuration.go index 40f9b10ec0..edd17776ad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/placement_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/placement_configuration.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_configuration.go index faf3f60c01..9d847384e2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_configuration.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape.go index 36fcb8906a..4db17edcd6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape_summary.go index 7740c796f1..e20bcd4524 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/pod_shape_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemptible_node_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemptible_node_config_details.go index 96783639c6..18310c9039 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemptible_node_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemptible_node_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemption_action.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemption_action.go index 577a85dfd4..55530ca8ef 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemption_action.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/preemption_action.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/service_lb_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/service_lb_config_details.go index 214f633598..49521e94e4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/service_lb_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/service_lb_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_memory_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_memory_options.go index ac979bad54..f56fb9e325 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_memory_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_memory_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_network_bandwidth_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_network_bandwidth_options.go index 46a6436692..9ea7342d04 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_network_bandwidth_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_network_bandwidth_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_ocpu_options.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_ocpu_options.go index abc825c21a..8ea6491e51 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_ocpu_options.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/shape_ocpu_options.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/sort_order.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/sort_order.go index 214857a660..ebe40a0fa7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/sort_order.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/sort_order.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/start_credential_rotation_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/start_credential_rotation_details.go index 92e8b5d4fa..cf45729c63 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/start_credential_rotation_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/start_credential_rotation_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -20,7 +20,7 @@ import ( // StartCredentialRotationDetails Properties that define a request to start credential rotation on a kubernetes cluster. type StartCredentialRotationDetails struct { - // The duration in days(in ISO 8601 notation eg. P5D) after which the old credentials should be retired. Maximum delay duration is 14 days. + // The duration in days(in ISO 8601 notation eg. P5D) after which the old credentials should be retired. Maximum delay duration is 90 days. AutoCompletionDelayDuration *string `mandatory:"true" json:"autoCompletionDelayDuration"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/taint.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/taint.go index eaafe914a0..15bcec0b74 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/taint.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/taint.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/terminate_preemption_action.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/terminate_preemption_action.go index 478abdf3b8..6113f332c3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/terminate_preemption_action.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/terminate_preemption_action.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_addon_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_addon_details.go index 7d164a5ad1..27d01bcc1b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_addon_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_addon_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_details.go index 1b16d39671..e10c3039ef 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_endpoint_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_endpoint_config_details.go index 649d9f68cf..e86d8047f7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_endpoint_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_endpoint_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go index 370c88e40a..ec8d7ae17f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_cluster_options_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -26,6 +26,10 @@ type UpdateClusterOptionsDetails struct { PersistentVolumeConfig *PersistentVolumeConfigDetails `mandatory:"false" json:"persistentVolumeConfig"` ServiceLbConfig *ServiceLbConfigDetails `mandatory:"false" json:"serviceLbConfig"` + + OpenIdConnectTokenAuthenticationConfig *OpenIdConnectTokenAuthenticationConfig `mandatory:"false" json:"openIdConnectTokenAuthenticationConfig"` + + OpenIdConnectDiscovery *OpenIdConnectDiscovery `mandatory:"false" json:"openIdConnectDiscovery"` } func (m UpdateClusterOptionsDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_image_policy_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_image_policy_config_details.go index b9737776bc..bf1266a56f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_image_policy_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_image_policy_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_details.go index a5b4be323a..1643a11dc4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_node_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_node_config_details.go index b02f010698..cbeef7c02e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_node_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_pool_node_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_shape_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_shape_config_details.go index f2a6263da4..1dbd9a1be7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_shape_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_node_shape_config_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_virtual_node_pool_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_virtual_node_pool_details.go index 8064c5c295..da7cff3517 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_virtual_node_pool_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_virtual_node_pool_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_workload_mapping_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_workload_mapping_details.go index bdae873eaf..a7ff13899c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_workload_mapping_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/update_workload_mapping_details.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node.go index a6a6db6014..29a6231cd1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_lifecycle_state.go index 4950deecae..a29b0ff389 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool.go index 3c15f6f696..188355de89 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_lifecycle_state.go index 3b66b86dbf..f129e44da6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_summary.go index caa4a3a325..6ec4675ed6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_pool_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_summary.go index f5922be330..e387e53652 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_tags.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_tags.go index 173cda2280..a9db750c1e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_tags.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/virtual_node_tags.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request.go index b8fe6605c3..4ea63058bc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_error.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_error.go index f9044250b7..ef6f6f5a21 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_error.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_error.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_log_entry.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_log_entry.go index 235ebdfd40..8a8d7f9975 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_log_entry.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_log_entry.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_operation_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_operation_type.go index 15c7e7ac9e..cf959fdb54 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_operation_type.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_operation_type.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -23,6 +23,7 @@ const ( WorkRequestOperationTypeClusterCreate WorkRequestOperationTypeEnum = "CLUSTER_CREATE" WorkRequestOperationTypeClusterUpdate WorkRequestOperationTypeEnum = "CLUSTER_UPDATE" WorkRequestOperationTypeClusterDelete WorkRequestOperationTypeEnum = "CLUSTER_DELETE" + WorkRequestOperationTypeCreateNamespace WorkRequestOperationTypeEnum = "CREATE_NAMESPACE" WorkRequestOperationTypeNodepoolCreate WorkRequestOperationTypeEnum = "NODEPOOL_CREATE" WorkRequestOperationTypeNodepoolUpdate WorkRequestOperationTypeEnum = "NODEPOOL_UPDATE" WorkRequestOperationTypeNodepoolDelete WorkRequestOperationTypeEnum = "NODEPOOL_DELETE" @@ -43,6 +44,7 @@ var mappingWorkRequestOperationTypeEnum = map[string]WorkRequestOperationTypeEnu "CLUSTER_CREATE": WorkRequestOperationTypeClusterCreate, "CLUSTER_UPDATE": WorkRequestOperationTypeClusterUpdate, "CLUSTER_DELETE": WorkRequestOperationTypeClusterDelete, + "CREATE_NAMESPACE": WorkRequestOperationTypeCreateNamespace, "NODEPOOL_CREATE": WorkRequestOperationTypeNodepoolCreate, "NODEPOOL_UPDATE": WorkRequestOperationTypeNodepoolUpdate, "NODEPOOL_DELETE": WorkRequestOperationTypeNodepoolDelete, @@ -63,6 +65,7 @@ var mappingWorkRequestOperationTypeEnumLowerCase = map[string]WorkRequestOperati "cluster_create": WorkRequestOperationTypeClusterCreate, "cluster_update": WorkRequestOperationTypeClusterUpdate, "cluster_delete": WorkRequestOperationTypeClusterDelete, + "create_namespace": WorkRequestOperationTypeCreateNamespace, "nodepool_create": WorkRequestOperationTypeNodepoolCreate, "nodepool_update": WorkRequestOperationTypeNodepoolUpdate, "nodepool_delete": WorkRequestOperationTypeNodepoolDelete, @@ -94,6 +97,7 @@ func GetWorkRequestOperationTypeEnumStringValues() []string { "CLUSTER_CREATE", "CLUSTER_UPDATE", "CLUSTER_DELETE", + "CREATE_NAMESPACE", "NODEPOOL_CREATE", "NODEPOOL_UPDATE", "NODEPOOL_DELETE", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_resource.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_resource.go index 3c006ec493..c79a7234d6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_resource.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_resource.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_status.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_status.go index fe43bdbc0c..4c71155a61 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_status.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_status.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_summary.go index 13d0f6cadd..9f22598124 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/work_request_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -78,6 +78,7 @@ const ( WorkRequestSummaryOperationTypeClusterCreate WorkRequestOperationTypeEnum = "CLUSTER_CREATE" WorkRequestSummaryOperationTypeClusterUpdate WorkRequestOperationTypeEnum = "CLUSTER_UPDATE" WorkRequestSummaryOperationTypeClusterDelete WorkRequestOperationTypeEnum = "CLUSTER_DELETE" + WorkRequestSummaryOperationTypeCreateNamespace WorkRequestOperationTypeEnum = "CREATE_NAMESPACE" WorkRequestSummaryOperationTypeNodepoolCreate WorkRequestOperationTypeEnum = "NODEPOOL_CREATE" WorkRequestSummaryOperationTypeNodepoolUpdate WorkRequestOperationTypeEnum = "NODEPOOL_UPDATE" WorkRequestSummaryOperationTypeNodepoolDelete WorkRequestOperationTypeEnum = "NODEPOOL_DELETE" diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping.go index cff8d663dc..2c05a5e941 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -50,6 +50,10 @@ type WorkloadMapping struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Usage of system tag keys. These predefined keys are scoped to namespaces. + // Example: `{"orcl-cloud": {"free-tier-retained": "true"}}` + SystemTags map[string]map[string]interface{} `mandatory:"false" json:"systemTags"` } func (m WorkloadMapping) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_lifecycle_state.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_lifecycle_state.go index 0c1add9280..e86f9bf04e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_lifecycle_state.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_lifecycle_state.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_summary.go index ce8246b645..a284b3600e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/containerengine/workload_mapping_summary.go @@ -2,11 +2,11 @@ // This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. // Code generated. DO NOT EDIT. -// Container Engine for Kubernetes API +// Kubernetes Engine API // -// API for the Container Engine for Kubernetes service. Use this API to build, deploy, +// API for the Kubernetes Engine service (also known as the Container Engine for Kubernetes service). Use this API to build, deploy, // and manage cloud-native applications. For more information, see -// Overview of Container Engine for Kubernetes (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). +// Overview of Kubernetes Engine (https://docs.cloud.oracle.com/iaas/Content/ContEng/Concepts/contengoverview.htm). // package containerengine @@ -50,6 +50,10 @@ type WorkloadMappingSummary struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Usage of system tag keys. These predefined keys are scoped to namespaces. + // Example: `{"orcl-cloud": {"free-tier-retained": "true"}}` + SystemTags map[string]map[string]interface{} `mandatory:"false" json:"systemTags"` } func (m WorkloadMappingSummary) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_subnet_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_subnet_cidr_request_response.go index 1bd5cdf6ae..2b35f36f7e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_subnet_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_subnet_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/AddIpv6SubnetCidr.go.html to see an example of how to use AddIpv6SubnetCidrRequest. type AddIpv6SubnetCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // Details object for adding an IPv6 prefix to a subnet. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_vcn_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_vcn_cidr_request_response.go index 6f8940dc76..13142d7b89 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_vcn_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_ipv6_vcn_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/AddIpv6VcnCidr.go.html to see an example of how to use AddIpv6VcnCidrRequest. type AddIpv6VcnCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Unique identifier for the request. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_network_security_group_security_rules_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_network_security_group_security_rules_details.go index b2ea3f534b..b834932624 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_network_security_group_security_rules_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_network_security_group_security_rules_details.go @@ -24,7 +24,9 @@ import ( // AddNetworkSecurityGroupSecurityRulesDetails The representation of AddNetworkSecurityGroupSecurityRulesDetails type AddNetworkSecurityGroupSecurityRulesDetails struct { - // The NSG security rules to add. + // An array of security rules to add to the NSG. You can add up to 25 rules in a single + // `AddNetworkSecurityGroupSecurityRules` operation. + // Adding more than 25 rules requires multiple operations. SecurityRules []AddSecurityRuleDetails `mandatory:"false" json:"securityRules"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_vcn_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_vcn_cidr_request_response.go index 5269f22025..cbca6b6046 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/add_vcn_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/add_vcn_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/AddVcnCidr.go.html to see an example of how to use AddVcnCidrRequest. type AddVcnCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Details object for deleting a VCN CIDR. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_launch_instance_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_launch_instance_platform_config.go index 6a2b67fafa..c9dbdc8ced 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_launch_instance_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_launch_instance_platform_config.go @@ -36,6 +36,14 @@ type AmdVmLaunchInstancePlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_platform_config.go index dacccdd841..7d3605624f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/amd_vm_platform_config.go @@ -36,6 +36,14 @@ type AmdVmPlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_emulated_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_emulated_volume_details.go index 8c5b1e1891..691bcf0b26 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_emulated_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_emulated_volume_details.go @@ -25,10 +25,11 @@ import ( // AttachEmulatedVolumeDetails The representation of AttachEmulatedVolumeDetails type AttachEmulatedVolumeDetails struct { - // The OCID of the instance. + // The OCID of the instance. For AttachVolume operation, this is a required field for the request, + // see AttachVolume. InstanceId *string `mandatory:"true" json:"instanceId"` - // The OCID of the volume. + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. VolumeId *string `mandatory:"true" json:"volumeId"` // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_i_scsi_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_i_scsi_volume_details.go index a229fc1b89..a532e36f51 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_i_scsi_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_i_scsi_volume_details.go @@ -25,10 +25,11 @@ import ( // AttachIScsiVolumeDetails The representation of AttachIScsiVolumeDetails type AttachIScsiVolumeDetails struct { - // The OCID of the instance. + // The OCID of the instance. For AttachVolume operation, this is a required field for the request, + // see AttachVolume. InstanceId *string `mandatory:"true" json:"instanceId"` - // The OCID of the volume. + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. VolumeId *string `mandatory:"true" json:"volumeId"` // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_paravirtualized_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_paravirtualized_volume_details.go index 3fe5f07472..72080ae20b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_paravirtualized_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_paravirtualized_volume_details.go @@ -25,10 +25,11 @@ import ( // AttachParavirtualizedVolumeDetails The representation of AttachParavirtualizedVolumeDetails type AttachParavirtualizedVolumeDetails struct { - // The OCID of the instance. + // The OCID of the instance. For AttachVolume operation, this is a required field for the request, + // see AttachVolume. InstanceId *string `mandatory:"true" json:"instanceId"` - // The OCID of the volume. + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. VolumeId *string `mandatory:"true" json:"volumeId"` // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_service_determined_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_service_determined_volume_details.go index 515b21f9e1..00f3ebdb29 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_service_determined_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_service_determined_volume_details.go @@ -25,10 +25,11 @@ import ( // AttachServiceDeterminedVolumeDetails The representation of AttachServiceDeterminedVolumeDetails type AttachServiceDeterminedVolumeDetails struct { - // The OCID of the instance. + // The OCID of the instance. For AttachVolume operation, this is a required field for the request, + // see AttachVolume. InstanceId *string `mandatory:"true" json:"instanceId"` - // The OCID of the volume. + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. VolumeId *string `mandatory:"true" json:"volumeId"` // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_volume_details.go index 6a67ca6bd4..434334a903 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/attach_volume_details.go @@ -25,10 +25,11 @@ import ( // AttachVolumeDetails The representation of AttachVolumeDetails type AttachVolumeDetails interface { - // The OCID of the instance. + // The OCID of the instance. For AttachVolume operation, this is a required field for the request, + // see AttachVolume. GetInstanceId() *string - // The OCID of the volume. + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. GetVolumeId() *string // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go index 045fa2636f..9f1c4932ff 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica.go @@ -78,6 +78,11 @@ type BlockVolumeReplica struct { // The OCID of the volume group replica. VolumeGroupReplicaId *string `mandatory:"false" json:"volumeGroupReplicaId"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BlockVolumeReplica) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go index 8d1879205a..331dd5c8c2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_details.go @@ -31,6 +31,12 @@ type BlockVolumeReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region block volume replicas, which will be used in the destination region to encrypt the block volume replica's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m BlockVolumeReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go index d915126c87..7741877e1d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/block_volume_replica_info.go @@ -34,6 +34,11 @@ type BlockVolumeReplicaInfo struct { // The availability domain of the block volume replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BlockVolumeReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume.go index acacfacf27..5445e66b38 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume.go @@ -77,6 +77,9 @@ type BootVolume struct { // from the source boot volume or boot volume backup. IsHydrated *bool `mandatory:"false" json:"isHydrated"` + // The clusterPlacementGroup Id of the volume for volume placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The number of volume performance units (VPUs) that will be applied to this boot volume per GB, // representing the Block Volume service's elastic performance options. // See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) for more information. @@ -134,27 +137,28 @@ func (m BootVolume) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *BootVolume) UnmarshalJSON(data []byte) (e error) { model := struct { - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - SystemTags map[string]map[string]interface{} `json:"systemTags"` - DisplayName *string `json:"displayName"` - FreeformTags map[string]string `json:"freeformTags"` - ImageId *string `json:"imageId"` - IsHydrated *bool `json:"isHydrated"` - VpusPerGB *int64 `json:"vpusPerGB"` - SizeInGBs *int64 `json:"sizeInGBs"` - SourceDetails bootvolumesourcedetails `json:"sourceDetails"` - VolumeGroupId *string `json:"volumeGroupId"` - KmsKeyId *string `json:"kmsKeyId"` - IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` - AutoTunedVpusPerGB *int64 `json:"autoTunedVpusPerGB"` - BootVolumeReplicas []BootVolumeReplicaInfo `json:"bootVolumeReplicas"` - AutotunePolicies []autotunepolicy `json:"autotunePolicies"` - AvailabilityDomain *string `json:"availabilityDomain"` - CompartmentId *string `json:"compartmentId"` - Id *string `json:"id"` - LifecycleState BootVolumeLifecycleStateEnum `json:"lifecycleState"` - SizeInMBs *int64 `json:"sizeInMBs"` - TimeCreated *common.SDKTime `json:"timeCreated"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SystemTags map[string]map[string]interface{} `json:"systemTags"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + ImageId *string `json:"imageId"` + IsHydrated *bool `json:"isHydrated"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + VpusPerGB *int64 `json:"vpusPerGB"` + SizeInGBs *int64 `json:"sizeInGBs"` + SourceDetails bootvolumesourcedetails `json:"sourceDetails"` + VolumeGroupId *string `json:"volumeGroupId"` + KmsKeyId *string `json:"kmsKeyId"` + IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` + AutoTunedVpusPerGB *int64 `json:"autoTunedVpusPerGB"` + BootVolumeReplicas []BootVolumeReplicaInfo `json:"bootVolumeReplicas"` + AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + AvailabilityDomain *string `json:"availabilityDomain"` + CompartmentId *string `json:"compartmentId"` + Id *string `json:"id"` + LifecycleState BootVolumeLifecycleStateEnum `json:"lifecycleState"` + SizeInMBs *int64 `json:"sizeInMBs"` + TimeCreated *common.SDKTime `json:"timeCreated"` }{} e = json.Unmarshal(data, &model) @@ -174,6 +178,8 @@ func (m *BootVolume) UnmarshalJSON(data []byte) (e error) { m.IsHydrated = model.IsHydrated + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.VpusPerGB = model.VpusPerGB m.SizeInGBs = model.SizeInGBs diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_attachment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_attachment.go index b4eae79330..f13cea15c0 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_attachment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_attachment.go @@ -53,6 +53,10 @@ type BootVolumeAttachment struct { // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + // The date and time the boot volume attachment was updated, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). + // Example: `2016-08-25T21:10:29.600Z` + TimeUpdated *common.SDKTime `mandatory:"false" json:"timeUpdated"` + // Whether in-transit encryption for the boot volume's paravirtualized attachment is enabled or not. IsPvEncryptionInTransitEnabled *bool `mandatory:"false" json:"isPvEncryptionInTransitEnabled"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go index a18af18692..d8ab97e17f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica.go @@ -81,6 +81,11 @@ type BootVolumeReplica struct { // The OCID of the volume group replica. VolumeGroupReplicaId *string `mandatory:"false" json:"volumeGroupReplicaId"` + + // The OCID of the Vault service key to assign as the master encryption key for the boot volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BootVolumeReplica) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go index 566c56d208..ab139d2d48 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_details.go @@ -31,6 +31,12 @@ type BootVolumeReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region boot volume replicas, which will be used in the destination region to encrypt the boot volume replica's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m BootVolumeReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go index 9aa46150f3..62874afc2e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_replica_info.go @@ -34,6 +34,11 @@ type BootVolumeReplicaInfo struct { // The availability domain of the boot volume replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m BootVolumeReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go index ecaaf1e246..d4ac8635e9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_details.go @@ -68,6 +68,10 @@ func (m *bootvolumesourcedetails) UnmarshalPolymorphicJSON(data []byte) (interfa mm := BootVolumeSourceFromBootVolumeReplicaDetails{} err = json.Unmarshal(data, &mm) return mm, err + case "bootVolumeBackupDelta": + mm := BootVolumeSourceFromBootVolumeBackupDeltaDetails{} + err = json.Unmarshal(data, &mm) + return mm, err default: common.Logf("Recieved unsupported enum value for BootVolumeSourceDetails: %s.", m.Type) return *m, nil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go new file mode 100644 index 0000000000..a8b9fc2b1a --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/boot_volume_source_from_boot_volume_backup_delta_details.go @@ -0,0 +1,66 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// BootVolumeSourceFromBootVolumeBackupDeltaDetails Specifies the boot volume backups (first & second) and block size in bytes. +type BootVolumeSourceFromBootVolumeBackupDeltaDetails struct { + + // The OCID of the first boot volume backup. + FirstBackupId *string `mandatory:"true" json:"firstBackupId"` + + // The OCID of the second boot volume backup. + SecondBackupId *string `mandatory:"true" json:"secondBackupId"` + + // Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + ChangeBlockSizeInBytes *int64 `mandatory:"false" json:"changeBlockSizeInBytes"` +} + +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m BootVolumeSourceFromBootVolumeBackupDeltaDetails) MarshalJSON() (buff []byte, e error) { + type MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails BootVolumeSourceFromBootVolumeBackupDeltaDetails + s := struct { + DiscriminatorParam string `json:"type"` + MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails + }{ + "bootVolumeBackupDelta", + (MarshalTypeBootVolumeSourceFromBootVolumeBackupDeltaDetails)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/capacity_reservation_instance_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/capacity_reservation_instance_summary.go index 211aea7930..6a052b46dd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/capacity_reservation_instance_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/capacity_reservation_instance_summary.go @@ -41,6 +41,9 @@ type CapacityReservationInstanceSummary struct { // The fault domain the instance is running in. FaultDomain *string `mandatory:"false" json:"faultDomain"` + // The OCID of the cluster placement group of the instance. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + ShapeConfig *InstanceReservationShapeConfigDetails `mandatory:"false" json:"shapeConfig"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/change_subnet_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/change_subnet_compartment_request_response.go index 89fc5b1128..3a5fc53d33 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/change_subnet_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/change_subnet_compartment_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ChangeSubnetCompartment.go.html to see an example of how to use ChangeSubnetCompartmentRequest. type ChangeSubnetCompartmentRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // Request to change the compartment of a given subnet. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/change_vcn_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/change_vcn_compartment_request_response.go index 7d39acb44b..ad574f704f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/change_vcn_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/change_vcn_compartment_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ChangeVcnCompartment.go.html to see an example of how to use ChangeVcnCompartmentRequest. type ChangeVcnCompartmentRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Request to change the compartment of a given VCN. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/compute_cluster.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/compute_cluster.go index 9287aebfa6..237f55c718 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/compute_cluster.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/compute_cluster.go @@ -24,8 +24,7 @@ import ( // ComputeCluster A remote direct memory access (RDMA) network group. // A cluster network on a compute cluster (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/compute-clusters.htm) is a group of // high performance computing (HPC), GPU, or optimized instances that are connected with an ultra low-latency network. -// Use compute clusters when you want to manage instances in the cluster individually, or when you want -// to use different types of instances in the RDMA network group. +// Use compute clusters when you want to manage instances in the cluster individually in the RDMA network group. // For details about cluster networks that use instance pools to manage groups of identical instances, // see ClusterNetwork. type ComputeCluster struct { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/core_compute_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/core_compute_client.go index 74a647f19c..f8f5eddec2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/core_compute_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/core_compute_client.go @@ -1197,8 +1197,7 @@ func (client ComputeClient) createComputeCapacityTopology(ctx context.Context, r // After the compute cluster is created, you can use the compute cluster's OCID with the // LaunchInstance operation to create instances in the compute cluster. // The instances must be created in the same compartment and availability domain as the cluster. -// Use compute clusters when you want to manage instances in the cluster individually, or when you want -// to use different types of instances in the RDMA network group. +// Use compute clusters when you want to manage instances in the cluster individually in the RDMA network group. // If you want predictable capacity for a specific number of identical instances that are managed as a group, // create a cluster network that uses instance pools by using the // CreateClusterNetwork operation. @@ -3291,6 +3290,63 @@ func (client ComputeClient) getInstanceConsoleConnection(ctx context.Context, re return response, err } +// GetInstanceMaintenanceEvent Gets the maintenance event for the given instance. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetInstanceMaintenanceEvent.go.html to see an example of how to use GetInstanceMaintenanceEvent API. +func (client ComputeClient) GetInstanceMaintenanceEvent(ctx context.Context, request GetInstanceMaintenanceEventRequest) (response GetInstanceMaintenanceEventResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.getInstanceMaintenanceEvent, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = GetInstanceMaintenanceEventResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = GetInstanceMaintenanceEventResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(GetInstanceMaintenanceEventResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into GetInstanceMaintenanceEventResponse") + } + return +} + +// getInstanceMaintenanceEvent implements the OCIOperation interface (enables retrying operations) +func (client ComputeClient) getInstanceMaintenanceEvent(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/instanceMaintenanceEvents/{instanceMaintenanceEventId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response GetInstanceMaintenanceEventResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/InstanceMaintenanceEvent/GetInstanceMaintenanceEvent" + err = common.PostProcessServiceError(err, "Compute", "GetInstanceMaintenanceEvent", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // GetInstanceMaintenanceReboot Gets the maximum possible date that a maintenance reboot can be extended. For more information, see // Infrastructure Maintenance (https://docs.cloud.oracle.com/iaas/Content/Compute/References/infrastructure-maintenance.htm). // @@ -3702,6 +3758,11 @@ func (client ComputeClient) instanceAction(ctx context.Context, request common.O // Then, call CreateAppCatalogSubscription // with the signature. To get the image ID for the LaunchInstance operation, call // GetAppCatalogListingResourceVersion. +// When launching an instance, you may provide the `securityAttributes` parameter in +// LaunchInstanceDetails to manage security attributes via the instance, +// or in the embedded CreateVnicDetails to manage security attributes +// via the VNIC directly, but not both. Providing `securityAttributes` in both locations will return a +// 400 Bad Request response. // To determine whether capacity is available for a specific shape before you create an instance, // use the CreateComputeCapacityReport // operation. @@ -5163,6 +5224,63 @@ func (client ComputeClient) listInstanceDevices(ctx context.Context, request com return response, err } +// ListInstanceMaintenanceEvents Gets a list of all the maintenance events for the given instance. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ListInstanceMaintenanceEvents.go.html to see an example of how to use ListInstanceMaintenanceEvents API. +func (client ComputeClient) ListInstanceMaintenanceEvents(ctx context.Context, request ListInstanceMaintenanceEventsRequest) (response ListInstanceMaintenanceEventsResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.listInstanceMaintenanceEvents, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = ListInstanceMaintenanceEventsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = ListInstanceMaintenanceEventsResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(ListInstanceMaintenanceEventsResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into ListInstanceMaintenanceEventsResponse") + } + return +} + +// listInstanceMaintenanceEvents implements the OCIOperation interface (enables retrying operations) +func (client ComputeClient) listInstanceMaintenanceEvents(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/instanceMaintenanceEvents", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response ListInstanceMaintenanceEventsResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/InstanceMaintenanceEventSummary/ListInstanceMaintenanceEvents" + err = common.PostProcessServiceError(err, "Compute", "ListInstanceMaintenanceEvents", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // ListInstances Lists the instances in the specified compartment and the specified availability domain. // You can filter the results by specifying an instance name (the list will include all the identically-named // instances in the compartment). @@ -5478,6 +5596,8 @@ func (client ComputeClient) removeImageShapeCompatibilityEntry(ctx context.Conte // when the instance terminates. // To preserve the boot volume associated with the instance, specify `true` for `PreserveBootVolumeQueryParam`. // To delete the boot volume when the instance is deleted, specify `false` or do not specify a value for `PreserveBootVolumeQueryParam`. +// To preserve data volumes created with the instance, specify `true` or do not specify a value for `PreserveDataVolumesQueryParam`. +// To delete the data volumes when the instance itself is deleted, specify `false` for `PreserveDataVolumesQueryParam`. // This is an asynchronous operation. The instance's `lifecycleState` changes to TERMINATING temporarily // until the instance is completely deleted. After the instance is deleted, the record remains visible in the list of instances // with the state TERMINATED for at least 12 hours, but no further action is needed. @@ -6083,6 +6203,69 @@ func (client ComputeClient) updateInstanceConsoleConnection(ctx context.Context, return response, err } +// UpdateInstanceMaintenanceEvent Updates the maintenance event for the given instance. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/UpdateInstanceMaintenanceEvent.go.html to see an example of how to use UpdateInstanceMaintenanceEvent API. +// A default retry strategy applies to this operation UpdateInstanceMaintenanceEvent() +func (client ComputeClient) UpdateInstanceMaintenanceEvent(ctx context.Context, request UpdateInstanceMaintenanceEventRequest) (response UpdateInstanceMaintenanceEventResponse, err error) { + var ociResponse common.OCIResponse + policy := common.DefaultRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.updateInstanceMaintenanceEvent, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = UpdateInstanceMaintenanceEventResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = UpdateInstanceMaintenanceEventResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(UpdateInstanceMaintenanceEventResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into UpdateInstanceMaintenanceEventResponse") + } + return +} + +// updateInstanceMaintenanceEvent implements the OCIOperation interface (enables retrying operations) +func (client ComputeClient) updateInstanceMaintenanceEvent(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPut, "/instanceMaintenanceEvents/{instanceMaintenanceEventId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response UpdateInstanceMaintenanceEventResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/InstanceMaintenanceEvent/UpdateInstanceMaintenanceEvent" + err = common.PostProcessServiceError(err, "Compute", "UpdateInstanceMaintenanceEvent", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // UpdateVolumeAttachment Updates information about the specified volume attachment. // // # See also diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/core_virtualnetwork_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/core_virtualnetwork_client.go index 98970c6fe1..c8a277c014 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/core_virtualnetwork_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/core_virtualnetwork_client.go @@ -341,7 +341,7 @@ func (client VirtualNetworkClient) addIpv6VcnCidr(ctx context.Context, request c return response, err } -// AddNetworkSecurityGroupSecurityRules Adds one or more security rules to the specified network security group. +// AddNetworkSecurityGroupSecurityRules Adds up to 25 security rules to the specified network security group. Adding more than 25 rules requires multiple operations. // // # See also // @@ -3897,6 +3897,8 @@ func (client VirtualNetworkClient) createSecurityList(ctx context.Context, reque // For information about OCIDs, see Resource Identifiers (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm). // You may optionally specify a *display name* for the service gateway, otherwise a default is provided. // It does not have to be unique, and you can change it. Avoid entering confidential information. +// Use the ListServices operation to find service CIDR labels +// available in the region. // // # See also // @@ -8347,6 +8349,63 @@ func (client VirtualNetworkClient) getRemotePeeringConnection(ctx context.Contex return response, err } +// GetResourceIpInventory Gets the `IpInventory` resource. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetResourceIpInventory.go.html to see an example of how to use GetResourceIpInventory API. +func (client VirtualNetworkClient) GetResourceIpInventory(ctx context.Context, request GetResourceIpInventoryRequest) (response GetResourceIpInventoryResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.getResourceIpInventory, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = GetResourceIpInventoryResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = GetResourceIpInventoryResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(GetResourceIpInventoryResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into GetResourceIpInventoryResponse") + } + return +} + +// getResourceIpInventory implements the OCIOperation interface (enables retrying operations) +func (client VirtualNetworkClient) getResourceIpInventory(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/ipinventory/DataRequestId/{dataRequestId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response GetResourceIpInventoryResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/IpInventoryCollection/GetResourceIpInventory" + err = common.PostProcessServiceError(err, "VirtualNetwork", "GetResourceIpInventory", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // GetRouteTable Gets the specified route table's information. // // # See also @@ -8632,6 +8691,120 @@ func (client VirtualNetworkClient) getSubnet(ctx context.Context, request common return response, err } +// GetSubnetCidrUtilization Gets the CIDR utilization data of the specified subnet. Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm). +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetSubnetCidrUtilization.go.html to see an example of how to use GetSubnetCidrUtilization API. +func (client VirtualNetworkClient) GetSubnetCidrUtilization(ctx context.Context, request GetSubnetCidrUtilizationRequest) (response GetSubnetCidrUtilizationResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.getSubnetCidrUtilization, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = GetSubnetCidrUtilizationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = GetSubnetCidrUtilizationResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(GetSubnetCidrUtilizationResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into GetSubnetCidrUtilizationResponse") + } + return +} + +// getSubnetCidrUtilization implements the OCIOperation interface (enables retrying operations) +func (client VirtualNetworkClient) getSubnetCidrUtilization(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/ipInventory/subnets/{subnetId}/cidrs", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response GetSubnetCidrUtilizationResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/IpInventoryCidrUtilizationCollection/GetSubnetCidrUtilization" + err = common.PostProcessServiceError(err, "VirtualNetwork", "GetSubnetCidrUtilization", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// GetSubnetIpInventory Gets the IP Inventory data of the specified subnet. Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm). +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetSubnetIpInventory.go.html to see an example of how to use GetSubnetIpInventory API. +func (client VirtualNetworkClient) GetSubnetIpInventory(ctx context.Context, request GetSubnetIpInventoryRequest) (response GetSubnetIpInventoryResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.getSubnetIpInventory, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = GetSubnetIpInventoryResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = GetSubnetIpInventoryResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(GetSubnetIpInventoryResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into GetSubnetIpInventoryResponse") + } + return +} + +// getSubnetIpInventory implements the OCIOperation interface (enables retrying operations) +func (client VirtualNetworkClient) getSubnetIpInventory(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodGet, "/ipInventory/subnets/{subnetId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response GetSubnetIpInventoryResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/IpInventorySubnetResourceCollection/GetSubnetIpInventory" + err = common.PostProcessServiceError(err, "VirtualNetwork", "GetSubnetIpInventory", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // GetSubnetTopology Gets a topology for a given subnet. // // # See also @@ -8993,6 +9166,68 @@ func (client VirtualNetworkClient) getVcnDnsResolverAssociation(ctx context.Cont return response, err } +// GetVcnOverlap Gets the CIDR overlap information of the specified VCN in selected compartments. Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm). +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetVcnOverlap.go.html to see an example of how to use GetVcnOverlap API. +func (client VirtualNetworkClient) GetVcnOverlap(ctx context.Context, request GetVcnOverlapRequest) (response GetVcnOverlapResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.getVcnOverlap, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = GetVcnOverlapResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = GetVcnOverlapResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(GetVcnOverlapResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into GetVcnOverlapResponse") + } + return +} + +// getVcnOverlap implements the OCIOperation interface (enables retrying operations) +func (client VirtualNetworkClient) getVcnOverlap(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/ipInventory/vcns/{vcnId}/overlaps", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response GetVcnOverlapResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/IpInventoryVcnOverlapCollection/GetVcnOverlap" + err = common.PostProcessServiceError(err, "VirtualNetwork", "GetVcnOverlap", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // GetVcnTopology Gets a virtual network topology for a given VCN. // // # See also @@ -10756,6 +10991,63 @@ func (client VirtualNetworkClient) listInternetGateways(ctx context.Context, req return response, err } +// ListIpInventory Lists the IP Inventory information in the selected compartments. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ListIpInventory.go.html to see an example of how to use ListIpInventory API. +func (client VirtualNetworkClient) ListIpInventory(ctx context.Context, request ListIpInventoryRequest) (response ListIpInventoryResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.listIpInventory, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = ListIpInventoryResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = ListIpInventoryResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(ListIpInventoryResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into ListIpInventoryResponse") + } + return +} + +// listIpInventory implements the OCIOperation interface (enables retrying operations) +func (client VirtualNetworkClient) listIpInventory(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/ipInventory", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response ListIpInventoryResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/iaas/20160918/IpInventoryCollection/ListIpInventory" + err = common.PostProcessServiceError(err, "VirtualNetwork", "ListIpInventory", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // ListIpv6s Lists the Ipv6 objects based // on one of these filters: // - Subnet OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm). @@ -11776,7 +12068,7 @@ func (client VirtualNetworkClient) listVirtualCircuitAssociatedTunnels(ctx conte return response, err } -// ListVirtualCircuitBandwidthShapes The deprecated operation lists available bandwidth levels for virtual circuits. For the compartment ID, provide the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of your tenancy (the root compartment). +// ListVirtualCircuitBandwidthShapes The operation lists available bandwidth levels for virtual circuits. For the compartment ID, provide the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of your tenancy (the root compartment). // // # See also // diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go index 63c98b618f..e29f505e14 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_boot_volume_details.go @@ -59,6 +59,9 @@ type CreateBootVolumeDetails struct { // The size of the volume in GBs. SizeInGBs *int64 `mandatory:"false" json:"sizeInGBs"` + // The clusterPlacementGroup Id of the volume for volume placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The number of volume performance units (VPUs) that will be applied to this volume per GB, // representing the Block Volume service's elastic performance options. // See Block Volume Performance Levels (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/blockvolumeperformance.htm#perf_levels) for more information. @@ -79,6 +82,12 @@ type CreateBootVolumeDetails struct { // The list of autotune policies to be enabled for this volume. AutotunePolicies []AutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateBootVolumeDetails) String() string { @@ -100,19 +109,21 @@ func (m CreateBootVolumeDetails) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *CreateBootVolumeDetails) UnmarshalJSON(data []byte) (e error) { model := struct { - AvailabilityDomain *string `json:"availabilityDomain"` - BackupPolicyId *string `json:"backupPolicyId"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - DisplayName *string `json:"displayName"` - FreeformTags map[string]string `json:"freeformTags"` - KmsKeyId *string `json:"kmsKeyId"` - SizeInGBs *int64 `json:"sizeInGBs"` - VpusPerGB *int64 `json:"vpusPerGB"` - IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` - BootVolumeReplicas []BootVolumeReplicaDetails `json:"bootVolumeReplicas"` - AutotunePolicies []autotunepolicy `json:"autotunePolicies"` - CompartmentId *string `json:"compartmentId"` - SourceDetails bootvolumesourcedetails `json:"sourceDetails"` + AvailabilityDomain *string `json:"availabilityDomain"` + BackupPolicyId *string `json:"backupPolicyId"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + KmsKeyId *string `json:"kmsKeyId"` + SizeInGBs *int64 `json:"sizeInGBs"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + VpusPerGB *int64 `json:"vpusPerGB"` + IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` + BootVolumeReplicas []BootVolumeReplicaDetails `json:"bootVolumeReplicas"` + AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` + CompartmentId *string `json:"compartmentId"` + SourceDetails bootvolumesourcedetails `json:"sourceDetails"` }{} e = json.Unmarshal(data, &model) @@ -134,6 +145,8 @@ func (m *CreateBootVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.SizeInGBs = model.SizeInGBs + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.VpusPerGB = model.VpusPerGB m.IsAutoTuneEnabled = model.IsAutoTuneEnabled @@ -152,6 +165,8 @@ func (m *CreateBootVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + m.CompartmentId = model.CompartmentId nn, e = model.SourceDetails.UnmarshalPolymorphicJSON(model.SourceDetails.JsonData) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_details.go index 0e9e49c0c5..b7b6024f4c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_details.go @@ -26,8 +26,7 @@ import ( // After the compute cluster is created, you can use the compute cluster's OCID with the // LaunchInstance operation to create instances in the compute cluster. // The instances must be created in the same compartment and availability domain as the cluster. -// Use compute clusters when you want to manage instances in the cluster individually, or when you want -// to use different types of instances in the RDMA network group. +// Use compute clusters when you want to manage instances in the cluster individually in the RDMA network group. // For details about creating a cluster network that uses instance pools to manage groups of identical instances, // see CreateClusterNetworkDetails. type CreateComputeClusterDetails struct { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_request_response.go index 6a664265e0..29eeaba50e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_compute_cluster_request_response.go @@ -23,8 +23,7 @@ type CreateComputeClusterRequest struct { // After the compute cluster is created, you can use the compute cluster's OCID with the // LaunchInstance operation to create instances in the compute cluster. // The instances must be created in the same compartment and availability domain as the cluster. - // Use compute clusters when you want to manage instances in the cluster individually, or when you want - // to use different types of instances in the RDMA network group. + // Use compute clusters when you want to manage instances in the cluster individually in the RDMA network group. // For details about creating a cluster network that uses instance pools to manage groups of identical instances, // see CreateClusterNetworkDetails. CreateComputeClusterDetails `contributesTo:"body"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_drg_route_distribution_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_drg_route_distribution_details.go index e6b2a2400a..1b3ea57bc6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_drg_route_distribution_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_drg_route_distribution_details.go @@ -27,7 +27,7 @@ type CreateDrgRouteDistributionDetails struct { // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the DRG the DRG route table belongs to. DrgId *string `mandatory:"true" json:"drgId"` - // Whether this distribution defines how routes get imported into route tables or exported through DRG Attachments + // Whether this distribution defines how routes get imported into route tables or exported through DRG attachments. DistributionType CreateDrgRouteDistributionDetailsDistributionTypeEnum `mandatory:"true" json:"distributionType"` // Defined tags for this resource. Each key is predefined and scoped to a diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_image_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_image_details.go index d235f8b237..050ac558c4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_image_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_image_details.go @@ -50,7 +50,7 @@ type CreateImageDetails struct { InstanceId *string `mandatory:"false" json:"instanceId"` // Specifies the configuration mode for launching virtual machine (VM) instances. The configuration modes are: - // * `NATIVE` - VM instances launch with paravirtualized boot and VFIO devices. The default value for platform images. + // * `NATIVE` - VM instances launch with iSCSI boot and VFIO devices. The default value for platform images. // * `EMULATED` - VM instances launch with emulated devices, such as the E1000 network driver and emulated SCSI disk controller. // * `PARAVIRTUALIZED` - VM instances launch with paravirtualized devices using VirtIO drivers. // * `CUSTOM` - VM instances launch with custom configuration settings specified in the `LaunchOptions` parameter. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_service_gateway_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_service_gateway_details.go index ce1e66a045..cf468a88b5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_service_gateway_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_service_gateway_details.go @@ -24,7 +24,7 @@ import ( // CreateServiceGatewayDetails The representation of CreateServiceGatewayDetails type CreateServiceGatewayDetails struct { - // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the compartment to contain the service gateway. + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the compartment to contain the service gateway. CompartmentId *string `mandatory:"true" json:"compartmentId"` // List of the OCIDs of the Service objects to diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vcn_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vcn_details.go index 1fe7bf89bf..ca592b1b42 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vcn_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vcn_details.go @@ -80,6 +80,10 @@ type CreateVcnDetails struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // Whether IPv6 is enabled for the VCN. Default is `false`. // If enabled, Oracle will assign the VCN a IPv6 /56 CIDR block. // You may skip having Oracle allocate the VCN a IPv6 /56 CIDR block by setting isOracleGuaAllocationEnabled to `false`. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vnic_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vnic_details.go index 5d26ff5943..b74834cb79 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vnic_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_vnic_details.go @@ -75,21 +75,25 @@ type CreateVnicDetails struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // The hostname for the VNIC's primary private IP. Used for DNS. The value is the hostname // portion of the primary private IP's fully qualified domain name (FQDN) // (for example, `bminstance1` in FQDN `bminstance1.subnet123.vcn1.oraclevcn.com`). // Must be unique across all VNICs in the subnet and comply with // RFC 952 (https://tools.ietf.org/html/rfc952) and // RFC 1123 (https://tools.ietf.org/html/rfc1123). - // The value appears in the Vnic object and also the - // PrivateIp object returned by - // ListPrivateIps and - // GetPrivateIp. + // The value appears in the `Vnic` object and also the + // `PrivateIp` object returned by + // `ListPrivateIps` and + // `GetPrivateIp`. // For more information, see // DNS in Your Virtual Cloud Network (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/dns.htm). // When launching an instance, use this `hostnameLabel` instead // of the deprecated `hostnameLabel` in - // LaunchInstanceDetails. + // `LaunchInstanceDetails`. // If you provide both, the values must match. // Example: `bminstance1` // If you specify a `vlanId`, the `hostnameLabel` cannot be specified. VNICs on a VLAN @@ -115,10 +119,10 @@ type CreateVnicDetails struct { // available IP address within the subnet's CIDR. If you don't specify a // value, Oracle automatically assigns a private IP address from the subnet. // This is the VNIC's *primary* private IP address. The value appears in - // the Vnic object and also the - // PrivateIp object returned by - // ListPrivateIps and - // GetPrivateIp. + // the `Vnic` object and also the + // `PrivateIp` object returned by + // `ListPrivateIps` and + // `GetPrivateIp`. // // If you specify a `vlanId`, the `privateIp` cannot be specified. // See Vlan. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go index fb2fa2471c..c3fc3f6950 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_backup_policy_assignment_details.go @@ -29,6 +29,12 @@ type CreateVolumeBackupPolicyAssignmentDetails struct { // The OCID of the volume backup policy to assign to the volume. PolicyId *string `mandatory:"true" json:"policyId"` + + // The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeBackupPolicyAssignmentDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go index 30a0d6f914..977ac058d2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_details.go @@ -66,6 +66,9 @@ type CreateVolumeDetails struct { // For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. VpusPerGB *int64 `mandatory:"false" json:"vpusPerGB"` + // The clusterPlacementGroup Id of the volume for volume placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The size of the volume in GBs. SizeInGBs *int64 `mandatory:"false" json:"sizeInGBs"` @@ -90,6 +93,12 @@ type CreateVolumeDetails struct { // The list of autotune policies to be enabled for this volume. AutotunePolicies []AutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeDetails) String() string { @@ -111,21 +120,23 @@ func (m CreateVolumeDetails) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *CreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { model := struct { - AvailabilityDomain *string `json:"availabilityDomain"` - BackupPolicyId *string `json:"backupPolicyId"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - DisplayName *string `json:"displayName"` - FreeformTags map[string]string `json:"freeformTags"` - KmsKeyId *string `json:"kmsKeyId"` - VpusPerGB *int64 `json:"vpusPerGB"` - SizeInGBs *int64 `json:"sizeInGBs"` - SizeInMBs *int64 `json:"sizeInMBs"` - SourceDetails volumesourcedetails `json:"sourceDetails"` - VolumeBackupId *string `json:"volumeBackupId"` - IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` - BlockVolumeReplicas []BlockVolumeReplicaDetails `json:"blockVolumeReplicas"` - AutotunePolicies []autotunepolicy `json:"autotunePolicies"` - CompartmentId *string `json:"compartmentId"` + AvailabilityDomain *string `json:"availabilityDomain"` + BackupPolicyId *string `json:"backupPolicyId"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + KmsKeyId *string `json:"kmsKeyId"` + VpusPerGB *int64 `json:"vpusPerGB"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + SizeInGBs *int64 `json:"sizeInGBs"` + SizeInMBs *int64 `json:"sizeInMBs"` + SourceDetails volumesourcedetails `json:"sourceDetails"` + VolumeBackupId *string `json:"volumeBackupId"` + IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` + BlockVolumeReplicas []BlockVolumeReplicaDetails `json:"blockVolumeReplicas"` + AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` + CompartmentId *string `json:"compartmentId"` }{} e = json.Unmarshal(data, &model) @@ -147,6 +158,8 @@ func (m *CreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.VpusPerGB = model.VpusPerGB + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.SizeInGBs = model.SizeInGBs m.SizeInMBs = model.SizeInMBs @@ -179,6 +192,8 @@ func (m *CreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + m.CompartmentId = model.CompartmentId return diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go index aec6f14219..9f2af6b3ce 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/create_volume_group_details.go @@ -54,6 +54,15 @@ type CreateVolumeGroupDetails struct { // The list of volume group replicas that this volume group will be enabled to have // in the specified destination availability domains. VolumeGroupReplicas []VolumeGroupReplicaDetails `mandatory:"false" json:"volumeGroupReplicas"` + + // The clusterPlacementGroup Id of the volume group for volume group placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + + // The OCID of the Vault service key which is the master encryption key for the volume's cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m CreateVolumeGroupDetails) String() string { @@ -75,14 +84,16 @@ func (m CreateVolumeGroupDetails) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *CreateVolumeGroupDetails) UnmarshalJSON(data []byte) (e error) { model := struct { - BackupPolicyId *string `json:"backupPolicyId"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - DisplayName *string `json:"displayName"` - FreeformTags map[string]string `json:"freeformTags"` - VolumeGroupReplicas []VolumeGroupReplicaDetails `json:"volumeGroupReplicas"` - AvailabilityDomain *string `json:"availabilityDomain"` - CompartmentId *string `json:"compartmentId"` - SourceDetails volumegroupsourcedetails `json:"sourceDetails"` + BackupPolicyId *string `json:"backupPolicyId"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + VolumeGroupReplicas []VolumeGroupReplicaDetails `json:"volumeGroupReplicas"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` + AvailabilityDomain *string `json:"availabilityDomain"` + CompartmentId *string `json:"compartmentId"` + SourceDetails volumegroupsourcedetails `json:"sourceDetails"` }{} e = json.Unmarshal(data, &model) @@ -100,6 +111,10 @@ func (m *CreateVolumeGroupDetails) UnmarshalJSON(data []byte) (e error) { m.VolumeGroupReplicas = make([]VolumeGroupReplicaDetails, len(model.VolumeGroupReplicas)) copy(m.VolumeGroupReplicas, model.VolumeGroupReplicas) + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + + m.XrcKmsKeyId = model.XrcKmsKeyId + m.AvailabilityDomain = model.AvailabilityDomain m.CompartmentId = model.CompartmentId diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_subnet_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_subnet_request_response.go index c86b7364d3..9014368289 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_subnet_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_subnet_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/DeleteSubnet.go.html to see an example of how to use DeleteSubnetRequest. type DeleteSubnetRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_vcn_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_vcn_request_response.go index e6b1f99c7b..51af00a092 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_vcn_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/delete_vcn_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/DeleteVcn.go.html to see an example of how to use DeleteVcnRequest. type DeleteVcnRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/emulated_volume_attachment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/emulated_volume_attachment.go index 00a35ebe3b..69c9b62cc0 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/emulated_volume_attachment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/emulated_volume_attachment.go @@ -67,6 +67,10 @@ type EmulatedVolumeAttachment struct { // Whether the Iscsi or Paravirtualized attachment is multipath or not, it is not applicable to NVMe attachment. IsMultipath *bool `mandatory:"false" json:"isMultipath"` + // Flag indicating if this volume was created for the customer as part of a simplified launch. + // Used to determine whether the volume requires deletion on instance termination. + IsVolumeCreatedDuringLaunch *bool `mandatory:"false" json:"isVolumeCreatedDuringLaunch"` + // The current state of the volume attachment. LifecycleState VolumeAttachmentLifecycleStateEnum `mandatory:"true" json:"lifecycleState"` @@ -145,6 +149,11 @@ func (m EmulatedVolumeAttachment) GetIscsiLoginState() VolumeAttachmentIscsiLogi return m.IscsiLoginState } +// GetIsVolumeCreatedDuringLaunch returns IsVolumeCreatedDuringLaunch +func (m EmulatedVolumeAttachment) GetIsVolumeCreatedDuringLaunch() *bool { + return m.IsVolumeCreatedDuringLaunch +} + func (m EmulatedVolumeAttachment) String() string { return common.PointerString(m) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_instance_maintenance_event_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_instance_maintenance_event_request_response.go new file mode 100644 index 0000000000..aa192f1695 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_instance_maintenance_event_request_response.go @@ -0,0 +1,94 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// GetInstanceMaintenanceEventRequest wrapper for the GetInstanceMaintenanceEvent operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetInstanceMaintenanceEvent.go.html to see an example of how to use GetInstanceMaintenanceEventRequest. +type GetInstanceMaintenanceEventRequest struct { + + // The OCID of the instance maintenance event. + InstanceMaintenanceEventId *string `mandatory:"true" contributesTo:"path" name:"instanceMaintenanceEventId"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request GetInstanceMaintenanceEventRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request GetInstanceMaintenanceEventRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request GetInstanceMaintenanceEventRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request GetInstanceMaintenanceEventRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request GetInstanceMaintenanceEventRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// GetInstanceMaintenanceEventResponse wrapper for the GetInstanceMaintenanceEvent operation +type GetInstanceMaintenanceEventResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The InstanceMaintenanceEvent instance + InstanceMaintenanceEvent `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If you need to contact + // Oracle about a particular request, please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response GetInstanceMaintenanceEventResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response GetInstanceMaintenanceEventResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_subnet_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_subnet_request_response.go index f933b908ac..429d1260aa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_subnet_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_subnet_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetSubnet.go.html to see an example of how to use GetSubnetRequest. type GetSubnetRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // Unique Oracle-assigned identifier for the request. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_dns_resolver_association_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_dns_resolver_association_request_response.go index e05426d833..12faf25b35 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_dns_resolver_association_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_dns_resolver_association_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetVcnDnsResolverAssociation.go.html to see an example of how to use GetVcnDnsResolverAssociationRequest. type GetVcnDnsResolverAssociationRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Unique identifier for the request. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_request_response.go index cae4bd30bc..7be8c56ea5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/get_vcn_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/GetVcn.go.html to see an example of how to use GetVcnRequest. type GetVcnRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Unique Oracle-assigned identifier for the request. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/i_scsi_volume_attachment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/i_scsi_volume_attachment.go index 5250d489df..8bd2559106 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/i_scsi_volume_attachment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/i_scsi_volume_attachment.go @@ -80,6 +80,10 @@ type IScsiVolumeAttachment struct { // Whether the Iscsi or Paravirtualized attachment is multipath or not, it is not applicable to NVMe attachment. IsMultipath *bool `mandatory:"false" json:"isMultipath"` + // Flag indicating if this volume was created for the customer as part of a simplified launch. + // Used to determine whether the volume requires deletion on instance termination. + IsVolumeCreatedDuringLaunch *bool `mandatory:"false" json:"isVolumeCreatedDuringLaunch"` + // The Challenge-Handshake-Authentication-Protocol (CHAP) secret // valid for the associated CHAP user name. // (Also called the "CHAP password".) @@ -178,6 +182,11 @@ func (m IScsiVolumeAttachment) GetIscsiLoginState() VolumeAttachmentIscsiLoginSt return m.IscsiLoginState } +// GetIsVolumeCreatedDuringLaunch returns IsVolumeCreatedDuringLaunch +func (m IScsiVolumeAttachment) GetIsVolumeCreatedDuringLaunch() *bool { + return m.IsVolumeCreatedDuringLaunch +} + func (m IScsiVolumeAttachment) String() string { return common.PointerString(m) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance.go index c2394d10f5..ecbabf6164 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance.go @@ -75,6 +75,9 @@ type Instance struct { // For more information, see Capacity Reservations (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/reserve-capacity.htm#default). CapacityReservationId *string `mandatory:"false" json:"capacityReservationId"` + // The OCID of the cluster placement group of the instance. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The OCID of the dedicated virtual machine host that the instance is placed on. DedicatedVmHostId *string `mandatory:"false" json:"dedicatedVmHostId"` @@ -83,6 +86,13 @@ type Instance struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + + // The lifecycle state of the `securityAttributes` + SecurityAttributesState InstanceSecurityAttributesStateEnum `mandatory:"false" json:"securityAttributesState,omitempty"` + // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` @@ -192,6 +202,9 @@ func (m Instance) ValidateEnumValue() (bool, error) { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetInstanceLifecycleStateEnumStringValues(), ","))) } + if _, ok := GetMappingInstanceSecurityAttributesStateEnum(string(m.SecurityAttributesState)); !ok && m.SecurityAttributesState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SecurityAttributesState: %s. Supported values are: %s.", m.SecurityAttributesState, strings.Join(GetInstanceSecurityAttributesStateEnumStringValues(), ","))) + } if _, ok := GetMappingInstanceLaunchModeEnum(string(m.LaunchMode)); !ok && m.LaunchMode != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LaunchMode: %s. Supported values are: %s.", m.LaunchMode, strings.Join(GetInstanceLaunchModeEnumStringValues(), ","))) } @@ -204,36 +217,39 @@ func (m Instance) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *Instance) UnmarshalJSON(data []byte) (e error) { model := struct { - CapacityReservationId *string `json:"capacityReservationId"` - DedicatedVmHostId *string `json:"dedicatedVmHostId"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - DisplayName *string `json:"displayName"` - ExtendedMetadata map[string]interface{} `json:"extendedMetadata"` - FaultDomain *string `json:"faultDomain"` - FreeformTags map[string]string `json:"freeformTags"` - ImageId *string `json:"imageId"` - IpxeScript *string `json:"ipxeScript"` - LaunchMode InstanceLaunchModeEnum `json:"launchMode"` - LaunchOptions *LaunchOptions `json:"launchOptions"` - InstanceOptions *InstanceOptions `json:"instanceOptions"` - AvailabilityConfig *InstanceAvailabilityConfig `json:"availabilityConfig"` - PreemptibleInstanceConfig *PreemptibleInstanceConfigDetails `json:"preemptibleInstanceConfig"` - Metadata map[string]string `json:"metadata"` - ShapeConfig *InstanceShapeConfig `json:"shapeConfig"` - IsCrossNumaNode *bool `json:"isCrossNumaNode"` - SourceDetails instancesourcedetails `json:"sourceDetails"` - SystemTags map[string]map[string]interface{} `json:"systemTags"` - AgentConfig *InstanceAgentConfig `json:"agentConfig"` - TimeMaintenanceRebootDue *common.SDKTime `json:"timeMaintenanceRebootDue"` - PlatformConfig platformconfig `json:"platformConfig"` - InstanceConfigurationId *string `json:"instanceConfigurationId"` - AvailabilityDomain *string `json:"availabilityDomain"` - CompartmentId *string `json:"compartmentId"` - Id *string `json:"id"` - LifecycleState InstanceLifecycleStateEnum `json:"lifecycleState"` - Region *string `json:"region"` - Shape *string `json:"shape"` - TimeCreated *common.SDKTime `json:"timeCreated"` + CapacityReservationId *string `json:"capacityReservationId"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + DedicatedVmHostId *string `json:"dedicatedVmHostId"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SecurityAttributes map[string]map[string]interface{} `json:"securityAttributes"` + SecurityAttributesState InstanceSecurityAttributesStateEnum `json:"securityAttributesState"` + DisplayName *string `json:"displayName"` + ExtendedMetadata map[string]interface{} `json:"extendedMetadata"` + FaultDomain *string `json:"faultDomain"` + FreeformTags map[string]string `json:"freeformTags"` + ImageId *string `json:"imageId"` + IpxeScript *string `json:"ipxeScript"` + LaunchMode InstanceLaunchModeEnum `json:"launchMode"` + LaunchOptions *LaunchOptions `json:"launchOptions"` + InstanceOptions *InstanceOptions `json:"instanceOptions"` + AvailabilityConfig *InstanceAvailabilityConfig `json:"availabilityConfig"` + PreemptibleInstanceConfig *PreemptibleInstanceConfigDetails `json:"preemptibleInstanceConfig"` + Metadata map[string]string `json:"metadata"` + ShapeConfig *InstanceShapeConfig `json:"shapeConfig"` + IsCrossNumaNode *bool `json:"isCrossNumaNode"` + SourceDetails instancesourcedetails `json:"sourceDetails"` + SystemTags map[string]map[string]interface{} `json:"systemTags"` + AgentConfig *InstanceAgentConfig `json:"agentConfig"` + TimeMaintenanceRebootDue *common.SDKTime `json:"timeMaintenanceRebootDue"` + PlatformConfig platformconfig `json:"platformConfig"` + InstanceConfigurationId *string `json:"instanceConfigurationId"` + AvailabilityDomain *string `json:"availabilityDomain"` + CompartmentId *string `json:"compartmentId"` + Id *string `json:"id"` + LifecycleState InstanceLifecycleStateEnum `json:"lifecycleState"` + Region *string `json:"region"` + Shape *string `json:"shape"` + TimeCreated *common.SDKTime `json:"timeCreated"` }{} e = json.Unmarshal(data, &model) @@ -243,10 +259,16 @@ func (m *Instance) UnmarshalJSON(data []byte) (e error) { var nn interface{} m.CapacityReservationId = model.CapacityReservationId + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.DedicatedVmHostId = model.DedicatedVmHostId m.DefinedTags = model.DefinedTags + m.SecurityAttributes = model.SecurityAttributes + + m.SecurityAttributesState = model.SecurityAttributesState + m.DisplayName = model.DisplayName m.ExtendedMetadata = model.ExtendedMetadata @@ -320,6 +342,48 @@ func (m *Instance) UnmarshalJSON(data []byte) (e error) { return } +// InstanceSecurityAttributesStateEnum Enum with underlying type: string +type InstanceSecurityAttributesStateEnum string + +// Set of constants representing the allowable values for InstanceSecurityAttributesStateEnum +const ( + InstanceSecurityAttributesStateStable InstanceSecurityAttributesStateEnum = "STABLE" + InstanceSecurityAttributesStateUpdating InstanceSecurityAttributesStateEnum = "UPDATING" +) + +var mappingInstanceSecurityAttributesStateEnum = map[string]InstanceSecurityAttributesStateEnum{ + "STABLE": InstanceSecurityAttributesStateStable, + "UPDATING": InstanceSecurityAttributesStateUpdating, +} + +var mappingInstanceSecurityAttributesStateEnumLowerCase = map[string]InstanceSecurityAttributesStateEnum{ + "stable": InstanceSecurityAttributesStateStable, + "updating": InstanceSecurityAttributesStateUpdating, +} + +// GetInstanceSecurityAttributesStateEnumValues Enumerates the set of values for InstanceSecurityAttributesStateEnum +func GetInstanceSecurityAttributesStateEnumValues() []InstanceSecurityAttributesStateEnum { + values := make([]InstanceSecurityAttributesStateEnum, 0) + for _, v := range mappingInstanceSecurityAttributesStateEnum { + values = append(values, v) + } + return values +} + +// GetInstanceSecurityAttributesStateEnumStringValues Enumerates the set of values in String for InstanceSecurityAttributesStateEnum +func GetInstanceSecurityAttributesStateEnumStringValues() []string { + return []string{ + "STABLE", + "UPDATING", + } +} + +// GetMappingInstanceSecurityAttributesStateEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceSecurityAttributesStateEnum(val string) (InstanceSecurityAttributesStateEnum, bool) { + enum, ok := mappingInstanceSecurityAttributesStateEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + // InstanceLaunchModeEnum Enum with underlying type: string type InstanceLaunchModeEnum string diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_amd_vm_launch_instance_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_amd_vm_launch_instance_platform_config.go index 383194c081..856c43d8f5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_amd_vm_launch_instance_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_amd_vm_launch_instance_platform_config.go @@ -36,6 +36,14 @@ type InstanceConfigurationAmdVmLaunchInstancePlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_vnic_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_vnic_details.go index 7a3fbd634d..f9e54dca1e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_vnic_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_vnic_details.go @@ -54,6 +54,10 @@ type InstanceConfigurationCreateVnicDetails struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // A list of IPv6 prefixes from which the VNIC should be assigned an IPv6 address. // You can provide only the prefix and OCI selects an available // address from the range. You can optionally choose to leave the prefix range empty diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go index abc5193303..d14942c873 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_create_volume_details.go @@ -73,6 +73,9 @@ type InstanceConfigurationCreateVolumeDetails struct { // For performance autotune enabled volumes, it would be the Default(Minimum) VPUs/GB. VpusPerGB *int64 `mandatory:"false" json:"vpusPerGB"` + // The clusterPlacementGroup Id of the volume for volume placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The size of the volume in GBs. SizeInGBs *int64 `mandatory:"false" json:"sizeInGBs"` @@ -80,6 +83,12 @@ type InstanceConfigurationCreateVolumeDetails struct { // The list of autotune policies enabled for this volume. AutotunePolicies []InstanceConfigurationAutotunePolicy `mandatory:"false" json:"autotunePolicies"` + + // The OCID of the Vault service key which is the master encryption key for the block volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m InstanceConfigurationCreateVolumeDetails) String() string { @@ -101,19 +110,21 @@ func (m InstanceConfigurationCreateVolumeDetails) ValidateEnumValue() (bool, err // UnmarshalJSON unmarshals from json func (m *InstanceConfigurationCreateVolumeDetails) UnmarshalJSON(data []byte) (e error) { model := struct { - AvailabilityDomain *string `json:"availabilityDomain"` - BackupPolicyId *string `json:"backupPolicyId"` - CompartmentId *string `json:"compartmentId"` - IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` - BlockVolumeReplicas []InstanceConfigurationBlockVolumeReplicaDetails `json:"blockVolumeReplicas"` - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - DisplayName *string `json:"displayName"` - FreeformTags map[string]string `json:"freeformTags"` - KmsKeyId *string `json:"kmsKeyId"` - VpusPerGB *int64 `json:"vpusPerGB"` - SizeInGBs *int64 `json:"sizeInGBs"` - SourceDetails instanceconfigurationvolumesourcedetails `json:"sourceDetails"` - AutotunePolicies []instanceconfigurationautotunepolicy `json:"autotunePolicies"` + AvailabilityDomain *string `json:"availabilityDomain"` + BackupPolicyId *string `json:"backupPolicyId"` + CompartmentId *string `json:"compartmentId"` + IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` + BlockVolumeReplicas []InstanceConfigurationBlockVolumeReplicaDetails `json:"blockVolumeReplicas"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + KmsKeyId *string `json:"kmsKeyId"` + VpusPerGB *int64 `json:"vpusPerGB"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + SizeInGBs *int64 `json:"sizeInGBs"` + SourceDetails instanceconfigurationvolumesourcedetails `json:"sourceDetails"` + AutotunePolicies []instanceconfigurationautotunepolicy `json:"autotunePolicies"` + XrcKmsKeyId *string `json:"xrcKmsKeyId"` }{} e = json.Unmarshal(data, &model) @@ -141,6 +152,8 @@ func (m *InstanceConfigurationCreateVolumeDetails) UnmarshalJSON(data []byte) (e m.VpusPerGB = model.VpusPerGB + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.SizeInGBs = model.SizeInGBs nn, e = model.SourceDetails.UnmarshalPolymorphicJSON(model.SourceDetails.JsonData) @@ -165,5 +178,7 @@ func (m *InstanceConfigurationCreateVolumeDetails) UnmarshalJSON(data []byte) (e m.AutotunePolicies[i] = nil } } + m.XrcKmsKeyId = model.XrcKmsKeyId + return } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_intel_vm_launch_instance_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_intel_vm_launch_instance_platform_config.go index b20d062fe1..7242b533f3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_intel_vm_launch_instance_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_intel_vm_launch_instance_platform_config.go @@ -36,6 +36,14 @@ type InstanceConfigurationIntelVmLaunchInstancePlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_launch_instance_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_launch_instance_details.go index 17be971650..f3637302d0 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_launch_instance_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_configuration_launch_instance_details.go @@ -39,6 +39,9 @@ type InstanceConfigurationLaunchInstanceDetails struct { // as the instance that was used to create the instance configuration. CompartmentId *string `mandatory:"false" json:"compartmentId"` + // The OCID of the cluster placement group of the instance. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + CreateVnicDetails *InstanceConfigurationCreateVnicDetails `mandatory:"false" json:"createVnicDetails"` // Defined tags for this resource. Each key is predefined and scoped to a @@ -46,6 +49,10 @@ type InstanceConfigurationLaunchInstanceDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` @@ -204,8 +211,10 @@ func (m *InstanceConfigurationLaunchInstanceDetails) UnmarshalJSON(data []byte) AvailabilityDomain *string `json:"availabilityDomain"` CapacityReservationId *string `json:"capacityReservationId"` CompartmentId *string `json:"compartmentId"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` CreateVnicDetails *InstanceConfigurationCreateVnicDetails `json:"createVnicDetails"` DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SecurityAttributes map[string]map[string]interface{} `json:"securityAttributes"` DisplayName *string `json:"displayName"` ExtendedMetadata map[string]interface{} `json:"extendedMetadata"` FreeformTags map[string]string `json:"freeformTags"` @@ -238,10 +247,14 @@ func (m *InstanceConfigurationLaunchInstanceDetails) UnmarshalJSON(data []byte) m.CompartmentId = model.CompartmentId + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.CreateVnicDetails = model.CreateVnicDetails m.DefinedTags = model.DefinedTags + m.SecurityAttributes = model.SecurityAttributes + m.DisplayName = model.DisplayName m.ExtendedMetadata = model.ExtendedMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_alternative_resolution_actions.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_alternative_resolution_actions.go new file mode 100644 index 0000000000..8337cec681 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_alternative_resolution_actions.go @@ -0,0 +1,62 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "strings" +) + +// InstanceMaintenanceAlternativeResolutionActionsEnum Enum with underlying type: string +type InstanceMaintenanceAlternativeResolutionActionsEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceAlternativeResolutionActionsEnum +const ( + InstanceMaintenanceAlternativeResolutionActionsRebootMigration InstanceMaintenanceAlternativeResolutionActionsEnum = "REBOOT_MIGRATION" + InstanceMaintenanceAlternativeResolutionActionsTerminate InstanceMaintenanceAlternativeResolutionActionsEnum = "TERMINATE" +) + +var mappingInstanceMaintenanceAlternativeResolutionActionsEnum = map[string]InstanceMaintenanceAlternativeResolutionActionsEnum{ + "REBOOT_MIGRATION": InstanceMaintenanceAlternativeResolutionActionsRebootMigration, + "TERMINATE": InstanceMaintenanceAlternativeResolutionActionsTerminate, +} + +var mappingInstanceMaintenanceAlternativeResolutionActionsEnumLowerCase = map[string]InstanceMaintenanceAlternativeResolutionActionsEnum{ + "reboot_migration": InstanceMaintenanceAlternativeResolutionActionsRebootMigration, + "terminate": InstanceMaintenanceAlternativeResolutionActionsTerminate, +} + +// GetInstanceMaintenanceAlternativeResolutionActionsEnumValues Enumerates the set of values for InstanceMaintenanceAlternativeResolutionActionsEnum +func GetInstanceMaintenanceAlternativeResolutionActionsEnumValues() []InstanceMaintenanceAlternativeResolutionActionsEnum { + values := make([]InstanceMaintenanceAlternativeResolutionActionsEnum, 0) + for _, v := range mappingInstanceMaintenanceAlternativeResolutionActionsEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceAlternativeResolutionActionsEnumStringValues Enumerates the set of values in String for InstanceMaintenanceAlternativeResolutionActionsEnum +func GetInstanceMaintenanceAlternativeResolutionActionsEnumStringValues() []string { + return []string{ + "REBOOT_MIGRATION", + "TERMINATE", + } +} + +// GetMappingInstanceMaintenanceAlternativeResolutionActionsEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceAlternativeResolutionActionsEnum(val string) (InstanceMaintenanceAlternativeResolutionActionsEnum, bool) { + enum, ok := mappingInstanceMaintenanceAlternativeResolutionActionsEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event.go new file mode 100644 index 0000000000..df104d6bbb --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event.go @@ -0,0 +1,415 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// InstanceMaintenanceEvent It is the event in which the maintenance action will be be performed on the customer instance on the scheduled date and time. +type InstanceMaintenanceEvent struct { + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the maintenance event. + Id *string `mandatory:"true" json:"id"` + + // The OCID of the instance. + InstanceId *string `mandatory:"true" json:"instanceId"` + + // The OCID of the compartment that contains the instance. + CompartmentId *string `mandatory:"true" json:"compartmentId"` + + // This indicates the priority and allowed actions for this Maintenance. Higher priority forms of Maintenance have + // tighter restrictions and may not be rescheduled, while lower priority/severity Maintenance can be rescheduled, + // deferred, or even cancelled. Please see the + // Instance Maintenance (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/placeholder.htm) documentation for details. + MaintenanceCategory InstanceMaintenanceEventMaintenanceCategoryEnum `mandatory:"true" json:"maintenanceCategory"` + + // This is the reason that Maintenance is being performed. See + // Instance Maintenance (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/placeholder.htm) documentation for details. + MaintenanceReason InstanceMaintenanceEventMaintenanceReasonEnum `mandatory:"true" json:"maintenanceReason"` + + // This is the action that will be performed on the Instance by OCI when the Maintenance begins. + InstanceAction InstanceMaintenanceEventInstanceActionEnum `mandatory:"true" json:"instanceAction"` + + // These are alternative actions to the requested instanceAction that can be taken to resolve the Maintenance. + AlternativeResolutionActions []InstanceMaintenanceAlternativeResolutionActionsEnum `mandatory:"true" json:"alternativeResolutionActions"` + + // The beginning of the time window when Maintenance is scheduled to begin. The Maintenance will not begin before + // this time. + TimeWindowStart *common.SDKTime `mandatory:"true" json:"timeWindowStart"` + + // Indicates if this MaintenanceEvent is capable of being rescheduled up to the timeHardDueDate. + CanReschedule *bool `mandatory:"true" json:"canReschedule"` + + // The date and time the maintenance event was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). + // Example: `2016-08-25T21:10:29.600Z` + TimeCreated *common.SDKTime `mandatory:"true" json:"timeCreated"` + + // The current state of the maintenance event. + LifecycleState InstanceMaintenanceEventLifecycleStateEnum `mandatory:"true" json:"lifecycleState"` + + // The creator of the maintenance event. + CreatedBy InstanceMaintenanceEventCreatedByEnum `mandatory:"true" json:"createdBy"` + + // A user-friendly name. Does not have to be unique, and it's changeable. + // Avoid entering confidential information. + DisplayName *string `mandatory:"false" json:"displayName"` + + // Defined tags for this resource. Each key is predefined and scoped to a + // namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Operations": {"CostCenter": "42"}}` + DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Free-form tags for this resource. Each tag is a simple key-value pair with no + // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Department": "Finance"}` + FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + + // The time at which the Maintenance actually started. + TimeStarted *common.SDKTime `mandatory:"false" json:"timeStarted"` + + // The time at which the Maintenance actually finished. + TimeFinished *common.SDKTime `mandatory:"false" json:"timeFinished"` + + // The duration of the time window Maintenance is scheduled to begin within. + StartWindowDuration *string `mandatory:"false" json:"startWindowDuration"` + + // This is the estimated duration of the Maintenance, once the Maintenance has entered the STARTED state. + EstimatedDuration *string `mandatory:"false" json:"estimatedDuration"` + + // It is the scheduled hard due date and time of the maintenance event. + // The maintenance event will happen at this time and the due date will not be extended. + TimeHardDueDate *common.SDKTime `mandatory:"false" json:"timeHardDueDate"` + + // Provides more details about the state of the maintenance event. + LifecycleDetails *string `mandatory:"false" json:"lifecycleDetails"` + + // It is the descriptive information about the maintenance taking place on the customer instance. + Description *string `mandatory:"false" json:"description"` + + // A unique identifier that will group Instances that have a relationship with one another and must be scheduled + // together for the Maintenance to proceed. Any Instances that have a relationship with one another from a Maintenance + // perspective will have a matching correlationToken. + CorrelationToken *string `mandatory:"false" json:"correlationToken"` + + // For Instances that have local storage, this field is set to true when local storage + // will be deleted as a result of the Maintenance. + CanDeleteLocalStorage *bool `mandatory:"false" json:"canDeleteLocalStorage"` + + // Additional details of the maintenance in the form of json. + AdditionalDetails map[string]string `mandatory:"false" json:"additionalDetails"` +} + +func (m InstanceMaintenanceEvent) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m InstanceMaintenanceEvent) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingInstanceMaintenanceEventMaintenanceCategoryEnum(string(m.MaintenanceCategory)); !ok && m.MaintenanceCategory != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for MaintenanceCategory: %s. Supported values are: %s.", m.MaintenanceCategory, strings.Join(GetInstanceMaintenanceEventMaintenanceCategoryEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventMaintenanceReasonEnum(string(m.MaintenanceReason)); !ok && m.MaintenanceReason != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for MaintenanceReason: %s. Supported values are: %s.", m.MaintenanceReason, strings.Join(GetInstanceMaintenanceEventMaintenanceReasonEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventInstanceActionEnum(string(m.InstanceAction)); !ok && m.InstanceAction != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for InstanceAction: %s. Supported values are: %s.", m.InstanceAction, strings.Join(GetInstanceMaintenanceEventInstanceActionEnumStringValues(), ","))) + } + for _, val := range m.AlternativeResolutionActions { + if _, ok := GetMappingInstanceMaintenanceAlternativeResolutionActionsEnum(string(val)); !ok && val != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for AlternativeResolutionActions: %s. Supported values are: %s.", val, strings.Join(GetInstanceMaintenanceAlternativeResolutionActionsEnumStringValues(), ","))) + } + } + + if _, ok := GetMappingInstanceMaintenanceEventLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetInstanceMaintenanceEventLifecycleStateEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventCreatedByEnum(string(m.CreatedBy)); !ok && m.CreatedBy != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for CreatedBy: %s. Supported values are: %s.", m.CreatedBy, strings.Join(GetInstanceMaintenanceEventCreatedByEnumStringValues(), ","))) + } + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// InstanceMaintenanceEventMaintenanceCategoryEnum Enum with underlying type: string +type InstanceMaintenanceEventMaintenanceCategoryEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceEventMaintenanceCategoryEnum +const ( + InstanceMaintenanceEventMaintenanceCategoryEmergency InstanceMaintenanceEventMaintenanceCategoryEnum = "EMERGENCY" + InstanceMaintenanceEventMaintenanceCategoryMandatory InstanceMaintenanceEventMaintenanceCategoryEnum = "MANDATORY" + InstanceMaintenanceEventMaintenanceCategoryFlexible InstanceMaintenanceEventMaintenanceCategoryEnum = "FLEXIBLE" + InstanceMaintenanceEventMaintenanceCategoryOptional InstanceMaintenanceEventMaintenanceCategoryEnum = "OPTIONAL" + InstanceMaintenanceEventMaintenanceCategoryNotification InstanceMaintenanceEventMaintenanceCategoryEnum = "NOTIFICATION" +) + +var mappingInstanceMaintenanceEventMaintenanceCategoryEnum = map[string]InstanceMaintenanceEventMaintenanceCategoryEnum{ + "EMERGENCY": InstanceMaintenanceEventMaintenanceCategoryEmergency, + "MANDATORY": InstanceMaintenanceEventMaintenanceCategoryMandatory, + "FLEXIBLE": InstanceMaintenanceEventMaintenanceCategoryFlexible, + "OPTIONAL": InstanceMaintenanceEventMaintenanceCategoryOptional, + "NOTIFICATION": InstanceMaintenanceEventMaintenanceCategoryNotification, +} + +var mappingInstanceMaintenanceEventMaintenanceCategoryEnumLowerCase = map[string]InstanceMaintenanceEventMaintenanceCategoryEnum{ + "emergency": InstanceMaintenanceEventMaintenanceCategoryEmergency, + "mandatory": InstanceMaintenanceEventMaintenanceCategoryMandatory, + "flexible": InstanceMaintenanceEventMaintenanceCategoryFlexible, + "optional": InstanceMaintenanceEventMaintenanceCategoryOptional, + "notification": InstanceMaintenanceEventMaintenanceCategoryNotification, +} + +// GetInstanceMaintenanceEventMaintenanceCategoryEnumValues Enumerates the set of values for InstanceMaintenanceEventMaintenanceCategoryEnum +func GetInstanceMaintenanceEventMaintenanceCategoryEnumValues() []InstanceMaintenanceEventMaintenanceCategoryEnum { + values := make([]InstanceMaintenanceEventMaintenanceCategoryEnum, 0) + for _, v := range mappingInstanceMaintenanceEventMaintenanceCategoryEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceEventMaintenanceCategoryEnumStringValues Enumerates the set of values in String for InstanceMaintenanceEventMaintenanceCategoryEnum +func GetInstanceMaintenanceEventMaintenanceCategoryEnumStringValues() []string { + return []string{ + "EMERGENCY", + "MANDATORY", + "FLEXIBLE", + "OPTIONAL", + "NOTIFICATION", + } +} + +// GetMappingInstanceMaintenanceEventMaintenanceCategoryEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceEventMaintenanceCategoryEnum(val string) (InstanceMaintenanceEventMaintenanceCategoryEnum, bool) { + enum, ok := mappingInstanceMaintenanceEventMaintenanceCategoryEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// InstanceMaintenanceEventMaintenanceReasonEnum Enum with underlying type: string +type InstanceMaintenanceEventMaintenanceReasonEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceEventMaintenanceReasonEnum +const ( + InstanceMaintenanceEventMaintenanceReasonEvacuation InstanceMaintenanceEventMaintenanceReasonEnum = "EVACUATION" + InstanceMaintenanceEventMaintenanceReasonEnvironmentalFactors InstanceMaintenanceEventMaintenanceReasonEnum = "ENVIRONMENTAL_FACTORS" + InstanceMaintenanceEventMaintenanceReasonDecommission InstanceMaintenanceEventMaintenanceReasonEnum = "DECOMMISSION" + InstanceMaintenanceEventMaintenanceReasonHardwareReplacement InstanceMaintenanceEventMaintenanceReasonEnum = "HARDWARE_REPLACEMENT" + InstanceMaintenanceEventMaintenanceReasonFirmwareUpdate InstanceMaintenanceEventMaintenanceReasonEnum = "FIRMWARE_UPDATE" + InstanceMaintenanceEventMaintenanceReasonSecurityUpdate InstanceMaintenanceEventMaintenanceReasonEnum = "SECURITY_UPDATE" +) + +var mappingInstanceMaintenanceEventMaintenanceReasonEnum = map[string]InstanceMaintenanceEventMaintenanceReasonEnum{ + "EVACUATION": InstanceMaintenanceEventMaintenanceReasonEvacuation, + "ENVIRONMENTAL_FACTORS": InstanceMaintenanceEventMaintenanceReasonEnvironmentalFactors, + "DECOMMISSION": InstanceMaintenanceEventMaintenanceReasonDecommission, + "HARDWARE_REPLACEMENT": InstanceMaintenanceEventMaintenanceReasonHardwareReplacement, + "FIRMWARE_UPDATE": InstanceMaintenanceEventMaintenanceReasonFirmwareUpdate, + "SECURITY_UPDATE": InstanceMaintenanceEventMaintenanceReasonSecurityUpdate, +} + +var mappingInstanceMaintenanceEventMaintenanceReasonEnumLowerCase = map[string]InstanceMaintenanceEventMaintenanceReasonEnum{ + "evacuation": InstanceMaintenanceEventMaintenanceReasonEvacuation, + "environmental_factors": InstanceMaintenanceEventMaintenanceReasonEnvironmentalFactors, + "decommission": InstanceMaintenanceEventMaintenanceReasonDecommission, + "hardware_replacement": InstanceMaintenanceEventMaintenanceReasonHardwareReplacement, + "firmware_update": InstanceMaintenanceEventMaintenanceReasonFirmwareUpdate, + "security_update": InstanceMaintenanceEventMaintenanceReasonSecurityUpdate, +} + +// GetInstanceMaintenanceEventMaintenanceReasonEnumValues Enumerates the set of values for InstanceMaintenanceEventMaintenanceReasonEnum +func GetInstanceMaintenanceEventMaintenanceReasonEnumValues() []InstanceMaintenanceEventMaintenanceReasonEnum { + values := make([]InstanceMaintenanceEventMaintenanceReasonEnum, 0) + for _, v := range mappingInstanceMaintenanceEventMaintenanceReasonEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceEventMaintenanceReasonEnumStringValues Enumerates the set of values in String for InstanceMaintenanceEventMaintenanceReasonEnum +func GetInstanceMaintenanceEventMaintenanceReasonEnumStringValues() []string { + return []string{ + "EVACUATION", + "ENVIRONMENTAL_FACTORS", + "DECOMMISSION", + "HARDWARE_REPLACEMENT", + "FIRMWARE_UPDATE", + "SECURITY_UPDATE", + } +} + +// GetMappingInstanceMaintenanceEventMaintenanceReasonEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceEventMaintenanceReasonEnum(val string) (InstanceMaintenanceEventMaintenanceReasonEnum, bool) { + enum, ok := mappingInstanceMaintenanceEventMaintenanceReasonEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// InstanceMaintenanceEventInstanceActionEnum Enum with underlying type: string +type InstanceMaintenanceEventInstanceActionEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceEventInstanceActionEnum +const ( + InstanceMaintenanceEventInstanceActionRebootMigration InstanceMaintenanceEventInstanceActionEnum = "REBOOT_MIGRATION" + InstanceMaintenanceEventInstanceActionTerminate InstanceMaintenanceEventInstanceActionEnum = "TERMINATE" + InstanceMaintenanceEventInstanceActionStop InstanceMaintenanceEventInstanceActionEnum = "STOP" + InstanceMaintenanceEventInstanceActionNone InstanceMaintenanceEventInstanceActionEnum = "NONE" +) + +var mappingInstanceMaintenanceEventInstanceActionEnum = map[string]InstanceMaintenanceEventInstanceActionEnum{ + "REBOOT_MIGRATION": InstanceMaintenanceEventInstanceActionRebootMigration, + "TERMINATE": InstanceMaintenanceEventInstanceActionTerminate, + "STOP": InstanceMaintenanceEventInstanceActionStop, + "NONE": InstanceMaintenanceEventInstanceActionNone, +} + +var mappingInstanceMaintenanceEventInstanceActionEnumLowerCase = map[string]InstanceMaintenanceEventInstanceActionEnum{ + "reboot_migration": InstanceMaintenanceEventInstanceActionRebootMigration, + "terminate": InstanceMaintenanceEventInstanceActionTerminate, + "stop": InstanceMaintenanceEventInstanceActionStop, + "none": InstanceMaintenanceEventInstanceActionNone, +} + +// GetInstanceMaintenanceEventInstanceActionEnumValues Enumerates the set of values for InstanceMaintenanceEventInstanceActionEnum +func GetInstanceMaintenanceEventInstanceActionEnumValues() []InstanceMaintenanceEventInstanceActionEnum { + values := make([]InstanceMaintenanceEventInstanceActionEnum, 0) + for _, v := range mappingInstanceMaintenanceEventInstanceActionEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceEventInstanceActionEnumStringValues Enumerates the set of values in String for InstanceMaintenanceEventInstanceActionEnum +func GetInstanceMaintenanceEventInstanceActionEnumStringValues() []string { + return []string{ + "REBOOT_MIGRATION", + "TERMINATE", + "STOP", + "NONE", + } +} + +// GetMappingInstanceMaintenanceEventInstanceActionEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceEventInstanceActionEnum(val string) (InstanceMaintenanceEventInstanceActionEnum, bool) { + enum, ok := mappingInstanceMaintenanceEventInstanceActionEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// InstanceMaintenanceEventLifecycleStateEnum Enum with underlying type: string +type InstanceMaintenanceEventLifecycleStateEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceEventLifecycleStateEnum +const ( + InstanceMaintenanceEventLifecycleStateScheduled InstanceMaintenanceEventLifecycleStateEnum = "SCHEDULED" + InstanceMaintenanceEventLifecycleStateStarted InstanceMaintenanceEventLifecycleStateEnum = "STARTED" + InstanceMaintenanceEventLifecycleStateProcessing InstanceMaintenanceEventLifecycleStateEnum = "PROCESSING" + InstanceMaintenanceEventLifecycleStateSucceeded InstanceMaintenanceEventLifecycleStateEnum = "SUCCEEDED" + InstanceMaintenanceEventLifecycleStateFailed InstanceMaintenanceEventLifecycleStateEnum = "FAILED" + InstanceMaintenanceEventLifecycleStateCanceled InstanceMaintenanceEventLifecycleStateEnum = "CANCELED" +) + +var mappingInstanceMaintenanceEventLifecycleStateEnum = map[string]InstanceMaintenanceEventLifecycleStateEnum{ + "SCHEDULED": InstanceMaintenanceEventLifecycleStateScheduled, + "STARTED": InstanceMaintenanceEventLifecycleStateStarted, + "PROCESSING": InstanceMaintenanceEventLifecycleStateProcessing, + "SUCCEEDED": InstanceMaintenanceEventLifecycleStateSucceeded, + "FAILED": InstanceMaintenanceEventLifecycleStateFailed, + "CANCELED": InstanceMaintenanceEventLifecycleStateCanceled, +} + +var mappingInstanceMaintenanceEventLifecycleStateEnumLowerCase = map[string]InstanceMaintenanceEventLifecycleStateEnum{ + "scheduled": InstanceMaintenanceEventLifecycleStateScheduled, + "started": InstanceMaintenanceEventLifecycleStateStarted, + "processing": InstanceMaintenanceEventLifecycleStateProcessing, + "succeeded": InstanceMaintenanceEventLifecycleStateSucceeded, + "failed": InstanceMaintenanceEventLifecycleStateFailed, + "canceled": InstanceMaintenanceEventLifecycleStateCanceled, +} + +// GetInstanceMaintenanceEventLifecycleStateEnumValues Enumerates the set of values for InstanceMaintenanceEventLifecycleStateEnum +func GetInstanceMaintenanceEventLifecycleStateEnumValues() []InstanceMaintenanceEventLifecycleStateEnum { + values := make([]InstanceMaintenanceEventLifecycleStateEnum, 0) + for _, v := range mappingInstanceMaintenanceEventLifecycleStateEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceEventLifecycleStateEnumStringValues Enumerates the set of values in String for InstanceMaintenanceEventLifecycleStateEnum +func GetInstanceMaintenanceEventLifecycleStateEnumStringValues() []string { + return []string{ + "SCHEDULED", + "STARTED", + "PROCESSING", + "SUCCEEDED", + "FAILED", + "CANCELED", + } +} + +// GetMappingInstanceMaintenanceEventLifecycleStateEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceEventLifecycleStateEnum(val string) (InstanceMaintenanceEventLifecycleStateEnum, bool) { + enum, ok := mappingInstanceMaintenanceEventLifecycleStateEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// InstanceMaintenanceEventCreatedByEnum Enum with underlying type: string +type InstanceMaintenanceEventCreatedByEnum string + +// Set of constants representing the allowable values for InstanceMaintenanceEventCreatedByEnum +const ( + InstanceMaintenanceEventCreatedByCustomer InstanceMaintenanceEventCreatedByEnum = "CUSTOMER" + InstanceMaintenanceEventCreatedBySystem InstanceMaintenanceEventCreatedByEnum = "SYSTEM" +) + +var mappingInstanceMaintenanceEventCreatedByEnum = map[string]InstanceMaintenanceEventCreatedByEnum{ + "CUSTOMER": InstanceMaintenanceEventCreatedByCustomer, + "SYSTEM": InstanceMaintenanceEventCreatedBySystem, +} + +var mappingInstanceMaintenanceEventCreatedByEnumLowerCase = map[string]InstanceMaintenanceEventCreatedByEnum{ + "customer": InstanceMaintenanceEventCreatedByCustomer, + "system": InstanceMaintenanceEventCreatedBySystem, +} + +// GetInstanceMaintenanceEventCreatedByEnumValues Enumerates the set of values for InstanceMaintenanceEventCreatedByEnum +func GetInstanceMaintenanceEventCreatedByEnumValues() []InstanceMaintenanceEventCreatedByEnum { + values := make([]InstanceMaintenanceEventCreatedByEnum, 0) + for _, v := range mappingInstanceMaintenanceEventCreatedByEnum { + values = append(values, v) + } + return values +} + +// GetInstanceMaintenanceEventCreatedByEnumStringValues Enumerates the set of values in String for InstanceMaintenanceEventCreatedByEnum +func GetInstanceMaintenanceEventCreatedByEnumStringValues() []string { + return []string{ + "CUSTOMER", + "SYSTEM", + } +} + +// GetMappingInstanceMaintenanceEventCreatedByEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingInstanceMaintenanceEventCreatedByEnum(val string) (InstanceMaintenanceEventCreatedByEnum, bool) { + enum, ok := mappingInstanceMaintenanceEventCreatedByEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event_summary.go new file mode 100644 index 0000000000..a4ea07b495 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_maintenance_event_summary.go @@ -0,0 +1,143 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// InstanceMaintenanceEventSummary It is the event in which the maintenance action will be be performed on the customer instance on the scheduled date and time. +type InstanceMaintenanceEventSummary struct { + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the maintenance event. + Id *string `mandatory:"true" json:"id"` + + // The OCID of the instance. + InstanceId *string `mandatory:"true" json:"instanceId"` + + // The OCID of the compartment that contains the instance. + CompartmentId *string `mandatory:"true" json:"compartmentId"` + + // This indicates the priority and allowed actions for this Maintenance. Higher priority forms of Maintenance have + // tighter restrictions and may not be rescheduled, while lower priority/severity Maintenance can be rescheduled, + // deferred, or even cancelled. Please see the + // Instance Maintenance (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/placeholder.htm) documentation for details. + MaintenanceCategory InstanceMaintenanceEventMaintenanceCategoryEnum `mandatory:"true" json:"maintenanceCategory"` + + // This is the reason that Maintenance is being performed. See + // Instance Maintenance (https://docs.cloud.oracle.com/iaas/Content/Compute/Tasks/placeholder.htm) documentation for details. + MaintenanceReason InstanceMaintenanceEventMaintenanceReasonEnum `mandatory:"true" json:"maintenanceReason"` + + // This is the action that will be performed on the Instance by OCI when the Maintenance begins. + InstanceAction InstanceMaintenanceEventInstanceActionEnum `mandatory:"true" json:"instanceAction"` + + // These are alternative actions to the requested instanceAction that can be taken to resolve the Maintenance. + AlternativeResolutionActions []InstanceMaintenanceAlternativeResolutionActionsEnum `mandatory:"true" json:"alternativeResolutionActions"` + + // The beginning of the time window when Maintenance is scheduled to begin. The Maintenance will not begin before + // this time. + TimeWindowStart *common.SDKTime `mandatory:"true" json:"timeWindowStart"` + + // Indicates if this MaintenanceEvent is capable of being rescheduled up to the timeHardDueDate. + CanReschedule *bool `mandatory:"true" json:"canReschedule"` + + // The date and time the maintenance event was created, in the format defined by RFC3339 (https://tools.ietf.org/html/rfc3339). + // Example: `2016-08-25T21:10:29.600Z` + TimeCreated *common.SDKTime `mandatory:"true" json:"timeCreated"` + + // The current state of the maintenance event. + LifecycleState InstanceMaintenanceEventLifecycleStateEnum `mandatory:"true" json:"lifecycleState"` + + // The creator of the maintenance event. + CreatedBy InstanceMaintenanceEventCreatedByEnum `mandatory:"true" json:"createdBy"` + + // Defined tags for this resource. Each key is predefined and scoped to a + // namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Operations": {"CostCenter": "42"}}` + DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // A user-friendly name. Does not have to be unique, and it's changeable. + // Avoid entering confidential information. + DisplayName *string `mandatory:"false" json:"displayName"` + + // Free-form tags for this resource. Each tag is a simple key-value pair with no + // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Department": "Finance"}` + FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + + // The time at which the Maintenance actually started. + TimeStarted *common.SDKTime `mandatory:"false" json:"timeStarted"` + + // The time at which the Maintenance actually finished. + TimeFinished *common.SDKTime `mandatory:"false" json:"timeFinished"` + + // The duration of the time window Maintenance is scheduled to begin within. + StartWindowDuration *string `mandatory:"false" json:"startWindowDuration"` + + // This is the estimated duration of the Maintenance, once the Maintenance has entered the STARTED state. + EstimatedDuration *string `mandatory:"false" json:"estimatedDuration"` + + // It is the scheduled hard due date and time of the maintenance event. + // The maintenance event will happen at this time and the due date will not be extended. + TimeHardDueDate *common.SDKTime `mandatory:"false" json:"timeHardDueDate"` + + // It is the descriptive information about the maintenance taking place on the customer instance. + Description *string `mandatory:"false" json:"description"` + + // A unique identifier that will group Instances that have a relationship with one another and must be scheduled + // together for the Maintenance to proceed. Any Instances that have a relationship with one another from a Maintenance + // perspective will have a matching correlationToken. + CorrelationToken *string `mandatory:"false" json:"correlationToken"` +} + +func (m InstanceMaintenanceEventSummary) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m InstanceMaintenanceEventSummary) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingInstanceMaintenanceEventMaintenanceCategoryEnum(string(m.MaintenanceCategory)); !ok && m.MaintenanceCategory != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for MaintenanceCategory: %s. Supported values are: %s.", m.MaintenanceCategory, strings.Join(GetInstanceMaintenanceEventMaintenanceCategoryEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventMaintenanceReasonEnum(string(m.MaintenanceReason)); !ok && m.MaintenanceReason != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for MaintenanceReason: %s. Supported values are: %s.", m.MaintenanceReason, strings.Join(GetInstanceMaintenanceEventMaintenanceReasonEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventInstanceActionEnum(string(m.InstanceAction)); !ok && m.InstanceAction != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for InstanceAction: %s. Supported values are: %s.", m.InstanceAction, strings.Join(GetInstanceMaintenanceEventInstanceActionEnumStringValues(), ","))) + } + for _, val := range m.AlternativeResolutionActions { + if _, ok := GetMappingInstanceMaintenanceAlternativeResolutionActionsEnum(string(val)); !ok && val != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for AlternativeResolutionActions: %s. Supported values are: %s.", val, strings.Join(GetInstanceMaintenanceAlternativeResolutionActionsEnumStringValues(), ","))) + } + } + + if _, ok := GetMappingInstanceMaintenanceEventLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetInstanceMaintenanceEventLifecycleStateEnumStringValues(), ","))) + } + if _, ok := GetMappingInstanceMaintenanceEventCreatedByEnum(string(m.CreatedBy)); !ok && m.CreatedBy != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for CreatedBy: %s. Supported values are: %s.", m.CreatedBy, strings.Join(GetInstanceMaintenanceEventCreatedByEnumStringValues(), ","))) + } + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config.go index 7b2e121399..ae4a44d8aa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config.go @@ -43,6 +43,9 @@ type InstanceReservationConfig struct { ClusterConfig *ClusterConfigDetails `mandatory:"false" json:"clusterConfig"` InstanceShapeConfig *InstanceReservationShapeConfigDetails `mandatory:"false" json:"instanceShapeConfig"` + + // The OCID of the cluster placement group for this instance reservation capacity configuration. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` } func (m InstanceReservationConfig) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config_details.go index a837a3cb74..4eb5fdc22a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/instance_reservation_config_details.go @@ -46,6 +46,9 @@ type InstanceReservationConfigDetails struct { FaultDomain *string `mandatory:"false" json:"faultDomain"` ClusterConfig *ClusterConfigDetails `mandatory:"false" json:"clusterConfig"` + + // The OCID of the cluster placement group for this instance reservation capacity configuration. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` } func (m InstanceReservationConfigDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_launch_instance_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_launch_instance_platform_config.go index b14829c572..fcb70fe248 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_launch_instance_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_launch_instance_platform_config.go @@ -36,6 +36,14 @@ type IntelVmLaunchInstancePlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_platform_config.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_platform_config.go index 2f997f8968..97973da86c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_platform_config.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/intel_vm_platform_config.go @@ -36,6 +36,14 @@ type IntelVmPlatformConfig struct { // Whether the instance is a confidential instance. If this value is `true`, the instance is a confidential instance. The default value is `false`. IsMemoryEncryptionEnabled *bool `mandatory:"false" json:"isMemoryEncryptionEnabled"` + + // Whether symmetric multithreading is enabled on the instance. Symmetric multithreading is also + // called simultaneous multithreading (SMT) or Intel Hyper-Threading. + // Intel and AMD processors have two hardware execution threads per core (OCPU). SMT permits multiple + // independent threads of execution, to better use the resources and increase the efficiency + // of the CPU. When multithreading is disabled, only one thread is permitted to run on each core, which + // can provide higher or more predictable performance for some workloads. + IsSymmetricMultiThreadingEnabled *bool `mandatory:"false" json:"isSymmetricMultiThreadingEnabled"` } // GetIsSecureBootEnabled returns IsSecureBootEnabled diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_paravirtualized_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_paravirtualized_volume_details.go new file mode 100644 index 0000000000..43cf17d6fe --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_paravirtualized_volume_details.go @@ -0,0 +1,153 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// LaunchAttachParavirtualizedVolumeDetails Details specific to PV type volume attachments. +type LaunchAttachParavirtualizedVolumeDetails struct { + + // The device name. To retrieve a list of devices for a given instance, see ListInstanceDevices. + Device *string `mandatory:"false" json:"device"` + + // A user-friendly name. Does not have to be unique, and it's changeable. + // Avoid entering confidential information. + DisplayName *string `mandatory:"false" json:"displayName"` + + // Whether the attachment was created in read-only mode. + IsReadOnly *bool `mandatory:"false" json:"isReadOnly"` + + // Whether the attachment should be created in shareable mode. If an attachment + // is created in shareable mode, then other instances can attach the same volume, provided + // that they also create their attachments in shareable mode. Only certain volume types can + // be attached in shareable mode. Defaults to false if not specified. + IsShareable *bool `mandatory:"false" json:"isShareable"` + + // The OCID of the volume. If CreateVolumeDetails is specified, this field must be omitted from the request. + VolumeId *string `mandatory:"false" json:"volumeId"` + + LaunchCreateVolumeDetails LaunchCreateVolumeDetails `mandatory:"false" json:"launchCreateVolumeDetails"` + + // Whether to enable in-transit encryption for the data volume's paravirtualized attachment. The default value is false. + IsPvEncryptionInTransitEnabled *bool `mandatory:"false" json:"isPvEncryptionInTransitEnabled"` +} + +// GetDevice returns Device +func (m LaunchAttachParavirtualizedVolumeDetails) GetDevice() *string { + return m.Device +} + +// GetDisplayName returns DisplayName +func (m LaunchAttachParavirtualizedVolumeDetails) GetDisplayName() *string { + return m.DisplayName +} + +// GetIsReadOnly returns IsReadOnly +func (m LaunchAttachParavirtualizedVolumeDetails) GetIsReadOnly() *bool { + return m.IsReadOnly +} + +// GetIsShareable returns IsShareable +func (m LaunchAttachParavirtualizedVolumeDetails) GetIsShareable() *bool { + return m.IsShareable +} + +// GetVolumeId returns VolumeId +func (m LaunchAttachParavirtualizedVolumeDetails) GetVolumeId() *string { + return m.VolumeId +} + +// GetLaunchCreateVolumeDetails returns LaunchCreateVolumeDetails +func (m LaunchAttachParavirtualizedVolumeDetails) GetLaunchCreateVolumeDetails() LaunchCreateVolumeDetails { + return m.LaunchCreateVolumeDetails +} + +func (m LaunchAttachParavirtualizedVolumeDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m LaunchAttachParavirtualizedVolumeDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m LaunchAttachParavirtualizedVolumeDetails) MarshalJSON() (buff []byte, e error) { + type MarshalTypeLaunchAttachParavirtualizedVolumeDetails LaunchAttachParavirtualizedVolumeDetails + s := struct { + DiscriminatorParam string `json:"type"` + MarshalTypeLaunchAttachParavirtualizedVolumeDetails + }{ + "paravirtualized", + (MarshalTypeLaunchAttachParavirtualizedVolumeDetails)(m), + } + + return json.Marshal(&s) +} + +// UnmarshalJSON unmarshals from json +func (m *LaunchAttachParavirtualizedVolumeDetails) UnmarshalJSON(data []byte) (e error) { + model := struct { + Device *string `json:"device"` + DisplayName *string `json:"displayName"` + IsReadOnly *bool `json:"isReadOnly"` + IsShareable *bool `json:"isShareable"` + VolumeId *string `json:"volumeId"` + LaunchCreateVolumeDetails launchcreatevolumedetails `json:"launchCreateVolumeDetails"` + IsPvEncryptionInTransitEnabled *bool `json:"isPvEncryptionInTransitEnabled"` + }{} + + e = json.Unmarshal(data, &model) + if e != nil { + return + } + var nn interface{} + m.Device = model.Device + + m.DisplayName = model.DisplayName + + m.IsReadOnly = model.IsReadOnly + + m.IsShareable = model.IsShareable + + m.VolumeId = model.VolumeId + + nn, e = model.LaunchCreateVolumeDetails.UnmarshalPolymorphicJSON(model.LaunchCreateVolumeDetails.JsonData) + if e != nil { + return + } + if nn != nil { + m.LaunchCreateVolumeDetails = nn.(LaunchCreateVolumeDetails) + } else { + m.LaunchCreateVolumeDetails = nil + } + + m.IsPvEncryptionInTransitEnabled = model.IsPvEncryptionInTransitEnabled + + return +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_volume_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_volume_details.go index f9647ddf51..30f3b493c9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_volume_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_attach_volume_details.go @@ -89,6 +89,10 @@ func (m *launchattachvolumedetails) UnmarshalPolymorphicJSON(data []byte) (inter var err error switch m.Type { + case "paravirtualized": + mm := LaunchAttachParavirtualizedVolumeDetails{} + err = json.Unmarshal(data, &mm) + return mm, err case "iscsi": mm := LaunchAttachIScsiVolumeDetails{} err = json.Unmarshal(data, &mm) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_instance_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_instance_details.go index 7d10ef5b75..d4c057ecbc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_instance_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/launch_instance_details.go @@ -48,6 +48,10 @@ type LaunchInstanceDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` @@ -73,6 +77,9 @@ type LaunchInstanceDetails struct { // Example: `FAULT-DOMAIN-1` FaultDomain *string `mandatory:"false" json:"faultDomain"` + // The OCID of the cluster placement group of the instance. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // Free-form tags for this resource. Each tag is a simple key-value pair with no // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). // Example: `{"Department": "Finance"}` @@ -178,6 +185,9 @@ type LaunchInstanceDetails struct { // At least one of them is required; if you provide both, the values must match. SubnetId *string `mandatory:"false" json:"subnetId"` + // Volume attachments to create as part of the launch instance operation. + LaunchVolumeAttachments []LaunchAttachVolumeDetails `mandatory:"false" json:"launchVolumeAttachments"` + // Whether to enable in-transit encryption for the data volume's paravirtualized attachment. This field applies to both block volumes and boot volumes. The default value is false. IsPvEncryptionInTransitEnabled *bool `mandatory:"false" json:"isPvEncryptionInTransitEnabled"` @@ -210,9 +220,11 @@ func (m *LaunchInstanceDetails) UnmarshalJSON(data []byte) (e error) { CreateVnicDetails *CreateVnicDetails `json:"createVnicDetails"` DedicatedVmHostId *string `json:"dedicatedVmHostId"` DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SecurityAttributes map[string]map[string]interface{} `json:"securityAttributes"` DisplayName *string `json:"displayName"` ExtendedMetadata map[string]interface{} `json:"extendedMetadata"` FaultDomain *string `json:"faultDomain"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` FreeformTags map[string]string `json:"freeformTags"` ComputeClusterId *string `json:"computeClusterId"` HostnameLabel *string `json:"hostnameLabel"` @@ -228,6 +240,7 @@ func (m *LaunchInstanceDetails) UnmarshalJSON(data []byte) (e error) { ShapeConfig *LaunchInstanceShapeConfigDetails `json:"shapeConfig"` SourceDetails instancesourcedetails `json:"sourceDetails"` SubnetId *string `json:"subnetId"` + LaunchVolumeAttachments []launchattachvolumedetails `json:"launchVolumeAttachments"` IsPvEncryptionInTransitEnabled *bool `json:"isPvEncryptionInTransitEnabled"` PlatformConfig launchinstanceplatformconfig `json:"platformConfig"` InstanceConfigurationId *string `json:"instanceConfigurationId"` @@ -248,12 +261,16 @@ func (m *LaunchInstanceDetails) UnmarshalJSON(data []byte) (e error) { m.DefinedTags = model.DefinedTags + m.SecurityAttributes = model.SecurityAttributes + m.DisplayName = model.DisplayName m.ExtendedMetadata = model.ExtendedMetadata m.FaultDomain = model.FaultDomain + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.FreeformTags = model.FreeformTags m.ComputeClusterId = model.ComputeClusterId @@ -292,6 +309,18 @@ func (m *LaunchInstanceDetails) UnmarshalJSON(data []byte) (e error) { m.SubnetId = model.SubnetId + m.LaunchVolumeAttachments = make([]LaunchAttachVolumeDetails, len(model.LaunchVolumeAttachments)) + for i, n := range model.LaunchVolumeAttachments { + nn, e = n.UnmarshalPolymorphicJSON(n.JsonData) + if e != nil { + return e + } + if nn != nil { + m.LaunchVolumeAttachments[i] = nn.(LaunchAttachVolumeDetails) + } else { + m.LaunchVolumeAttachments[i] = nil + } + } m.IsPvEncryptionInTransitEnabled = model.IsPvEncryptionInTransitEnabled nn, e = model.PlatformConfig.UnmarshalPolymorphicJSON(model.PlatformConfig.JsonData) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/list_instance_maintenance_events_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/list_instance_maintenance_events_request_response.go new file mode 100644 index 0000000000..d2aed48740 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/list_instance_maintenance_events_request_response.go @@ -0,0 +1,231 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// ListInstanceMaintenanceEventsRequest wrapper for the ListInstanceMaintenanceEvents operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ListInstanceMaintenanceEvents.go.html to see an example of how to use ListInstanceMaintenanceEventsRequest. +type ListInstanceMaintenanceEventsRequest struct { + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment. + CompartmentId *string `mandatory:"true" contributesTo:"query" name:"compartmentId"` + + // The OCID of the instance. + InstanceId *string `mandatory:"false" contributesTo:"query" name:"instanceId"` + + // A filter to only return resources that match the given lifecycle state. + LifecycleState InstanceMaintenanceEventLifecycleStateEnum `mandatory:"false" contributesTo:"query" name:"lifecycleState" omitEmpty:"true"` + + // A filter to only return resources that have a matching correlationToken. + CorrelationToken *string `mandatory:"false" contributesTo:"query" name:"correlationToken"` + + // A filter to only return resources that match the given instance action. + InstanceAction *string `mandatory:"false" contributesTo:"query" name:"instanceAction"` + + // Starting range to return the maintenances which are not completed (date-time is in RFC3339 (https://tools.ietf.org/html/rfc3339) format). + TimeWindowStartGreaterThanOrEqualTo *common.SDKTime `mandatory:"false" contributesTo:"query" name:"timeWindowStartGreaterThanOrEqualTo"` + + // Ending range to return the maintenances which are not completed (date-time is in RFC3339 (https://tools.ietf.org/html/rfc3339) format). + TimeWindowStartLessThanOrEqualTo *common.SDKTime `mandatory:"false" contributesTo:"query" name:"timeWindowStartLessThanOrEqualTo"` + + // For list pagination. The maximum number of results per page, or items to return in a paginated + // "List" call. For important details about how pagination works, see + // List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). + // Example: `50` + Limit *int `mandatory:"false" contributesTo:"query" name:"limit"` + + // For list pagination. The value of the `opc-next-page` response header from the previous "List" + // call. For important details about how pagination works, see + // List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). + Page *string `mandatory:"false" contributesTo:"query" name:"page"` + + // The field to sort by. You can provide one sort order (`sortOrder`). Default order for + // TIMECREATED is descending. Default order for DISPLAYNAME is ascending. The DISPLAYNAME + // sort order is case sensitive. + // **Note:** In general, some "List" operations (for example, `ListInstances`) let you + // optionally filter by availability domain if the scope of the resource type is within a + // single availability domain. If you call one of these "List" operations without specifying + // an availability domain, the resources are grouped by availability domain, then sorted. + SortBy ListInstanceMaintenanceEventsSortByEnum `mandatory:"false" contributesTo:"query" name:"sortBy" omitEmpty:"true"` + + // The sort order to use, either ascending (`ASC`) or descending (`DESC`). The DISPLAYNAME sort order + // is case sensitive. + SortOrder ListInstanceMaintenanceEventsSortOrderEnum `mandatory:"false" contributesTo:"query" name:"sortOrder" omitEmpty:"true"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request ListInstanceMaintenanceEventsRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request ListInstanceMaintenanceEventsRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request ListInstanceMaintenanceEventsRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request ListInstanceMaintenanceEventsRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request ListInstanceMaintenanceEventsRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingInstanceMaintenanceEventLifecycleStateEnum(string(request.LifecycleState)); !ok && request.LifecycleState != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", request.LifecycleState, strings.Join(GetInstanceMaintenanceEventLifecycleStateEnumStringValues(), ","))) + } + if _, ok := GetMappingListInstanceMaintenanceEventsSortByEnum(string(request.SortBy)); !ok && request.SortBy != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SortBy: %s. Supported values are: %s.", request.SortBy, strings.Join(GetListInstanceMaintenanceEventsSortByEnumStringValues(), ","))) + } + if _, ok := GetMappingListInstanceMaintenanceEventsSortOrderEnum(string(request.SortOrder)); !ok && request.SortOrder != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SortOrder: %s. Supported values are: %s.", request.SortOrder, strings.Join(GetListInstanceMaintenanceEventsSortOrderEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// ListInstanceMaintenanceEventsResponse wrapper for the ListInstanceMaintenanceEvents operation +type ListInstanceMaintenanceEventsResponse struct { + + // The underlying http response + RawResponse *http.Response + + // A list of []InstanceMaintenanceEventSummary instances + Items []InstanceMaintenanceEventSummary `presentIn:"body"` + + // For list pagination. When this header appears in the response, additional pages + // of results remain. For important details about how pagination works, see + // List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). + OpcNextPage *string `presentIn:"header" name:"opc-next-page"` + + // Unique Oracle-assigned identifier for the request. If you need to contact + // Oracle about a particular request, please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response ListInstanceMaintenanceEventsResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response ListInstanceMaintenanceEventsResponse) HTTPResponse() *http.Response { + return response.RawResponse +} + +// ListInstanceMaintenanceEventsSortByEnum Enum with underlying type: string +type ListInstanceMaintenanceEventsSortByEnum string + +// Set of constants representing the allowable values for ListInstanceMaintenanceEventsSortByEnum +const ( + ListInstanceMaintenanceEventsSortByTimecreated ListInstanceMaintenanceEventsSortByEnum = "TIMECREATED" + ListInstanceMaintenanceEventsSortByDisplayname ListInstanceMaintenanceEventsSortByEnum = "DISPLAYNAME" +) + +var mappingListInstanceMaintenanceEventsSortByEnum = map[string]ListInstanceMaintenanceEventsSortByEnum{ + "TIMECREATED": ListInstanceMaintenanceEventsSortByTimecreated, + "DISPLAYNAME": ListInstanceMaintenanceEventsSortByDisplayname, +} + +var mappingListInstanceMaintenanceEventsSortByEnumLowerCase = map[string]ListInstanceMaintenanceEventsSortByEnum{ + "timecreated": ListInstanceMaintenanceEventsSortByTimecreated, + "displayname": ListInstanceMaintenanceEventsSortByDisplayname, +} + +// GetListInstanceMaintenanceEventsSortByEnumValues Enumerates the set of values for ListInstanceMaintenanceEventsSortByEnum +func GetListInstanceMaintenanceEventsSortByEnumValues() []ListInstanceMaintenanceEventsSortByEnum { + values := make([]ListInstanceMaintenanceEventsSortByEnum, 0) + for _, v := range mappingListInstanceMaintenanceEventsSortByEnum { + values = append(values, v) + } + return values +} + +// GetListInstanceMaintenanceEventsSortByEnumStringValues Enumerates the set of values in String for ListInstanceMaintenanceEventsSortByEnum +func GetListInstanceMaintenanceEventsSortByEnumStringValues() []string { + return []string{ + "TIMECREATED", + "DISPLAYNAME", + } +} + +// GetMappingListInstanceMaintenanceEventsSortByEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListInstanceMaintenanceEventsSortByEnum(val string) (ListInstanceMaintenanceEventsSortByEnum, bool) { + enum, ok := mappingListInstanceMaintenanceEventsSortByEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// ListInstanceMaintenanceEventsSortOrderEnum Enum with underlying type: string +type ListInstanceMaintenanceEventsSortOrderEnum string + +// Set of constants representing the allowable values for ListInstanceMaintenanceEventsSortOrderEnum +const ( + ListInstanceMaintenanceEventsSortOrderAsc ListInstanceMaintenanceEventsSortOrderEnum = "ASC" + ListInstanceMaintenanceEventsSortOrderDesc ListInstanceMaintenanceEventsSortOrderEnum = "DESC" +) + +var mappingListInstanceMaintenanceEventsSortOrderEnum = map[string]ListInstanceMaintenanceEventsSortOrderEnum{ + "ASC": ListInstanceMaintenanceEventsSortOrderAsc, + "DESC": ListInstanceMaintenanceEventsSortOrderDesc, +} + +var mappingListInstanceMaintenanceEventsSortOrderEnumLowerCase = map[string]ListInstanceMaintenanceEventsSortOrderEnum{ + "asc": ListInstanceMaintenanceEventsSortOrderAsc, + "desc": ListInstanceMaintenanceEventsSortOrderDesc, +} + +// GetListInstanceMaintenanceEventsSortOrderEnumValues Enumerates the set of values for ListInstanceMaintenanceEventsSortOrderEnum +func GetListInstanceMaintenanceEventsSortOrderEnumValues() []ListInstanceMaintenanceEventsSortOrderEnum { + values := make([]ListInstanceMaintenanceEventsSortOrderEnum, 0) + for _, v := range mappingListInstanceMaintenanceEventsSortOrderEnum { + values = append(values, v) + } + return values +} + +// GetListInstanceMaintenanceEventsSortOrderEnumStringValues Enumerates the set of values in String for ListInstanceMaintenanceEventsSortOrderEnum +func GetListInstanceMaintenanceEventsSortOrderEnumStringValues() []string { + return []string{ + "ASC", + "DESC", + } +} + +// GetMappingListInstanceMaintenanceEventsSortOrderEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListInstanceMaintenanceEventsSortOrderEnum(val string) (ListInstanceMaintenanceEventsSortOrderEnum, bool) { + enum, ok := mappingListInstanceMaintenanceEventsSortOrderEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/list_volumes_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/list_volumes_request_response.go index 9658bdc03b..81b26acd13 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/list_volumes_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/list_volumes_request_response.go @@ -55,6 +55,9 @@ type ListVolumesRequest struct { // The OCID of the volume group. VolumeGroupId *string `mandatory:"false" contributesTo:"query" name:"volumeGroupId"` + // A filter to return only resources that match the given cluster placement group Id exactly. + ClusterPlacementGroupId *string `mandatory:"false" contributesTo:"query" name:"clusterPlacementGroupId"` + // A filter to only return resources that match the given lifecycle state. The state // value is case-insensitive. LifecycleState VolumeLifecycleStateEnum `mandatory:"false" contributesTo:"query" name:"lifecycleState" omitEmpty:"true"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/modify_vcn_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/modify_vcn_cidr_request_response.go index ed53e92a11..702c497fd2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/modify_vcn_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/modify_vcn_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/ModifyVcnCidr.go.html to see an example of how to use ModifyVcnCidrRequest. type ModifyVcnCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Details object for updating a VCN CIDR. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/network_security_group.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/network_security_group.go index 7ac55daa17..760da9d06a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/network_security_group.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/network_security_group.go @@ -31,21 +31,21 @@ import ( // // After creating an NSG, you can add VNICs and security rules to it. For example, when you create // an instance, you can specify one or more NSGs to add the instance to (see -// CreateVnicDetails). Or you can add an existing -// instance to an NSG with UpdateVnic. +// `CreateVnicDetails)`. Or you can add an existing +// instance to an NSG with `UpdateVnic`. // To add security rules to an NSG, see -// AddNetworkSecurityGroupSecurityRules. +// `AddNetworkSecurityGroupSecurityRules`. // To list the VNICs in an NSG, see -// ListNetworkSecurityGroupVnics. +// `ListNetworkSecurityGroupVnics`. // To list the security rules in an NSG, see -// ListNetworkSecurityGroupSecurityRules. +// `ListNetworkSecurityGroupSecurityRules`. // For more information about network security groups, see -// Network Security Groups (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/networksecuritygroups.htm). +// `Network Security Groups (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/networksecuritygroups.htm)`. // **Important:** Oracle Cloud Infrastructure Compute service images automatically include firewall rules (for example, // Linux iptables, Windows firewall). If there are issues with some type of access to an instance, // make sure all of the following are set correctly: // - Any security rules in any NSGs the instance's VNIC belongs to -// - Any SecurityList associated with the instance's subnet +// - Any `SecurityList` associated with the instance's subnet // - The instance's OS firewall rules // // To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/paravirtualized_volume_attachment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/paravirtualized_volume_attachment.go index e7d4c32fb8..4724b4b5a4 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/paravirtualized_volume_attachment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/paravirtualized_volume_attachment.go @@ -67,6 +67,10 @@ type ParavirtualizedVolumeAttachment struct { // Whether the Iscsi or Paravirtualized attachment is multipath or not, it is not applicable to NVMe attachment. IsMultipath *bool `mandatory:"false" json:"isMultipath"` + // Flag indicating if this volume was created for the customer as part of a simplified launch. + // Used to determine whether the volume requires deletion on instance termination. + IsVolumeCreatedDuringLaunch *bool `mandatory:"false" json:"isVolumeCreatedDuringLaunch"` + // The current state of the volume attachment. LifecycleState VolumeAttachmentLifecycleStateEnum `mandatory:"true" json:"lifecycleState"` @@ -145,6 +149,11 @@ func (m ParavirtualizedVolumeAttachment) GetIscsiLoginState() VolumeAttachmentIs return m.IscsiLoginState } +// GetIsVolumeCreatedDuringLaunch returns IsVolumeCreatedDuringLaunch +func (m ParavirtualizedVolumeAttachment) GetIsVolumeCreatedDuringLaunch() *bool { + return m.IsVolumeCreatedDuringLaunch +} + func (m ParavirtualizedVolumeAttachment) String() string { return common.PointerString(m) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/private_ip.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/private_ip.go index b0859bbc79..c2d30461db 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/private_ip.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/private_ip.go @@ -41,7 +41,7 @@ import ( // CreateVnicDetails when calling either // LaunchInstance or // AttachVnic. To update the hostname -// for a primary private IP, you use UpdateVnic. +// for a primary private IP, you use `UpdateVnic`. // `PrivateIp` objects that are created for use with the Oracle Cloud VMware Solution are // assigned to a VLAN and not a VNIC in a subnet. See the // descriptions of the relevant attributes in the `PrivateIp` object. Also see diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_subnet_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_subnet_cidr_request_response.go index 1e9d9c86a1..56e289cbf8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_subnet_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_subnet_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/RemoveIpv6SubnetCidr.go.html to see an example of how to use RemoveIpv6SubnetCidrRequest. type RemoveIpv6SubnetCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // Details object for removing an IPv6 SUBNET prefix. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_vcn_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_vcn_cidr_request_response.go index 3633eeb966..2bcd7ffdf7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_vcn_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_ipv6_vcn_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/RemoveIpv6VcnCidr.go.html to see an example of how to use RemoveIpv6VcnCidrRequest. type RemoveIpv6VcnCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Unique identifier for the request. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_vcn_cidr_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_vcn_cidr_request_response.go index 20fcdad7c3..b96a53bb9a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_vcn_cidr_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/remove_vcn_cidr_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/RemoveVcnCidr.go.html to see an example of how to use RemoveVcnCidrRequest. type RemoveVcnCidrRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Details object for removing a VCN CIDR. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/service_gateway.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/service_gateway.go index c9f29df664..ca6847ff99 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/service_gateway.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/service_gateway.go @@ -23,10 +23,10 @@ import ( // ServiceGateway Represents a router that lets your VCN privately access specific Oracle services such as Object // Storage without exposing the VCN to the public internet. Traffic leaving the VCN and destined -// for a supported Oracle service (see ListServices) is -// routed through the service gateway and does not traverse the internet. The instances in the VCN -// do not need to have public IP addresses nor be in a public subnet. The VCN does not need an internet gateway -// for this traffic. For more information, see +// for a supported Oracle service (use the ListServices operation to +// find available service CIDR labels) is routed through the service gateway and does not traverse the internet. +// The instances in the VCN do not need to have public IP addresses nor be in a public subnet. The VCN does not +// need an internet gateway for this traffic. For more information, see // Access to Oracle Services: Service Gateway (https://docs.cloud.oracle.com/iaas/Content/Network/Tasks/servicegateway.htm). // To use any of the API operations, you must be authorized in an IAM policy. If you're not authorized, // talk to an administrator. If you're an administrator who needs to write policies to give users access, see diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/terminate_instance_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/terminate_instance_request_response.go index 61b943035c..15dc757174 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/terminate_instance_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/terminate_instance_request_response.go @@ -30,6 +30,11 @@ type TerminateInstanceRequest struct { // When set to `true`, the boot volume is preserved. The default value is `false`. PreserveBootVolume *bool `mandatory:"false" contributesTo:"query" name:"preserveBootVolume"` + // Specifies whether to delete or preserve the data volumes created during launch when + // terminating an instance. When set to `true`, the data volumes are preserved. The + // default value is `true`. + PreserveDataVolumesCreatedAtLaunch *bool `mandatory:"false" contributesTo:"query" name:"preserveDataVolumesCreatedAtLaunch"` + // Unique Oracle-assigned identifier for the request. // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_details.go index 81612a9bd6..9c5967e9ef 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_details.go @@ -16,6 +16,7 @@ package core import ( + "encoding/json" "fmt" "github.com/oracle/oci-go-sdk/v65/common" "strings" @@ -34,6 +35,10 @@ type UpdateInstanceDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` @@ -86,6 +91,8 @@ type UpdateInstanceDetails struct { ShapeConfig *UpdateInstanceShapeConfigDetails `mandatory:"false" json:"shapeConfig"` + SourceDetails UpdateInstanceSourceDetails `mandatory:"false" json:"sourceDetails"` + // The parameter acts as a fail-safe to prevent unwanted downtime when updating a running instance. // The default is ALLOW_DOWNTIME. // * `ALLOW_DOWNTIME` - Compute might reboot the instance while updating the instance if a reboot is required. @@ -130,6 +137,8 @@ type UpdateInstanceDetails struct { // - that is, you can't move an instance from on-demand capacity to dedicated capacity, // nor can you move an instance from dedicated capacity to on-demand capacity. DedicatedVmHostId *string `mandatory:"false" json:"dedicatedVmHostId"` + + PlatformConfig UpdateInstancePlatformConfig `mandatory:"false" json:"platformConfig"` } func (m UpdateInstanceDetails) String() string { @@ -151,6 +160,92 @@ func (m UpdateInstanceDetails) ValidateEnumValue() (bool, error) { return false, nil } +// UnmarshalJSON unmarshals from json +func (m *UpdateInstanceDetails) UnmarshalJSON(data []byte) (e error) { + model := struct { + CapacityReservationId *string `json:"capacityReservationId"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SecurityAttributes map[string]map[string]interface{} `json:"securityAttributes"` + DisplayName *string `json:"displayName"` + FreeformTags map[string]string `json:"freeformTags"` + AgentConfig *UpdateInstanceAgentConfigDetails `json:"agentConfig"` + Metadata map[string]string `json:"metadata"` + ExtendedMetadata map[string]interface{} `json:"extendedMetadata"` + Shape *string `json:"shape"` + ShapeConfig *UpdateInstanceShapeConfigDetails `json:"shapeConfig"` + SourceDetails updateinstancesourcedetails `json:"sourceDetails"` + UpdateOperationConstraint UpdateInstanceDetailsUpdateOperationConstraintEnum `json:"updateOperationConstraint"` + InstanceOptions *InstanceOptions `json:"instanceOptions"` + FaultDomain *string `json:"faultDomain"` + LaunchOptions *UpdateLaunchOptions `json:"launchOptions"` + AvailabilityConfig *UpdateInstanceAvailabilityConfigDetails `json:"availabilityConfig"` + TimeMaintenanceRebootDue *common.SDKTime `json:"timeMaintenanceRebootDue"` + DedicatedVmHostId *string `json:"dedicatedVmHostId"` + PlatformConfig updateinstanceplatformconfig `json:"platformConfig"` + }{} + + e = json.Unmarshal(data, &model) + if e != nil { + return + } + var nn interface{} + m.CapacityReservationId = model.CapacityReservationId + + m.DefinedTags = model.DefinedTags + + m.SecurityAttributes = model.SecurityAttributes + + m.DisplayName = model.DisplayName + + m.FreeformTags = model.FreeformTags + + m.AgentConfig = model.AgentConfig + + m.Metadata = model.Metadata + + m.ExtendedMetadata = model.ExtendedMetadata + + m.Shape = model.Shape + + m.ShapeConfig = model.ShapeConfig + + nn, e = model.SourceDetails.UnmarshalPolymorphicJSON(model.SourceDetails.JsonData) + if e != nil { + return + } + if nn != nil { + m.SourceDetails = nn.(UpdateInstanceSourceDetails) + } else { + m.SourceDetails = nil + } + + m.UpdateOperationConstraint = model.UpdateOperationConstraint + + m.InstanceOptions = model.InstanceOptions + + m.FaultDomain = model.FaultDomain + + m.LaunchOptions = model.LaunchOptions + + m.AvailabilityConfig = model.AvailabilityConfig + + m.TimeMaintenanceRebootDue = model.TimeMaintenanceRebootDue + + m.DedicatedVmHostId = model.DedicatedVmHostId + + nn, e = model.PlatformConfig.UnmarshalPolymorphicJSON(model.PlatformConfig.JsonData) + if e != nil { + return + } + if nn != nil { + m.PlatformConfig = nn.(UpdateInstancePlatformConfig) + } else { + m.PlatformConfig = nil + } + + return +} + // UpdateInstanceDetailsUpdateOperationConstraintEnum Enum with underlying type: string type UpdateInstanceDetailsUpdateOperationConstraintEnum string diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_details.go new file mode 100644 index 0000000000..dadc83ce99 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_details.go @@ -0,0 +1,73 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// UpdateInstanceMaintenanceEventDetails Specifies the properties for updating maintenance due date. +type UpdateInstanceMaintenanceEventDetails struct { + + // The beginning of the time window when Maintenance is scheduled to begin. The Maintenance will not begin before + // this time. + // The timeWindowEnd is automatically calculated based on the maintenanceReason and the instanceAction. + TimeWindowStart *common.SDKTime `mandatory:"false" json:"timeWindowStart"` + + // One of the alternativeResolutionActions that was provided in the InstanceMaintenanceEvent. + AlternativeResolutionAction InstanceMaintenanceAlternativeResolutionActionsEnum `mandatory:"false" json:"alternativeResolutionAction,omitempty"` + + // This field is only applicable when setting the alternativeResolutionAction. + // For Instances that have local storage, this must be set to true to verify that the local storage + // will be deleted during the migration. For instances without, this parameter has no effect. + // In cases where the local storage will be lost, this parameter must be set or the request will fail. + CanDeleteLocalStorage *bool `mandatory:"false" json:"canDeleteLocalStorage"` + + // A user-friendly name. Does not have to be unique, and it's changeable. + // Avoid entering confidential information. + DisplayName *string `mandatory:"false" json:"displayName"` + + // Defined tags for this resource. Each key is predefined and scoped to a + // namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Operations": {"CostCenter": "42"}}` + DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Free-form tags for this resource. Each tag is a simple key-value pair with no + // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). + // Example: `{"Department": "Finance"}` + FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` +} + +func (m UpdateInstanceMaintenanceEventDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m UpdateInstanceMaintenanceEventDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if _, ok := GetMappingInstanceMaintenanceAlternativeResolutionActionsEnum(string(m.AlternativeResolutionAction)); !ok && m.AlternativeResolutionAction != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for AlternativeResolutionAction: %s. Supported values are: %s.", m.AlternativeResolutionAction, strings.Join(GetInstanceMaintenanceAlternativeResolutionActionsEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_request_response.go new file mode 100644 index 0000000000..b8ad80ee87 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_instance_maintenance_event_request_response.go @@ -0,0 +1,108 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// UpdateInstanceMaintenanceEventRequest wrapper for the UpdateInstanceMaintenanceEvent operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/UpdateInstanceMaintenanceEvent.go.html to see an example of how to use UpdateInstanceMaintenanceEventRequest. +type UpdateInstanceMaintenanceEventRequest struct { + + // The OCID of the instance maintenance event. + InstanceMaintenanceEventId *string `mandatory:"true" contributesTo:"path" name:"instanceMaintenanceEventId"` + + // Update instance maintenance event due date. + UpdateInstanceMaintenanceEventDetails `contributesTo:"body"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // For optimistic concurrency control. In the PUT or DELETE call for a resource, set the `if-match` + // parameter to the value of the etag from a previous GET or POST response for that resource. The resource + // will be updated or deleted only if the etag you provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // A token that uniquely identifies a request so it can be retried in case of a timeout or + // server error without risk of executing that same action again. Retry tokens expire after 24 + // hours, but can be invalidated before then due to conflicting operations (for example, if a resource + // has been deleted and purged from the system, then a retry of the original creation request + // may be rejected). + OpcRetryToken *string `mandatory:"false" contributesTo:"header" name:"opc-retry-token"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request UpdateInstanceMaintenanceEventRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request UpdateInstanceMaintenanceEventRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request UpdateInstanceMaintenanceEventRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request UpdateInstanceMaintenanceEventRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request UpdateInstanceMaintenanceEventRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// UpdateInstanceMaintenanceEventResponse wrapper for the UpdateInstanceMaintenanceEvent operation +type UpdateInstanceMaintenanceEventResponse struct { + + // The underlying http response + RawResponse *http.Response + + // Unique Oracle-assigned identifier for the request. If you need to contact + // Oracle about a particular request, please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the work request. + // Use GetWorkRequest (https://docs.cloud.oracle.com/api/#/en/workrequests/latest/WorkRequest/GetWorkRequest) + // with this ID to track the status of the request. + OpcWorkRequestId *string `presentIn:"header" name:"opc-work-request-id"` +} + +func (response UpdateInstanceMaintenanceEventResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response UpdateInstanceMaintenanceEventResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_subnet_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_subnet_request_response.go index 7056552703..b8e5b1a814 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_subnet_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_subnet_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/UpdateSubnet.go.html to see an example of how to use UpdateSubnetRequest. type UpdateSubnetRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the subnet. SubnetId *string `mandatory:"true" contributesTo:"path" name:"subnetId"` // Details object for updating a subnet. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_details.go index 22f7b163fe..d4f665c487 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_details.go @@ -37,6 +37,10 @@ type UpdateVcnDetails struct { // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` } func (m UpdateVcnDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_request_response.go index 2e811b3074..d6d27ddc3d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vcn_request_response.go @@ -18,7 +18,7 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/core/UpdateVcn.go.html to see an example of how to use UpdateVcnRequest. type UpdateVcnRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. + // Specify the OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the VCN. VcnId *string `mandatory:"true" contributesTo:"path" name:"vcnId"` // Details object for updating a VCN. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vnic_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vnic_details.go index d6d4760727..c8577750ff 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vnic_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/update_vnic_details.go @@ -38,13 +38,17 @@ type UpdateVnicDetails struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // The hostname for the VNIC's primary private IP. Used for DNS. The value is the hostname // portion of the primary private IP's fully qualified domain name (FQDN) // (for example, `bminstance1` in FQDN `bminstance1.subnet123.vcn1.oraclevcn.com`). // Must be unique across all VNICs in the subnet and comply with // RFC 952 (https://tools.ietf.org/html/rfc952) and // RFC 1123 (https://tools.ietf.org/html/rfc1123). - // The value appears in the Vnic object and also the + // The value appears in the `Vnic` object and also the // PrivateIp object returned by // ListPrivateIps and // GetPrivateIp. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/vcn.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/vcn.go index 2e14ec67e1..1d2ead3a61 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/vcn.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/vcn.go @@ -85,6 +85,10 @@ type Vcn struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // For an IPv6-enabled VCN, this is the list of IPv6 prefixes for the VCN's IP address space. // The prefixes are provided by Oracle and the sizes are always /56. Ipv6CidrBlocks []string `mandatory:"false" json:"ipv6CidrBlocks"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit.go index 43058ba70f..cab04c9cab 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit.go @@ -164,6 +164,8 @@ type VirtualCircuit struct { // The layer 3 IP MTU to use on this virtual circuit. IpMtu VirtualCircuitIpMtuEnum `mandatory:"false" json:"ipMtu,omitempty"` + + VirtualCircuitRedundancyMetadata *VirtualCircuitRedundancyMetadata `mandatory:"false" json:"virtualCircuitRedundancyMetadata"` } func (m VirtualCircuit) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit_redundancy_metadata.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit_redundancy_metadata.go new file mode 100644 index 0000000000..ae667d46dc --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/virtual_circuit_redundancy_metadata.go @@ -0,0 +1,206 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// VirtualCircuitRedundancyMetadata Redundancy level details of the virtual circuit +type VirtualCircuitRedundancyMetadata struct { + + // The configured redundancy level of the virtual circuit + ConfiguredRedundancyLevel VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum `mandatory:"false" json:"configuredRedundancyLevel,omitempty"` + + // IPV4 BGP redundancy status indicates if the configured redundancy level is met + Ipv4bgpSessionRedundancyStatus VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum `mandatory:"false" json:"ipv4bgpSessionRedundancyStatus,omitempty"` + + // IPV6 BGP redundancy status indicates if the configured redundancy level is met + Ipv6bgpSessionRedundancyStatus VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum `mandatory:"false" json:"ipv6bgpSessionRedundancyStatus,omitempty"` +} + +func (m VirtualCircuitRedundancyMetadata) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m VirtualCircuitRedundancyMetadata) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if _, ok := GetMappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum(string(m.ConfiguredRedundancyLevel)); !ok && m.ConfiguredRedundancyLevel != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for ConfiguredRedundancyLevel: %s. Supported values are: %s.", m.ConfiguredRedundancyLevel, strings.Join(GetVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumStringValues(), ","))) + } + if _, ok := GetMappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum(string(m.Ipv4bgpSessionRedundancyStatus)); !ok && m.Ipv4bgpSessionRedundancyStatus != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Ipv4bgpSessionRedundancyStatus: %s. Supported values are: %s.", m.Ipv4bgpSessionRedundancyStatus, strings.Join(GetVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumStringValues(), ","))) + } + if _, ok := GetMappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum(string(m.Ipv6bgpSessionRedundancyStatus)); !ok && m.Ipv6bgpSessionRedundancyStatus != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Ipv6bgpSessionRedundancyStatus: %s. Supported values are: %s.", m.Ipv6bgpSessionRedundancyStatus, strings.Join(GetVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumStringValues(), ","))) + } + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum Enum with underlying type: string +type VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum string + +// Set of constants representing the allowable values for VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum +const ( + VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelDevice VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = "DEVICE" + VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPop VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = "POP" + VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelRegion VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = "REGION" + VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelNonRedundant VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = "NON_REDUNDANT" + VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPending VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = "PENDING" +) + +var mappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum = map[string]VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum{ + "DEVICE": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelDevice, + "POP": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPop, + "REGION": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelRegion, + "NON_REDUNDANT": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelNonRedundant, + "PENDING": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPending, +} + +var mappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumLowerCase = map[string]VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum{ + "device": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelDevice, + "pop": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPop, + "region": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelRegion, + "non_redundant": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelNonRedundant, + "pending": VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelPending, +} + +// GetVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumValues Enumerates the set of values for VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum +func GetVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumValues() []VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum { + values := make([]VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum, 0) + for _, v := range mappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum { + values = append(values, v) + } + return values +} + +// GetVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumStringValues Enumerates the set of values in String for VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum +func GetVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumStringValues() []string { + return []string{ + "DEVICE", + "POP", + "REGION", + "NON_REDUNDANT", + "PENDING", + } +} + +// GetMappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum(val string) (VirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnum, bool) { + enum, ok := mappingVirtualCircuitRedundancyMetadataConfiguredRedundancyLevelEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum Enum with underlying type: string +type VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum string + +// Set of constants representing the allowable values for VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum +const ( + VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMatch VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum = "CONFIGURATION_MATCH" + VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMismatch VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum = "CONFIGURATION_MISMATCH" + VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusNotMetSla VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum = "NOT_MET_SLA" +) + +var mappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum = map[string]VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum{ + "CONFIGURATION_MATCH": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMatch, + "CONFIGURATION_MISMATCH": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMismatch, + "NOT_MET_SLA": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusNotMetSla, +} + +var mappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumLowerCase = map[string]VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum{ + "configuration_match": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMatch, + "configuration_mismatch": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusConfigurationMismatch, + "not_met_sla": VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusNotMetSla, +} + +// GetVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumValues Enumerates the set of values for VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum +func GetVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumValues() []VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum { + values := make([]VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum, 0) + for _, v := range mappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum { + values = append(values, v) + } + return values +} + +// GetVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumStringValues Enumerates the set of values in String for VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum +func GetVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumStringValues() []string { + return []string{ + "CONFIGURATION_MATCH", + "CONFIGURATION_MISMATCH", + "NOT_MET_SLA", + } +} + +// GetMappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum(val string) (VirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnum, bool) { + enum, ok := mappingVirtualCircuitRedundancyMetadataIpv4bgpSessionRedundancyStatusEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + +// VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum Enum with underlying type: string +type VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum string + +// Set of constants representing the allowable values for VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum +const ( + VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMatch VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum = "CONFIGURATION_MATCH" + VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMismatch VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum = "CONFIGURATION_MISMATCH" + VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusNotMetSla VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum = "NOT_MET_SLA" +) + +var mappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum = map[string]VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum{ + "CONFIGURATION_MATCH": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMatch, + "CONFIGURATION_MISMATCH": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMismatch, + "NOT_MET_SLA": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusNotMetSla, +} + +var mappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumLowerCase = map[string]VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum{ + "configuration_match": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMatch, + "configuration_mismatch": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusConfigurationMismatch, + "not_met_sla": VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusNotMetSla, +} + +// GetVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumValues Enumerates the set of values for VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum +func GetVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumValues() []VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum { + values := make([]VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum, 0) + for _, v := range mappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum { + values = append(values, v) + } + return values +} + +// GetVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumStringValues Enumerates the set of values in String for VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum +func GetVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumStringValues() []string { + return []string{ + "CONFIGURATION_MATCH", + "CONFIGURATION_MISMATCH", + "NOT_MET_SLA", + } +} + +// GetMappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum(val string) (VirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnum, bool) { + enum, ok := mappingVirtualCircuitRedundancyMetadataIpv6bgpSessionRedundancyStatusEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/vnic.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/vnic.go index c5af28fde6..08d4c58ba7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/vnic.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/vnic.go @@ -67,6 +67,10 @@ type Vnic struct { // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + // Security Attributes for this resource. This is unique to ZPR, and helps identify which resources are allowed to be accessed by what permission controls. + // Example: `{"Oracle-DataSecurity-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // Free-form tags for this resource. Each tag is a simple key-value pair with no // predefined name, type, or namespace. For more information, see Resource Tags (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/resourcetags.htm). // Example: `{"Department": "Finance"}` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume.go index e34efa7c22..7f6dba0dac 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume.go @@ -87,6 +87,9 @@ type Volume struct { // For performance autotune enabled volumes, It would be the Default(Minimum) VPUs/GB. VpusPerGB *int64 `mandatory:"false" json:"vpusPerGB"` + // The clusterPlacementGroup Id of the volume for volume placement. + ClusterPlacementGroupId *string `mandatory:"false" json:"clusterPlacementGroupId"` + // The size of the volume in GBs. SizeInGBs *int64 `mandatory:"false" json:"sizeInGBs"` @@ -131,26 +134,27 @@ func (m Volume) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *Volume) UnmarshalJSON(data []byte) (e error) { model := struct { - DefinedTags map[string]map[string]interface{} `json:"definedTags"` - FreeformTags map[string]string `json:"freeformTags"` - SystemTags map[string]map[string]interface{} `json:"systemTags"` - IsHydrated *bool `json:"isHydrated"` - KmsKeyId *string `json:"kmsKeyId"` - VpusPerGB *int64 `json:"vpusPerGB"` - SizeInGBs *int64 `json:"sizeInGBs"` - SourceDetails volumesourcedetails `json:"sourceDetails"` - VolumeGroupId *string `json:"volumeGroupId"` - IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` - AutoTunedVpusPerGB *int64 `json:"autoTunedVpusPerGB"` - BlockVolumeReplicas []BlockVolumeReplicaInfo `json:"blockVolumeReplicas"` - AutotunePolicies []autotunepolicy `json:"autotunePolicies"` - AvailabilityDomain *string `json:"availabilityDomain"` - CompartmentId *string `json:"compartmentId"` - DisplayName *string `json:"displayName"` - Id *string `json:"id"` - LifecycleState VolumeLifecycleStateEnum `json:"lifecycleState"` - SizeInMBs *int64 `json:"sizeInMBs"` - TimeCreated *common.SDKTime `json:"timeCreated"` + DefinedTags map[string]map[string]interface{} `json:"definedTags"` + FreeformTags map[string]string `json:"freeformTags"` + SystemTags map[string]map[string]interface{} `json:"systemTags"` + IsHydrated *bool `json:"isHydrated"` + KmsKeyId *string `json:"kmsKeyId"` + VpusPerGB *int64 `json:"vpusPerGB"` + ClusterPlacementGroupId *string `json:"clusterPlacementGroupId"` + SizeInGBs *int64 `json:"sizeInGBs"` + SourceDetails volumesourcedetails `json:"sourceDetails"` + VolumeGroupId *string `json:"volumeGroupId"` + IsAutoTuneEnabled *bool `json:"isAutoTuneEnabled"` + AutoTunedVpusPerGB *int64 `json:"autoTunedVpusPerGB"` + BlockVolumeReplicas []BlockVolumeReplicaInfo `json:"blockVolumeReplicas"` + AutotunePolicies []autotunepolicy `json:"autotunePolicies"` + AvailabilityDomain *string `json:"availabilityDomain"` + CompartmentId *string `json:"compartmentId"` + DisplayName *string `json:"displayName"` + Id *string `json:"id"` + LifecycleState VolumeLifecycleStateEnum `json:"lifecycleState"` + SizeInMBs *int64 `json:"sizeInMBs"` + TimeCreated *common.SDKTime `json:"timeCreated"` }{} e = json.Unmarshal(data, &model) @@ -170,6 +174,8 @@ func (m *Volume) UnmarshalJSON(data []byte) (e error) { m.VpusPerGB = model.VpusPerGB + m.ClusterPlacementGroupId = model.ClusterPlacementGroupId + m.SizeInGBs = model.SizeInGBs nn, e = model.SourceDetails.UnmarshalPolymorphicJSON(model.SourceDetails.JsonData) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_attachment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_attachment.go index 22501334a6..9039ac97ec 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_attachment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_attachment.go @@ -79,6 +79,10 @@ type VolumeAttachment interface { // The iscsi login state of the volume attachment. For a Iscsi volume attachment, // all iscsi sessions need to be all logged-in or logged-out to be in logged-in or logged-out state. GetIscsiLoginState() VolumeAttachmentIscsiLoginStateEnum + + // Flag indicating if this volume was created for the customer as part of a simplified launch. + // Used to determine whether the volume requires deletion on instance termination. + GetIsVolumeCreatedDuringLaunch() *bool } type volumeattachment struct { @@ -90,6 +94,7 @@ type volumeattachment struct { IsPvEncryptionInTransitEnabled *bool `mandatory:"false" json:"isPvEncryptionInTransitEnabled"` IsMultipath *bool `mandatory:"false" json:"isMultipath"` IscsiLoginState VolumeAttachmentIscsiLoginStateEnum `mandatory:"false" json:"iscsiLoginState,omitempty"` + IsVolumeCreatedDuringLaunch *bool `mandatory:"false" json:"isVolumeCreatedDuringLaunch"` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` CompartmentId *string `mandatory:"true" json:"compartmentId"` Id *string `mandatory:"true" json:"id"` @@ -125,6 +130,7 @@ func (m *volumeattachment) UnmarshalJSON(data []byte) error { m.IsPvEncryptionInTransitEnabled = s.Model.IsPvEncryptionInTransitEnabled m.IsMultipath = s.Model.IsMultipath m.IscsiLoginState = s.Model.IscsiLoginState + m.IsVolumeCreatedDuringLaunch = s.Model.IsVolumeCreatedDuringLaunch m.AttachmentType = s.Model.AttachmentType return err @@ -192,6 +198,11 @@ func (m volumeattachment) GetIscsiLoginState() VolumeAttachmentIscsiLoginStateEn return m.IscsiLoginState } +// GetIsVolumeCreatedDuringLaunch returns IsVolumeCreatedDuringLaunch +func (m volumeattachment) GetIsVolumeCreatedDuringLaunch() *bool { + return m.IsVolumeCreatedDuringLaunch +} + // GetAvailabilityDomain returns AvailabilityDomain func (m volumeattachment) GetAvailabilityDomain() *string { return m.AvailabilityDomain diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go index 7322b96f8c..871de28e4f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_backup_policy_assignment.go @@ -38,6 +38,12 @@ type VolumeBackupPolicyAssignment struct { // The date and time the volume backup policy was assigned to the volume. The format is // defined by RFC3339 (https://tools.ietf.org/html/rfc3339). TimeCreated *common.SDKTime `mandatory:"true" json:"timeCreated"` + + // The OCID of the Vault service key which is the master encryption key for the block / boot volume cross region backups, which will be used in the destination region to encrypt the backup's encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrcKmsKeyId *string `mandatory:"false" json:"xrcKmsKeyId"` } func (m VolumeBackupPolicyAssignment) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go index 7a98f3ae58..7dfae065a9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_details.go @@ -31,6 +31,12 @@ type VolumeGroupReplicaDetails struct { // A user-friendly name. Does not have to be unique, and it's changeable. // Avoid entering confidential information. DisplayName *string `mandatory:"false" json:"displayName"` + + // The OCID of the Vault service key which is the master encryption key for the cross region volume group's replicas, which will be used in the destination region to encrypt the volume group's replicas encryption keys. + // For more information about the Vault service and encryption keys, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + XrrKmsKeyId *string `mandatory:"false" json:"xrrKmsKeyId"` } func (m VolumeGroupReplicaDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go index f730deec9a..2d5a8cdae2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_group_replica_info.go @@ -34,6 +34,11 @@ type VolumeGroupReplicaInfo struct { // The availability domain of the boot volume replica replica. // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` + + // The OCID of the Vault service key to assign as the master encryption key for the block volume replica, see + // Overview of Vault service (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Concepts/keyoverview.htm) and + // Using Keys (https://docs.cloud.oracle.com/iaas/Content/KeyManagement/Tasks/usingkeys.htm). + KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` } func (m VolumeGroupReplicaInfo) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go index bcea6aaf3d..8d8538519a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_details.go @@ -70,6 +70,10 @@ func (m *volumesourcedetails) UnmarshalPolymorphicJSON(data []byte) (interface{} mm := VolumeSourceFromVolumeBackupDetails{} err = json.Unmarshal(data, &mm) return mm, err + case "volumeBackupDelta": + mm := VolumeSourceFromVolumeBackupDeltaDetails{} + err = json.Unmarshal(data, &mm) + return mm, err default: common.Logf("Recieved unsupported enum value for VolumeSourceDetails: %s.", m.Type) return *m, nil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go new file mode 100644 index 0000000000..b3223d6369 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/core/volume_source_from_volume_backup_delta_details.go @@ -0,0 +1,66 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Core Services API +// +// Use the Core Services API to manage resources such as virtual cloud networks (VCNs), +// compute instances, and block storage volumes. For more information, see the console +// documentation for the Networking (https://docs.cloud.oracle.com/iaas/Content/Network/Concepts/overview.htm), +// Compute (https://docs.cloud.oracle.com/iaas/Content/Compute/Concepts/computeoverview.htm), and +// Block Volume (https://docs.cloud.oracle.com/iaas/Content/Block/Concepts/overview.htm) services. +// The required permissions are documented in the +// Details for the Core Services (https://docs.cloud.oracle.com/iaas/Content/Identity/Reference/corepolicyreference.htm) article. +// + +package core + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// VolumeSourceFromVolumeBackupDeltaDetails Specifies the volume backups (first & second) and block size in bytes. +type VolumeSourceFromVolumeBackupDeltaDetails struct { + + // The OCID of the first volume backup. + FirstBackupId *string `mandatory:"true" json:"firstBackupId"` + + // The OCID of the second volume backup. + SecondBackupId *string `mandatory:"true" json:"secondBackupId"` + + // Block size in bytes to be considered while performing volume restore. The value must be a power of 2; ranging from 4KB (4096 bytes) to 1MB (1048576 bytes). If omitted, defaults to 4,096 bytes (4 KiB). + ChangeBlockSizeInBytes *int64 `mandatory:"false" json:"changeBlockSizeInBytes"` +} + +func (m VolumeSourceFromVolumeBackupDeltaDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m VolumeSourceFromVolumeBackupDeltaDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m VolumeSourceFromVolumeBackupDeltaDetails) MarshalJSON() (buff []byte, e error) { + type MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails VolumeSourceFromVolumeBackupDeltaDetails + s := struct { + DiscriminatorParam string `json:"type"` + MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails + }{ + "volumeBackupDelta", + (MarshalTypeVolumeSourceFromVolumeBackupDeltaDetails)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_export_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_export_lock_request_response.go new file mode 100644 index 0000000000..42c4cd60dd --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_export_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddExportLockRequest wrapper for the AddExportLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddExportLock.go.html to see an example of how to use AddExportLockRequest. +type AddExportLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the export. + ExportId *string `mandatory:"true" contributesTo:"path" name:"exportId"` + + // The details to be updated for the AddLock. + AddExportLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddExportLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddExportLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddExportLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddExportLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddExportLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddExportLockResponse wrapper for the AddExportLock operation +type AddExportLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Export instance + Export `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddExportLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddExportLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_file_system_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_file_system_lock_request_response.go new file mode 100644 index 0000000000..6de74b469c --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_file_system_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddFileSystemLockRequest wrapper for the AddFileSystemLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddFileSystemLock.go.html to see an example of how to use AddFileSystemLockRequest. +type AddFileSystemLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the file system. + FileSystemId *string `mandatory:"true" contributesTo:"path" name:"fileSystemId"` + + // The details to be updated for the AddLock. + AddFileSystemLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddFileSystemLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddFileSystemLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddFileSystemLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddFileSystemLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddFileSystemLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddFileSystemLockResponse wrapper for the AddFileSystemLock operation +type AddFileSystemLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The FileSystem instance + FileSystem `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddFileSystemLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddFileSystemLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_filesystem_snapshot_policy_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_filesystem_snapshot_policy_lock_request_response.go new file mode 100644 index 0000000000..f659174507 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_filesystem_snapshot_policy_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddFilesystemSnapshotPolicyLockRequest wrapper for the AddFilesystemSnapshotPolicyLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddFilesystemSnapshotPolicyLock.go.html to see an example of how to use AddFilesystemSnapshotPolicyLockRequest. +type AddFilesystemSnapshotPolicyLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the file system snapshot policy. + FilesystemSnapshotPolicyId *string `mandatory:"true" contributesTo:"path" name:"filesystemSnapshotPolicyId"` + + // The details to be updated for the AddLock. + AddFilesystemSnapshotPolicyLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddFilesystemSnapshotPolicyLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddFilesystemSnapshotPolicyLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddFilesystemSnapshotPolicyLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddFilesystemSnapshotPolicyLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddFilesystemSnapshotPolicyLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddFilesystemSnapshotPolicyLockResponse wrapper for the AddFilesystemSnapshotPolicyLock operation +type AddFilesystemSnapshotPolicyLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The FilesystemSnapshotPolicy instance + FilesystemSnapshotPolicy `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddFilesystemSnapshotPolicyLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddFilesystemSnapshotPolicyLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_mount_target_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_mount_target_lock_request_response.go new file mode 100644 index 0000000000..2077500374 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_mount_target_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddMountTargetLockRequest wrapper for the AddMountTargetLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddMountTargetLock.go.html to see an example of how to use AddMountTargetLockRequest. +type AddMountTargetLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target. + MountTargetId *string `mandatory:"true" contributesTo:"path" name:"mountTargetId"` + + // The details to be updated for the AddLock. + AddMountTargetLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddMountTargetLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddMountTargetLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddMountTargetLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddMountTargetLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddMountTargetLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddMountTargetLockResponse wrapper for the AddMountTargetLock operation +type AddMountTargetLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The MountTarget instance + MountTarget `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddMountTargetLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddMountTargetLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_outbound_connector_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_outbound_connector_lock_request_response.go new file mode 100644 index 0000000000..e046726c21 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_outbound_connector_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddOutboundConnectorLockRequest wrapper for the AddOutboundConnectorLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddOutboundConnectorLock.go.html to see an example of how to use AddOutboundConnectorLockRequest. +type AddOutboundConnectorLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the outbound connector. + OutboundConnectorId *string `mandatory:"true" contributesTo:"path" name:"outboundConnectorId"` + + // The details to be updated for the AddLock. + AddOutboundConnectorLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddOutboundConnectorLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddOutboundConnectorLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddOutboundConnectorLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddOutboundConnectorLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddOutboundConnectorLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddOutboundConnectorLockResponse wrapper for the AddOutboundConnectorLock operation +type AddOutboundConnectorLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The OutboundConnector instance + OutboundConnector `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddOutboundConnectorLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddOutboundConnectorLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_replication_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_replication_lock_request_response.go new file mode 100644 index 0000000000..ba5ed04295 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_replication_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddReplicationLockRequest wrapper for the AddReplicationLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddReplicationLock.go.html to see an example of how to use AddReplicationLockRequest. +type AddReplicationLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the replication. + ReplicationId *string `mandatory:"true" contributesTo:"path" name:"replicationId"` + + // The details to be updated for the AddLock. + AddReplicationLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddReplicationLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddReplicationLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddReplicationLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddReplicationLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddReplicationLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddReplicationLockResponse wrapper for the AddReplicationLock operation +type AddReplicationLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Replication instance + Replication `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddReplicationLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddReplicationLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_snapshot_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_snapshot_lock_request_response.go new file mode 100644 index 0000000000..b77cf23704 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/add_snapshot_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// AddSnapshotLockRequest wrapper for the AddSnapshotLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddSnapshotLock.go.html to see an example of how to use AddSnapshotLockRequest. +type AddSnapshotLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the snapshot. + SnapshotId *string `mandatory:"true" contributesTo:"path" name:"snapshotId"` + + // The details to be updated for the AddLock. + AddSnapshotLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request AddSnapshotLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request AddSnapshotLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request AddSnapshotLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request AddSnapshotLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request AddSnapshotLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// AddSnapshotLockResponse wrapper for the AddSnapshotLock operation +type AddSnapshotLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Snapshot instance + Snapshot `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response AddSnapshotLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response AddSnapshotLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/cancel_downgrade_shape_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/cancel_downgrade_shape_mount_target_request_response.go new file mode 100644 index 0000000000..dba810d901 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/cancel_downgrade_shape_mount_target_request_response.go @@ -0,0 +1,102 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// CancelDowngradeShapeMountTargetRequest wrapper for the CancelDowngradeShapeMountTarget operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CancelDowngradeShapeMountTarget.go.html to see an example of how to use CancelDowngradeShapeMountTargetRequest. +type CancelDowngradeShapeMountTargetRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target. + MountTargetId *string `mandatory:"true" contributesTo:"path" name:"mountTargetId"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request CancelDowngradeShapeMountTargetRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request CancelDowngradeShapeMountTargetRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request CancelDowngradeShapeMountTargetRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request CancelDowngradeShapeMountTargetRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request CancelDowngradeShapeMountTargetRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// CancelDowngradeShapeMountTargetResponse wrapper for the CancelDowngradeShapeMountTarget operation +type CancelDowngradeShapeMountTargetResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The MountTarget instance + MountTarget `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response CancelDowngradeShapeMountTargetResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response CancelDowngradeShapeMountTargetResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_file_system_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_file_system_compartment_request_response.go index ef85c53df3..6cbea7b402 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_file_system_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_file_system_compartment_request_response.go @@ -35,6 +35,9 @@ type ChangeFileSystemCompartmentRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_filesystem_snapshot_policy_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_filesystem_snapshot_policy_compartment_request_response.go index 4d021eeaf1..d85de64c02 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_filesystem_snapshot_policy_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_filesystem_snapshot_policy_compartment_request_response.go @@ -35,6 +35,9 @@ type ChangeFilesystemSnapshotPolicyCompartmentRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_mount_target_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_mount_target_compartment_request_response.go index a051cf04a7..e0e735268a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_mount_target_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_mount_target_compartment_request_response.go @@ -35,6 +35,9 @@ type ChangeMountTargetCompartmentRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_outbound_connector_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_outbound_connector_compartment_request_response.go index bf9c9508ee..8d70d5087e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_outbound_connector_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_outbound_connector_compartment_request_response.go @@ -35,6 +35,9 @@ type ChangeOutboundConnectorCompartmentRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_replication_compartment_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_replication_compartment_request_response.go index cbbd723164..f9410eda97 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_replication_compartment_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/change_replication_compartment_request_response.go @@ -35,6 +35,9 @@ type ChangeReplicationCompartmentRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_export_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_export_details.go index db63c230af..dcdbfd2f3b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_export_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_export_details.go @@ -30,8 +30,9 @@ type CreateExportDetails struct { // Example: `/mediafiles` Path *string `mandatory:"true" json:"path"` - // Export options for the new export. If left unspecified, - // defaults to: + // Export options for the new export. For exports of mount targets with + // IPv4 address, if client options are left unspecified, client options + // would default to: // [ // { // "source" : "0.0.0.0/0", @@ -44,6 +45,9 @@ type CreateExportDetails struct { // "allowedAuth": ["SYS"] // } // ] + // For exports of mount targets with IPv6 address, if client options are + // left unspecified, client options would be an empty array, i.e. export + // would not be visible to any clients. // **Note:** Mount targets do not have Internet-routable IP // addresses. Therefore they will not be reachable from the // Internet, even if an associated `ClientOptions` item has @@ -54,6 +58,9 @@ type CreateExportDetails struct { // using the `UpdateExport` operation. ExportOptions []ClientOptions `mandatory:"false" json:"exportOptions"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Whether or not the export should use ID mapping for Unix groups rather than the group list provided within an NFS request's RPC header. When this flag is true the Unix UID from the RPC header is used to retrieve the list of secondary groups from a the ID mapping subsystem. The primary GID is always taken from the RPC header. If ID mapping is not configured, incorrectly configured, unavailable, or cannot be used to determine a list of secondary groups then an empty secondary group list is used for authorization. If the number of groups exceeds the limit of 256 groups, the list retrieved from LDAP is truncated to the first 256 groups read. IsIdmapGroupsForSysAuth *bool `mandatory:"false" json:"isIdmapGroupsForSysAuth"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_file_system_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_file_system_details.go index 281da78a37..bd5a52473d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_file_system_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_file_system_details.go @@ -42,6 +42,9 @@ type CreateFileSystemDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the KMS key used to encrypt the encryption keys associated with this file system. KmsKeyId *string `mandatory:"false" json:"kmsKeyId"` @@ -49,6 +52,11 @@ type CreateFileSystemDetails struct { // See Cloning a File System (https://docs.cloud.oracle.com/iaas/Content/File/Tasks/cloningFS.htm). SourceSnapshotId *string `mandatory:"false" json:"sourceSnapshotId"` + // Specifies whether the clone file system is attached to its parent file system. + // If the value is set to 'DETACH', then the file system will be created, which is deep copied from the snapshot + // specified by sourceSnapshotId, else will remain attached to its parent. + CloneAttachStatus CreateFileSystemDetailsCloneAttachStatusEnum `mandatory:"false" json:"cloneAttachStatus,omitempty"` + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the associated file system snapshot policy, which // controls the frequency of snapshot creation and retention period of the taken snapshots. // May be unset as a blank value. @@ -65,8 +73,53 @@ func (m CreateFileSystemDetails) String() string { func (m CreateFileSystemDetails) ValidateEnumValue() (bool, error) { errMessage := []string{} + if _, ok := GetMappingCreateFileSystemDetailsCloneAttachStatusEnum(string(m.CloneAttachStatus)); !ok && m.CloneAttachStatus != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for CloneAttachStatus: %s. Supported values are: %s.", m.CloneAttachStatus, strings.Join(GetCreateFileSystemDetailsCloneAttachStatusEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } return false, nil } + +// CreateFileSystemDetailsCloneAttachStatusEnum Enum with underlying type: string +type CreateFileSystemDetailsCloneAttachStatusEnum string + +// Set of constants representing the allowable values for CreateFileSystemDetailsCloneAttachStatusEnum +const ( + CreateFileSystemDetailsCloneAttachStatusDetach CreateFileSystemDetailsCloneAttachStatusEnum = "DETACH" + CreateFileSystemDetailsCloneAttachStatusAttach CreateFileSystemDetailsCloneAttachStatusEnum = "ATTACH" +) + +var mappingCreateFileSystemDetailsCloneAttachStatusEnum = map[string]CreateFileSystemDetailsCloneAttachStatusEnum{ + "DETACH": CreateFileSystemDetailsCloneAttachStatusDetach, + "ATTACH": CreateFileSystemDetailsCloneAttachStatusAttach, +} + +var mappingCreateFileSystemDetailsCloneAttachStatusEnumLowerCase = map[string]CreateFileSystemDetailsCloneAttachStatusEnum{ + "detach": CreateFileSystemDetailsCloneAttachStatusDetach, + "attach": CreateFileSystemDetailsCloneAttachStatusAttach, +} + +// GetCreateFileSystemDetailsCloneAttachStatusEnumValues Enumerates the set of values for CreateFileSystemDetailsCloneAttachStatusEnum +func GetCreateFileSystemDetailsCloneAttachStatusEnumValues() []CreateFileSystemDetailsCloneAttachStatusEnum { + values := make([]CreateFileSystemDetailsCloneAttachStatusEnum, 0) + for _, v := range mappingCreateFileSystemDetailsCloneAttachStatusEnum { + values = append(values, v) + } + return values +} + +// GetCreateFileSystemDetailsCloneAttachStatusEnumStringValues Enumerates the set of values in String for CreateFileSystemDetailsCloneAttachStatusEnum +func GetCreateFileSystemDetailsCloneAttachStatusEnumStringValues() []string { + return []string{ + "DETACH", + "ATTACH", + } +} + +// GetMappingCreateFileSystemDetailsCloneAttachStatusEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingCreateFileSystemDetailsCloneAttachStatusEnum(val string) (CreateFileSystemDetailsCloneAttachStatusEnum, bool) { + enum, ok := mappingCreateFileSystemDetailsCloneAttachStatusEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_filesystem_snapshot_policy_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_filesystem_snapshot_policy_details.go index ed3f3b9985..829b2f0e47 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_filesystem_snapshot_policy_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_filesystem_snapshot_policy_details.go @@ -53,6 +53,9 @@ type CreateFilesystemSnapshotPolicyDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` } func (m CreateFilesystemSnapshotPolicyDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_ldap_bind_account_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_ldap_bind_account_details.go index 2b62c21ae3..9198fc3ebd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_ldap_bind_account_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_ldap_bind_account_details.go @@ -50,6 +50,9 @@ type CreateLdapBindAccountDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the password for the LDAP bind account in the Vault. PasswordSecretId *string `mandatory:"false" json:"passwordSecretId"` @@ -82,6 +85,11 @@ func (m CreateLdapBindAccountDetails) GetDefinedTags() map[string]map[string]int return m.DefinedTags } +// GetLocks returns Locks +func (m CreateLdapBindAccountDetails) GetLocks() []ResourceLock { + return m.Locks +} + func (m CreateLdapBindAccountDetails) String() string { return common.PointerString(m) } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_details.go index c49d878d9b..87ef6b2816 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_details.go @@ -56,13 +56,6 @@ type CreateMountTargetDetails struct { // A private IP address of your choice. Must be an available IP address within // the subnet's CIDR. If you don't specify a value, Oracle automatically // assigns a private IP address from the subnet. - // Note: This attribute value is stored in the PrivateIp (https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/) resource, - // not in the `mountTarget` resource. - // To update the `ipAddress`, use `GetMountTarget` to obtain the - // OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target's - // private IPs (`privateIpIds`). Then, you can use - // UpdatePrivateIp (https://docs.cloud.oracle.com/en-us/iaas/api/#/en/iaas/20160918/PrivateIp/UpdatePrivateIp) - // to update the `ipAddress` value. // Example: `10.0.3.3` IpAddress *string `mandatory:"false" json:"ipAddress"` @@ -89,6 +82,13 @@ type CreateMountTargetDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + + // Throughput for mount target in Gbps. Currently only 1 Gbps of requestedThroughput is supported during create MountTarget. + // Available shapes and corresponding throughput are listed at Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + RequestedThroughput *int64 `mandatory:"false" json:"requestedThroughput"` } func (m CreateMountTargetDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_request_response.go index c7776ac9d0..a35cd4dffe 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_mount_target_request_response.go @@ -32,6 +32,9 @@ type CreateMountTargetRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_outbound_connector_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_outbound_connector_details.go index 5260610b6d..60a04b8b1d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_outbound_connector_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_outbound_connector_details.go @@ -43,6 +43,9 @@ type CreateOutboundConnectorDetails interface { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` GetDefinedTags() map[string]map[string]interface{} + + // Locks associated with this resource. + GetLocks() []ResourceLock } type createoutboundconnectordetails struct { @@ -50,6 +53,7 @@ type createoutboundconnectordetails struct { DisplayName *string `mandatory:"false" json:"displayName"` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + Locks []ResourceLock `mandatory:"false" json:"locks"` AvailabilityDomain *string `mandatory:"true" json:"availabilityDomain"` CompartmentId *string `mandatory:"true" json:"compartmentId"` ConnectorType string `json:"connectorType"` @@ -71,6 +75,7 @@ func (m *createoutboundconnectordetails) UnmarshalJSON(data []byte) error { m.DisplayName = s.Model.DisplayName m.FreeformTags = s.Model.FreeformTags m.DefinedTags = s.Model.DefinedTags + m.Locks = s.Model.Locks m.ConnectorType = s.Model.ConnectorType return err @@ -110,6 +115,11 @@ func (m createoutboundconnectordetails) GetDefinedTags() map[string]map[string]i return m.DefinedTags } +// GetLocks returns Locks +func (m createoutboundconnectordetails) GetLocks() []ResourceLock { + return m.Locks +} + // GetAvailabilityDomain returns AvailabilityDomain func (m createoutboundconnectordetails) GetAvailabilityDomain() *string { return m.AvailabilityDomain diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_replication_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_replication_details.go index 81196e01f5..516114bf1f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_replication_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_replication_details.go @@ -47,6 +47,9 @@ type CreateReplicationDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` } func (m CreateReplicationDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_snapshot_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_snapshot_details.go index 60b7618b44..b1529cdd41 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_snapshot_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/create_snapshot_details.go @@ -42,6 +42,9 @@ type CreateSnapshotDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` } func (m CreateSnapshotDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_export_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_export_request_response.go index 6b25690849..cedba5807a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_export_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_export_request_response.go @@ -32,6 +32,9 @@ type DeleteExportRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_file_system_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_file_system_request_response.go index d6088f13ef..85293a1630 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_file_system_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_file_system_request_response.go @@ -32,6 +32,13 @@ type DeleteFileSystemRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + + // If the value is set to true, then the file system will be deleted by detaching its child file system, turning + // the child file system into an independent File System. + CanDetachChildFileSystem *bool `mandatory:"false" contributesTo:"query" name:"canDetachChildFileSystem"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_filesystem_snapshot_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_filesystem_snapshot_policy_request_response.go index 6e95027d67..55ac5578a1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_filesystem_snapshot_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_filesystem_snapshot_policy_request_response.go @@ -32,6 +32,9 @@ type DeleteFilesystemSnapshotPolicyRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_mount_target_request_response.go index 667ba676b5..48fb9a77eb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_mount_target_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_mount_target_request_response.go @@ -32,6 +32,9 @@ type DeleteMountTargetRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_outbound_connector_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_outbound_connector_request_response.go index a4439dad71..92327b0cd0 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_outbound_connector_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_outbound_connector_request_response.go @@ -32,6 +32,9 @@ type DeleteOutboundConnectorRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_request_response.go index 2bce158f79..afe8e9c8d3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_request_response.go @@ -38,6 +38,9 @@ type DeleteReplicationRequest struct { // - `FINISH_CYCLE_IF_APPLYING` Before deleting, finish applying. If cycle is idle or capturing, delete immediately. Fastest option. DeleteMode DeleteReplicationDeleteModeEnum `mandatory:"false" contributesTo:"query" name:"deleteMode" omitEmpty:"true"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_target_request_response.go index 67807a31f3..16aa15b76c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_target_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_replication_target_request_response.go @@ -32,6 +32,9 @@ type DeleteReplicationTargetRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_snapshot_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_snapshot_request_response.go index 0f20a159b8..3dcebf4e7e 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_snapshot_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/delete_snapshot_request_response.go @@ -32,6 +32,9 @@ type DeleteSnapshotRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/detach_clone_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/detach_clone_request_response.go new file mode 100644 index 0000000000..786738814d --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/detach_clone_request_response.go @@ -0,0 +1,96 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// DetachCloneRequest wrapper for the DetachClone operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DetachClone.go.html to see an example of how to use DetachCloneRequest. +type DetachCloneRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the file system. + FileSystemId *string `mandatory:"true" contributesTo:"path" name:"fileSystemId"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request DetachCloneRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request DetachCloneRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request DetachCloneRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request DetachCloneRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request DetachCloneRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// DetachCloneResponse wrapper for the DetachClone operation +type DetachCloneResponse struct { + + // The underlying http response + RawResponse *http.Response + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response DetachCloneResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response DetachCloneResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export.go index 83caf261d4..21f9d14551 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export.go @@ -92,6 +92,9 @@ type Export struct { // Whether or not the export should use ID mapping for Unix groups rather than the group list provided within an NFS request's RPC header. When this flag is true the Unix UID from the RPC header is used to retrieve the list of secondary groups from a the ID mapping subsystem. The primary GID is always taken from the RPC header. If ID mapping is not configured, incorrectly configured, unavailable, or cannot be used to determine a list of secondary groups then an empty secondary group list is used for authorization. If the number of groups exceeds the limit of 256 groups, the list retrieved from LDAP is truncated to the first 256 groups read. IsIdmapGroupsForSysAuth *bool `mandatory:"false" json:"isIdmapGroupsForSysAuth"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` } func (m Export) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export_summary.go index 9bf7394d84..c2f837f87b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/export_summary.go @@ -43,6 +43,9 @@ type ExportSummary struct { // Whether or not the export should use ID mapping for Unix groups rather than the group list provided within an NFS request's RPC header. When this flag is true the Unix UID from the RPC header is used to retrieve the list of secondary groups from a the ID mapping subsystem. The primary GID is always taken from the RPC header. If ID mapping is not configured, incorrectly configured, unavailable, or cannot be used to determine a list of secondary groups then an empty secondary group list is used for authorization. If the number of groups exceeds the limit of 256 groups, the list retrieved from LDAP is truncated to the first 256 groups read. IsIdmapGroupsForSysAuth *bool `mandatory:"false" json:"isIdmapGroupsForSysAuth"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` } func (m ExportSummary) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system.go index 422efa2278..34d1071163 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system.go @@ -84,6 +84,15 @@ type FileSystem struct { // See Cloning a File System (https://docs.cloud.oracle.com/iaas/Content/File/Tasks/cloningFS.htm#hydration). IsHydrated *bool `mandatory:"false" json:"isHydrated"` + // Specifies the total number of children of a file system. + CloneCount *int `mandatory:"false" json:"cloneCount"` + + // Specifies whether the file system is attached to its parent file system. + CloneAttachStatus FileSystemCloneAttachStatusEnum `mandatory:"false" json:"cloneAttachStatus,omitempty"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Additional information about the current 'lifecycleState'. LifecycleDetails *string `mandatory:"false" json:"lifecycleDetails"` @@ -113,6 +122,9 @@ func (m FileSystem) ValidateEnumValue() (bool, error) { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetFileSystemLifecycleStateEnumStringValues(), ","))) } + if _, ok := GetMappingFileSystemCloneAttachStatusEnum(string(m.CloneAttachStatus)); !ok && m.CloneAttachStatus != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for CloneAttachStatus: %s. Supported values are: %s.", m.CloneAttachStatus, strings.Join(GetFileSystemCloneAttachStatusEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } @@ -126,6 +138,7 @@ type FileSystemLifecycleStateEnum string const ( FileSystemLifecycleStateCreating FileSystemLifecycleStateEnum = "CREATING" FileSystemLifecycleStateActive FileSystemLifecycleStateEnum = "ACTIVE" + FileSystemLifecycleStateUpdating FileSystemLifecycleStateEnum = "UPDATING" FileSystemLifecycleStateDeleting FileSystemLifecycleStateEnum = "DELETING" FileSystemLifecycleStateDeleted FileSystemLifecycleStateEnum = "DELETED" FileSystemLifecycleStateFailed FileSystemLifecycleStateEnum = "FAILED" @@ -134,6 +147,7 @@ const ( var mappingFileSystemLifecycleStateEnum = map[string]FileSystemLifecycleStateEnum{ "CREATING": FileSystemLifecycleStateCreating, "ACTIVE": FileSystemLifecycleStateActive, + "UPDATING": FileSystemLifecycleStateUpdating, "DELETING": FileSystemLifecycleStateDeleting, "DELETED": FileSystemLifecycleStateDeleted, "FAILED": FileSystemLifecycleStateFailed, @@ -142,6 +156,7 @@ var mappingFileSystemLifecycleStateEnum = map[string]FileSystemLifecycleStateEnu var mappingFileSystemLifecycleStateEnumLowerCase = map[string]FileSystemLifecycleStateEnum{ "creating": FileSystemLifecycleStateCreating, "active": FileSystemLifecycleStateActive, + "updating": FileSystemLifecycleStateUpdating, "deleting": FileSystemLifecycleStateDeleting, "deleted": FileSystemLifecycleStateDeleted, "failed": FileSystemLifecycleStateFailed, @@ -161,6 +176,7 @@ func GetFileSystemLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", @@ -172,3 +188,49 @@ func GetMappingFileSystemLifecycleStateEnum(val string) (FileSystemLifecycleStat enum, ok := mappingFileSystemLifecycleStateEnumLowerCase[strings.ToLower(val)] return enum, ok } + +// FileSystemCloneAttachStatusEnum Enum with underlying type: string +type FileSystemCloneAttachStatusEnum string + +// Set of constants representing the allowable values for FileSystemCloneAttachStatusEnum +const ( + FileSystemCloneAttachStatusAttached FileSystemCloneAttachStatusEnum = "ATTACHED" + FileSystemCloneAttachStatusDetaching FileSystemCloneAttachStatusEnum = "DETACHING" + FileSystemCloneAttachStatusDetached FileSystemCloneAttachStatusEnum = "DETACHED" +) + +var mappingFileSystemCloneAttachStatusEnum = map[string]FileSystemCloneAttachStatusEnum{ + "ATTACHED": FileSystemCloneAttachStatusAttached, + "DETACHING": FileSystemCloneAttachStatusDetaching, + "DETACHED": FileSystemCloneAttachStatusDetached, +} + +var mappingFileSystemCloneAttachStatusEnumLowerCase = map[string]FileSystemCloneAttachStatusEnum{ + "attached": FileSystemCloneAttachStatusAttached, + "detaching": FileSystemCloneAttachStatusDetaching, + "detached": FileSystemCloneAttachStatusDetached, +} + +// GetFileSystemCloneAttachStatusEnumValues Enumerates the set of values for FileSystemCloneAttachStatusEnum +func GetFileSystemCloneAttachStatusEnumValues() []FileSystemCloneAttachStatusEnum { + values := make([]FileSystemCloneAttachStatusEnum, 0) + for _, v := range mappingFileSystemCloneAttachStatusEnum { + values = append(values, v) + } + return values +} + +// GetFileSystemCloneAttachStatusEnumStringValues Enumerates the set of values in String for FileSystemCloneAttachStatusEnum +func GetFileSystemCloneAttachStatusEnumStringValues() []string { + return []string{ + "ATTACHED", + "DETACHING", + "DETACHED", + } +} + +// GetMappingFileSystemCloneAttachStatusEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingFileSystemCloneAttachStatusEnum(val string) (FileSystemCloneAttachStatusEnum, bool) { + enum, ok := mappingFileSystemCloneAttachStatusEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system_summary.go index 71c9502731..3d89974438 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/file_system_summary.go @@ -49,6 +49,9 @@ type FileSystemSummary struct { // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"false" json:"availabilityDomain"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -77,6 +80,9 @@ type FileSystemSummary struct { // Additional information about the current 'lifecycleState'. LifecycleDetails *string `mandatory:"false" json:"lifecycleDetails"` + + // Specifies whether the file system is attached to its parent file system. + CloneAttachStatus FileSystemSummaryCloneAttachStatusEnum `mandatory:"false" json:"cloneAttachStatus,omitempty"` } func (m FileSystemSummary) String() string { @@ -92,6 +98,9 @@ func (m FileSystemSummary) ValidateEnumValue() (bool, error) { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetFileSystemSummaryLifecycleStateEnumStringValues(), ","))) } + if _, ok := GetMappingFileSystemSummaryCloneAttachStatusEnum(string(m.CloneAttachStatus)); !ok && m.CloneAttachStatus != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for CloneAttachStatus: %s. Supported values are: %s.", m.CloneAttachStatus, strings.Join(GetFileSystemSummaryCloneAttachStatusEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } @@ -105,6 +114,7 @@ type FileSystemSummaryLifecycleStateEnum string const ( FileSystemSummaryLifecycleStateCreating FileSystemSummaryLifecycleStateEnum = "CREATING" FileSystemSummaryLifecycleStateActive FileSystemSummaryLifecycleStateEnum = "ACTIVE" + FileSystemSummaryLifecycleStateUpdating FileSystemSummaryLifecycleStateEnum = "UPDATING" FileSystemSummaryLifecycleStateDeleting FileSystemSummaryLifecycleStateEnum = "DELETING" FileSystemSummaryLifecycleStateDeleted FileSystemSummaryLifecycleStateEnum = "DELETED" FileSystemSummaryLifecycleStateFailed FileSystemSummaryLifecycleStateEnum = "FAILED" @@ -113,6 +123,7 @@ const ( var mappingFileSystemSummaryLifecycleStateEnum = map[string]FileSystemSummaryLifecycleStateEnum{ "CREATING": FileSystemSummaryLifecycleStateCreating, "ACTIVE": FileSystemSummaryLifecycleStateActive, + "UPDATING": FileSystemSummaryLifecycleStateUpdating, "DELETING": FileSystemSummaryLifecycleStateDeleting, "DELETED": FileSystemSummaryLifecycleStateDeleted, "FAILED": FileSystemSummaryLifecycleStateFailed, @@ -121,6 +132,7 @@ var mappingFileSystemSummaryLifecycleStateEnum = map[string]FileSystemSummaryLif var mappingFileSystemSummaryLifecycleStateEnumLowerCase = map[string]FileSystemSummaryLifecycleStateEnum{ "creating": FileSystemSummaryLifecycleStateCreating, "active": FileSystemSummaryLifecycleStateActive, + "updating": FileSystemSummaryLifecycleStateUpdating, "deleting": FileSystemSummaryLifecycleStateDeleting, "deleted": FileSystemSummaryLifecycleStateDeleted, "failed": FileSystemSummaryLifecycleStateFailed, @@ -140,6 +152,7 @@ func GetFileSystemSummaryLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", @@ -151,3 +164,49 @@ func GetMappingFileSystemSummaryLifecycleStateEnum(val string) (FileSystemSummar enum, ok := mappingFileSystemSummaryLifecycleStateEnumLowerCase[strings.ToLower(val)] return enum, ok } + +// FileSystemSummaryCloneAttachStatusEnum Enum with underlying type: string +type FileSystemSummaryCloneAttachStatusEnum string + +// Set of constants representing the allowable values for FileSystemSummaryCloneAttachStatusEnum +const ( + FileSystemSummaryCloneAttachStatusAttached FileSystemSummaryCloneAttachStatusEnum = "ATTACHED" + FileSystemSummaryCloneAttachStatusDetaching FileSystemSummaryCloneAttachStatusEnum = "DETACHING" + FileSystemSummaryCloneAttachStatusDetached FileSystemSummaryCloneAttachStatusEnum = "DETACHED" +) + +var mappingFileSystemSummaryCloneAttachStatusEnum = map[string]FileSystemSummaryCloneAttachStatusEnum{ + "ATTACHED": FileSystemSummaryCloneAttachStatusAttached, + "DETACHING": FileSystemSummaryCloneAttachStatusDetaching, + "DETACHED": FileSystemSummaryCloneAttachStatusDetached, +} + +var mappingFileSystemSummaryCloneAttachStatusEnumLowerCase = map[string]FileSystemSummaryCloneAttachStatusEnum{ + "attached": FileSystemSummaryCloneAttachStatusAttached, + "detaching": FileSystemSummaryCloneAttachStatusDetaching, + "detached": FileSystemSummaryCloneAttachStatusDetached, +} + +// GetFileSystemSummaryCloneAttachStatusEnumValues Enumerates the set of values for FileSystemSummaryCloneAttachStatusEnum +func GetFileSystemSummaryCloneAttachStatusEnumValues() []FileSystemSummaryCloneAttachStatusEnum { + values := make([]FileSystemSummaryCloneAttachStatusEnum, 0) + for _, v := range mappingFileSystemSummaryCloneAttachStatusEnum { + values = append(values, v) + } + return values +} + +// GetFileSystemSummaryCloneAttachStatusEnumStringValues Enumerates the set of values in String for FileSystemSummaryCloneAttachStatusEnum +func GetFileSystemSummaryCloneAttachStatusEnumStringValues() []string { + return []string{ + "ATTACHED", + "DETACHING", + "DETACHED", + } +} + +// GetMappingFileSystemSummaryCloneAttachStatusEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingFileSystemSummaryCloneAttachStatusEnum(val string) (FileSystemSummaryCloneAttachStatusEnum, bool) { + enum, ok := mappingFileSystemSummaryCloneAttachStatusEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filestorage_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filestorage_client.go index ea1a3d4726..a5512733f9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filestorage_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filestorage_client.go @@ -92,12 +92,12 @@ func (client *FileStorageClient) ConfigurationProvider() *common.ConfigurationPr return client.config } -// ChangeFileSystemCompartment Moves a file system and its associated snapshots into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) +// AddExportLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeFileSystemCompartment.go.html to see an example of how to use ChangeFileSystemCompartment API. -func (client FileStorageClient) ChangeFileSystemCompartment(ctx context.Context, request ChangeFileSystemCompartmentRequest) (response ChangeFileSystemCompartmentResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddExportLock.go.html to see an example of how to use AddExportLock API. +func (client FileStorageClient) AddExportLock(ctx context.Context, request AddExportLockRequest) (response AddExportLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -106,42 +106,42 @@ func (client FileStorageClient) ChangeFileSystemCompartment(ctx context.Context, if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.changeFileSystemCompartment, policy) + ociResponse, err = common.Retry(ctx, request, client.addExportLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ChangeFileSystemCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddExportLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ChangeFileSystemCompartmentResponse{} + response = AddExportLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ChangeFileSystemCompartmentResponse); ok { + if convertedResponse, ok := ociResponse.(AddExportLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ChangeFileSystemCompartmentResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddExportLockResponse") } return } -// changeFileSystemCompartment implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) changeFileSystemCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addExportLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addExportLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/changeCompartment", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/exports/{exportId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ChangeFileSystemCompartmentResponse + var response AddExportLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/ChangeFileSystemCompartment" - err = common.PostProcessServiceError(err, "FileStorage", "ChangeFileSystemCompartment", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/AddExportLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddExportLock", apiReferenceLink) return response, err } @@ -149,12 +149,12 @@ func (client FileStorageClient) changeFileSystemCompartment(ctx context.Context, return response, err } -// ChangeFilesystemSnapshotPolicyCompartment Moves a file system snapshot policy into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes). +// AddFileSystemLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeFilesystemSnapshotPolicyCompartment.go.html to see an example of how to use ChangeFilesystemSnapshotPolicyCompartment API. -func (client FileStorageClient) ChangeFilesystemSnapshotPolicyCompartment(ctx context.Context, request ChangeFilesystemSnapshotPolicyCompartmentRequest) (response ChangeFilesystemSnapshotPolicyCompartmentResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddFileSystemLock.go.html to see an example of how to use AddFileSystemLock API. +func (client FileStorageClient) AddFileSystemLock(ctx context.Context, request AddFileSystemLockRequest) (response AddFileSystemLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -163,42 +163,42 @@ func (client FileStorageClient) ChangeFilesystemSnapshotPolicyCompartment(ctx co if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.changeFilesystemSnapshotPolicyCompartment, policy) + ociResponse, err = common.Retry(ctx, request, client.addFileSystemLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ChangeFilesystemSnapshotPolicyCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddFileSystemLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ChangeFilesystemSnapshotPolicyCompartmentResponse{} + response = AddFileSystemLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ChangeFilesystemSnapshotPolicyCompartmentResponse); ok { + if convertedResponse, ok := ociResponse.(AddFileSystemLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ChangeFilesystemSnapshotPolicyCompartmentResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddFileSystemLockResponse") } return } -// changeFilesystemSnapshotPolicyCompartment implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) changeFilesystemSnapshotPolicyCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addFileSystemLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addFileSystemLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/changeCompartment", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ChangeFilesystemSnapshotPolicyCompartmentResponse + var response AddFileSystemLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/ChangeFilesystemSnapshotPolicyCompartment" - err = common.PostProcessServiceError(err, "FileStorage", "ChangeFilesystemSnapshotPolicyCompartment", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/AddFileSystemLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddFileSystemLock", apiReferenceLink) return response, err } @@ -206,12 +206,12 @@ func (client FileStorageClient) changeFilesystemSnapshotPolicyCompartment(ctx co return response, err } -// ChangeMountTargetCompartment Moves a mount target and its associated export set or share set into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) +// AddFilesystemSnapshotPolicyLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeMountTargetCompartment.go.html to see an example of how to use ChangeMountTargetCompartment API. -func (client FileStorageClient) ChangeMountTargetCompartment(ctx context.Context, request ChangeMountTargetCompartmentRequest) (response ChangeMountTargetCompartmentResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddFilesystemSnapshotPolicyLock.go.html to see an example of how to use AddFilesystemSnapshotPolicyLock API. +func (client FileStorageClient) AddFilesystemSnapshotPolicyLock(ctx context.Context, request AddFilesystemSnapshotPolicyLockRequest) (response AddFilesystemSnapshotPolicyLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -220,42 +220,42 @@ func (client FileStorageClient) ChangeMountTargetCompartment(ctx context.Context if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.changeMountTargetCompartment, policy) + ociResponse, err = common.Retry(ctx, request, client.addFilesystemSnapshotPolicyLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ChangeMountTargetCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddFilesystemSnapshotPolicyLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ChangeMountTargetCompartmentResponse{} + response = AddFilesystemSnapshotPolicyLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ChangeMountTargetCompartmentResponse); ok { + if convertedResponse, ok := ociResponse.(AddFilesystemSnapshotPolicyLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ChangeMountTargetCompartmentResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddFilesystemSnapshotPolicyLockResponse") } return } -// changeMountTargetCompartment implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) changeMountTargetCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addFilesystemSnapshotPolicyLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addFilesystemSnapshotPolicyLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/changeCompartment", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ChangeMountTargetCompartmentResponse + var response AddFilesystemSnapshotPolicyLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/ChangeMountTargetCompartment" - err = common.PostProcessServiceError(err, "FileStorage", "ChangeMountTargetCompartment", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/AddFilesystemSnapshotPolicyLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddFilesystemSnapshotPolicyLock", apiReferenceLink) return response, err } @@ -263,14 +263,12 @@ func (client FileStorageClient) changeMountTargetCompartment(ctx context.Context return response, err } -// ChangeOutboundConnectorCompartment Moves an outbound connector into a different compartment within the same tenancy. -// For information about moving resources between compartments, see -// Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) +// AddMountTargetLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeOutboundConnectorCompartment.go.html to see an example of how to use ChangeOutboundConnectorCompartment API. -func (client FileStorageClient) ChangeOutboundConnectorCompartment(ctx context.Context, request ChangeOutboundConnectorCompartmentRequest) (response ChangeOutboundConnectorCompartmentResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddMountTargetLock.go.html to see an example of how to use AddMountTargetLock API. +func (client FileStorageClient) AddMountTargetLock(ctx context.Context, request AddMountTargetLockRequest) (response AddMountTargetLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -279,42 +277,42 @@ func (client FileStorageClient) ChangeOutboundConnectorCompartment(ctx context.C if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.changeOutboundConnectorCompartment, policy) + ociResponse, err = common.Retry(ctx, request, client.addMountTargetLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ChangeOutboundConnectorCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddMountTargetLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ChangeOutboundConnectorCompartmentResponse{} + response = AddMountTargetLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ChangeOutboundConnectorCompartmentResponse); ok { + if convertedResponse, ok := ociResponse.(AddMountTargetLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ChangeOutboundConnectorCompartmentResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddMountTargetLockResponse") } return } -// changeOutboundConnectorCompartment implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) changeOutboundConnectorCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addMountTargetLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addMountTargetLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors/{outboundConnectorId}/actions/changeCompartment", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ChangeOutboundConnectorCompartmentResponse + var response AddMountTargetLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/ChangeOutboundConnectorCompartment" - err = common.PostProcessServiceError(err, "FileStorage", "ChangeOutboundConnectorCompartment", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/AddMountTargetLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddMountTargetLock", apiReferenceLink) return response, err } @@ -322,13 +320,12 @@ func (client FileStorageClient) changeOutboundConnectorCompartment(ctx context.C return response, err } -// ChangeReplicationCompartment Moves a replication and its replication target into a different compartment within the same tenancy. -// For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes). +// AddOutboundConnectorLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeReplicationCompartment.go.html to see an example of how to use ChangeReplicationCompartment API. -func (client FileStorageClient) ChangeReplicationCompartment(ctx context.Context, request ChangeReplicationCompartmentRequest) (response ChangeReplicationCompartmentResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddOutboundConnectorLock.go.html to see an example of how to use AddOutboundConnectorLock API. +func (client FileStorageClient) AddOutboundConnectorLock(ctx context.Context, request AddOutboundConnectorLockRequest) (response AddOutboundConnectorLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -337,56 +334,55 @@ func (client FileStorageClient) ChangeReplicationCompartment(ctx context.Context if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.changeReplicationCompartment, policy) + ociResponse, err = common.Retry(ctx, request, client.addOutboundConnectorLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ChangeReplicationCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddOutboundConnectorLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ChangeReplicationCompartmentResponse{} + response = AddOutboundConnectorLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ChangeReplicationCompartmentResponse); ok { + if convertedResponse, ok := ociResponse.(AddOutboundConnectorLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ChangeReplicationCompartmentResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddOutboundConnectorLockResponse") } return } -// changeReplicationCompartment implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) changeReplicationCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addOutboundConnectorLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addOutboundConnectorLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications/{replicationId}/actions/changeCompartment", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors/{outboundConnectorId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ChangeReplicationCompartmentResponse + var response AddOutboundConnectorLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/ChangeReplicationCompartment" - err = common.PostProcessServiceError(err, "FileStorage", "ChangeReplicationCompartment", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/AddOutboundConnectorLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddOutboundConnectorLock", apiReferenceLink) return response, err } - err = common.UnmarshalResponse(httpResponse, &response) + err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) return response, err } -// CreateExport Creates a new export in the specified export set, path, and -// file system. +// AddReplicationLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateExport.go.html to see an example of how to use CreateExport API. -func (client FileStorageClient) CreateExport(ctx context.Context, request CreateExportRequest) (response CreateExportResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddReplicationLock.go.html to see an example of how to use AddReplicationLock API. +func (client FileStorageClient) AddReplicationLock(ctx context.Context, request AddReplicationLockRequest) (response AddReplicationLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -395,47 +391,42 @@ func (client FileStorageClient) CreateExport(ctx context.Context, request Create if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) - } - - ociResponse, err = common.Retry(ctx, request, client.createExport, policy) + ociResponse, err = common.Retry(ctx, request, client.addReplicationLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddReplicationLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateExportResponse{} + response = AddReplicationLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateExportResponse); ok { + if convertedResponse, ok := ociResponse.(AddReplicationLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateExportResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddReplicationLockResponse") } return } -// createExport implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createExport(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addReplicationLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addReplicationLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/exports", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications/{replicationId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateExportResponse + var response AddReplicationLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/CreateExport" - err = common.PostProcessServiceError(err, "FileStorage", "CreateExport", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/AddReplicationLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddReplicationLock", apiReferenceLink) return response, err } @@ -443,35 +434,12 @@ func (client FileStorageClient) createExport(ctx context.Context, request common return response, err } -// CreateFileSystem Creates a new file system in the specified compartment and -// availability domain. Instances can mount file systems in -// another availability domain, but doing so might increase -// latency when compared to mounting instances in the same -// availability domain. -// After you create a file system, you can associate it with a mount -// target. Instances can then mount the file system by connecting to the -// mount target's IP address. You can associate a file system with -// more than one mount target at a time. -// For information about access control and compartments, see -// Overview of the IAM Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). -// For information about Network Security Groups access control, see -// Network Security Groups (https://docs.cloud.oracle.com/Content/Network/Concepts/networksecuritygroups.htm). -// For information about availability domains, see Regions and -// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). -// To get a list of availability domains, use the -// `ListAvailabilityDomains` operation in the Identity and Access -// Management Service API. -// All Oracle Cloud Infrastructure resources, including -// file systems, get an Oracle-assigned, unique ID called an Oracle -// Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). -// When you create a resource, you can find its OCID in the response. -// You can also retrieve a resource's OCID by using a List API operation on that resource -// type or by viewing the resource in the Console. +// AddSnapshotLock Adds a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateFileSystem.go.html to see an example of how to use CreateFileSystem API. -func (client FileStorageClient) CreateFileSystem(ctx context.Context, request CreateFileSystemRequest) (response CreateFileSystemResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/AddSnapshotLock.go.html to see an example of how to use AddSnapshotLock API. +func (client FileStorageClient) AddSnapshotLock(ctx context.Context, request AddSnapshotLockRequest) (response AddSnapshotLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -480,47 +448,42 @@ func (client FileStorageClient) CreateFileSystem(ctx context.Context, request Cr if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) - } - - ociResponse, err = common.Retry(ctx, request, client.createFileSystem, policy) + ociResponse, err = common.Retry(ctx, request, client.addSnapshotLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = AddSnapshotLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateFileSystemResponse{} + response = AddSnapshotLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateFileSystemResponse); ok { + if convertedResponse, ok := ociResponse.(AddSnapshotLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateFileSystemResponse") + err = fmt.Errorf("failed to convert OCIResponse into AddSnapshotLockResponse") } return } -// createFileSystem implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// addSnapshotLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) addSnapshotLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/snapshots/{snapshotId}/actions/addLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateFileSystemResponse + var response AddSnapshotLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/CreateFileSystem" - err = common.PostProcessServiceError(err, "FileStorage", "CreateFileSystem", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/AddSnapshotLock" + err = common.PostProcessServiceError(err, "FileStorage", "AddSnapshotLock", apiReferenceLink) return response, err } @@ -528,15 +491,12 @@ func (client FileStorageClient) createFileSystem(ctx context.Context, request co return response, err } -// CreateFilesystemSnapshotPolicy Creates a new file system snapshot policy in the specified compartment and -// availability domain. -// After you create a file system snapshot policy, you can associate it with -// file systems. +// CancelDowngradeShapeMountTarget Cancel scheduled downgrade shape request for mount target. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateFilesystemSnapshotPolicy.go.html to see an example of how to use CreateFilesystemSnapshotPolicy API. -func (client FileStorageClient) CreateFilesystemSnapshotPolicy(ctx context.Context, request CreateFilesystemSnapshotPolicyRequest) (response CreateFilesystemSnapshotPolicyResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CancelDowngradeShapeMountTarget.go.html to see an example of how to use CancelDowngradeShapeMountTarget API. +func (client FileStorageClient) CancelDowngradeShapeMountTarget(ctx context.Context, request CancelDowngradeShapeMountTargetRequest) (response CancelDowngradeShapeMountTargetResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -545,47 +505,42 @@ func (client FileStorageClient) CreateFilesystemSnapshotPolicy(ctx context.Conte if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) - } - - ociResponse, err = common.Retry(ctx, request, client.createFilesystemSnapshotPolicy, policy) + ociResponse, err = common.Retry(ctx, request, client.cancelDowngradeShapeMountTarget, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = CancelDowngradeShapeMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateFilesystemSnapshotPolicyResponse{} + response = CancelDowngradeShapeMountTargetResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateFilesystemSnapshotPolicyResponse); ok { + if convertedResponse, ok := ociResponse.(CancelDowngradeShapeMountTargetResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateFilesystemSnapshotPolicyResponse") + err = fmt.Errorf("failed to convert OCIResponse into CancelDowngradeShapeMountTargetResponse") } return } -// createFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// cancelDowngradeShapeMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) cancelDowngradeShapeMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/cancelShapeDowngrade", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateFilesystemSnapshotPolicyResponse + var response CancelDowngradeShapeMountTargetResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/CreateFilesystemSnapshotPolicy" - err = common.PostProcessServiceError(err, "FileStorage", "CreateFilesystemSnapshotPolicy", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/CancelDowngradeShapeMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "CancelDowngradeShapeMountTarget", apiReferenceLink) return response, err } @@ -593,39 +548,12 @@ func (client FileStorageClient) createFilesystemSnapshotPolicy(ctx context.Conte return response, err } -// CreateMountTarget Creates a new mount target in the specified compartment and -// subnet. You can associate a file system with a mount -// target only when they exist in the same availability domain. Instances -// can connect to mount targets in another availablity domain, but -// you might see higher latency than with instances in the same -// availability domain as the mount target. -// Mount targets have one or more private IP addresses that you can -// provide as the host portion of remote target parameters in -// client mount commands. These private IP addresses are listed -// in the privateIpIds property of the mount target and are highly available. Mount -// targets also consume additional IP addresses in their subnet. -// Do not use /30 or smaller subnets for mount target creation because they -// do not have sufficient available IP addresses. -// Allow at least three IP addresses for each mount target. -// For information about access control and compartments, see -// Overview of the IAM -// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). -// For information about availability domains, see Regions and -// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). -// To get a list of availability domains, use the -// `ListAvailabilityDomains` operation in the Identity and Access -// Management Service API. -// All Oracle Cloud Infrastructure Services resources, including -// mount targets, get an Oracle-assigned, unique ID called an -// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). -// When you create a resource, you can find its OCID in the response. -// You can also retrieve a resource's OCID by using a List API operation on that resource -// type, or by viewing the resource in the Console. +// ChangeFileSystemCompartment Moves a file system and its associated snapshots into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateMountTarget.go.html to see an example of how to use CreateMountTarget API. -func (client FileStorageClient) CreateMountTarget(ctx context.Context, request CreateMountTargetRequest) (response CreateMountTargetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeFileSystemCompartment.go.html to see an example of how to use ChangeFileSystemCompartment API. +func (client FileStorageClient) ChangeFileSystemCompartment(ctx context.Context, request ChangeFileSystemCompartmentRequest) (response ChangeFileSystemCompartmentResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -634,47 +562,42 @@ func (client FileStorageClient) CreateMountTarget(ctx context.Context, request C if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) - } - - ociResponse, err = common.Retry(ctx, request, client.createMountTarget, policy) + ociResponse, err = common.Retry(ctx, request, client.changeFileSystemCompartment, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ChangeFileSystemCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateMountTargetResponse{} + response = ChangeFileSystemCompartmentResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateMountTargetResponse); ok { + if convertedResponse, ok := ociResponse.(ChangeFileSystemCompartmentResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateMountTargetResponse") + err = fmt.Errorf("failed to convert OCIResponse into ChangeFileSystemCompartmentResponse") } return } -// createMountTarget implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// changeFileSystemCompartment implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) changeFileSystemCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/changeCompartment", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateMountTargetResponse + var response ChangeFileSystemCompartmentResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/CreateMountTarget" - err = common.PostProcessServiceError(err, "FileStorage", "CreateMountTarget", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/ChangeFileSystemCompartment" + err = common.PostProcessServiceError(err, "FileStorage", "ChangeFileSystemCompartment", apiReferenceLink) return response, err } @@ -682,28 +605,12 @@ func (client FileStorageClient) createMountTarget(ctx context.Context, request c return response, err } -// CreateOutboundConnector Creates a new outbound connector in the specified compartment. -// You can associate an outbound connector with a mount target only when -// they exist in the same availability domain. -// For information about access control and compartments, see -// Overview of the IAM -// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). -// For information about availability domains, see Regions and -// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). -// To get a list of availability domains, use the -// `ListAvailabilityDomains` operation in the Identity and Access -// Management Service API. -// All Oracle Cloud Infrastructure Services resources, including -// outbound connectors, get an Oracle-assigned, unique ID called an -// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). -// When you create a resource, you can find its OCID in the response. -// You can also retrieve a resource's OCID by using a List API operation on that resource -// type, or by viewing the resource in the Console. +// ChangeFilesystemSnapshotPolicyCompartment Moves a file system snapshot policy into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes). // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateOutboundConnector.go.html to see an example of how to use CreateOutboundConnector API. -func (client FileStorageClient) CreateOutboundConnector(ctx context.Context, request CreateOutboundConnectorRequest) (response CreateOutboundConnectorResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeFilesystemSnapshotPolicyCompartment.go.html to see an example of how to use ChangeFilesystemSnapshotPolicyCompartment API. +func (client FileStorageClient) ChangeFilesystemSnapshotPolicyCompartment(ctx context.Context, request ChangeFilesystemSnapshotPolicyCompartmentRequest) (response ChangeFilesystemSnapshotPolicyCompartmentResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -712,83 +619,55 @@ func (client FileStorageClient) CreateOutboundConnector(ctx context.Context, req if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) - } - - ociResponse, err = common.Retry(ctx, request, client.createOutboundConnector, policy) + ociResponse, err = common.Retry(ctx, request, client.changeFilesystemSnapshotPolicyCompartment, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ChangeFilesystemSnapshotPolicyCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateOutboundConnectorResponse{} + response = ChangeFilesystemSnapshotPolicyCompartmentResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateOutboundConnectorResponse); ok { + if convertedResponse, ok := ociResponse.(ChangeFilesystemSnapshotPolicyCompartmentResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateOutboundConnectorResponse") + err = fmt.Errorf("failed to convert OCIResponse into ChangeFilesystemSnapshotPolicyCompartmentResponse") } return } -// createOutboundConnector implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// changeFilesystemSnapshotPolicyCompartment implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) changeFilesystemSnapshotPolicyCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/changeCompartment", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateOutboundConnectorResponse + var response ChangeFilesystemSnapshotPolicyCompartmentResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/CreateOutboundConnector" - err = common.PostProcessServiceError(err, "FileStorage", "CreateOutboundConnector", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/ChangeFilesystemSnapshotPolicyCompartment" + err = common.PostProcessServiceError(err, "FileStorage", "ChangeFilesystemSnapshotPolicyCompartment", apiReferenceLink) return response, err } - err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) + err = common.UnmarshalResponse(httpResponse, &response) return response, err } -// CreateReplication Creates a new replication in the specified compartment. -// Replications are the primary resource that governs the policy of cross-region replication between source -// and target file systems. Replications are associated with a secondary resource called a ReplicationTarget -// located in another availability domain. -// The associated replication target resource is automatically created along with the replication resource. -// The replication retrieves the delta of data between two snapshots of a source file system -// and sends it to the associated `ReplicationTarget`, which retrieves the delta and applies it to the target -// file system. -// Only unexported file systems can be used as target file systems. -// For more information, see Using Replication (https://docs.cloud.oracle.com/iaas/Content/File/Tasks/FSreplication.htm). -// For information about access control and compartments, see -// Overview of the IAM -// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). -// For information about availability domains, see Regions and -// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). -// To get a list of availability domains, use the -// `ListAvailabilityDomains` operation in the Identity and Access -// Management Service API. -// All Oracle Cloud Infrastructure Services resources, including -// replications, get an Oracle-assigned, unique ID called an -// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). -// When you create a resource, you can find its OCID in the response. -// You can also retrieve a resource's OCID by using a List API operation on that resource -// type, or by viewing the resource in the Console. +// ChangeMountTargetCompartment Moves a mount target and its associated export set or share set into a different compartment within the same tenancy. For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateReplication.go.html to see an example of how to use CreateReplication API. -func (client FileStorageClient) CreateReplication(ctx context.Context, request CreateReplicationRequest) (response CreateReplicationResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeMountTargetCompartment.go.html to see an example of how to use ChangeMountTargetCompartment API. +func (client FileStorageClient) ChangeMountTargetCompartment(ctx context.Context, request ChangeMountTargetCompartmentRequest) (response ChangeMountTargetCompartmentResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -797,47 +676,101 @@ func (client FileStorageClient) CreateReplication(ctx context.Context, request C if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } + ociResponse, err = common.Retry(ctx, request, client.changeMountTargetCompartment, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = ChangeMountTargetCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = ChangeMountTargetCompartmentResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(ChangeMountTargetCompartmentResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into ChangeMountTargetCompartmentResponse") + } + return +} - if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { - request.OpcRetryToken = common.String(common.RetryToken()) +// changeMountTargetCompartment implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) changeMountTargetCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/changeCompartment", binaryReqBody, extraHeaders) + if err != nil { + return nil, err } - ociResponse, err = common.Retry(ctx, request, client.createReplication, policy) + var response ChangeMountTargetCompartmentResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/ChangeMountTargetCompartment" + err = common.PostProcessServiceError(err, "FileStorage", "ChangeMountTargetCompartment", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// ChangeOutboundConnectorCompartment Moves an outbound connector into a different compartment within the same tenancy. +// For information about moving resources between compartments, see +// Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes) +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeOutboundConnectorCompartment.go.html to see an example of how to use ChangeOutboundConnectorCompartment API. +func (client FileStorageClient) ChangeOutboundConnectorCompartment(ctx context.Context, request ChangeOutboundConnectorCompartmentRequest) (response ChangeOutboundConnectorCompartmentResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.changeOutboundConnectorCompartment, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ChangeOutboundConnectorCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateReplicationResponse{} + response = ChangeOutboundConnectorCompartmentResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateReplicationResponse); ok { + if convertedResponse, ok := ociResponse.(ChangeOutboundConnectorCompartmentResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateReplicationResponse") + err = fmt.Errorf("failed to convert OCIResponse into ChangeOutboundConnectorCompartmentResponse") } return } -// createReplication implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// changeOutboundConnectorCompartment implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) changeOutboundConnectorCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors/{outboundConnectorId}/actions/changeCompartment", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateReplicationResponse + var response ChangeOutboundConnectorCompartmentResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/CreateReplication" - err = common.PostProcessServiceError(err, "FileStorage", "CreateReplication", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/ChangeOutboundConnectorCompartment" + err = common.PostProcessServiceError(err, "FileStorage", "ChangeOutboundConnectorCompartment", apiReferenceLink) return response, err } @@ -845,13 +778,71 @@ func (client FileStorageClient) createReplication(ctx context.Context, request c return response, err } -// CreateSnapshot Creates a new snapshot of the specified file system. You -// can access the snapshot at `.snapshot/`. +// ChangeReplicationCompartment Moves a replication and its replication target into a different compartment within the same tenancy. +// For information about moving resources between compartments, see Moving Resources to a Different Compartment (https://docs.cloud.oracle.com/iaas/Content/Identity/Tasks/managingcompartments.htm#moveRes). // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateSnapshot.go.html to see an example of how to use CreateSnapshot API. -func (client FileStorageClient) CreateSnapshot(ctx context.Context, request CreateSnapshotRequest) (response CreateSnapshotResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ChangeReplicationCompartment.go.html to see an example of how to use ChangeReplicationCompartment API. +func (client FileStorageClient) ChangeReplicationCompartment(ctx context.Context, request ChangeReplicationCompartmentRequest) (response ChangeReplicationCompartmentResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.changeReplicationCompartment, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = ChangeReplicationCompartmentResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = ChangeReplicationCompartmentResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(ChangeReplicationCompartmentResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into ChangeReplicationCompartmentResponse") + } + return +} + +// changeReplicationCompartment implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) changeReplicationCompartment(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications/{replicationId}/actions/changeCompartment", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response ChangeReplicationCompartmentResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/ChangeReplicationCompartment" + err = common.PostProcessServiceError(err, "FileStorage", "ChangeReplicationCompartment", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// CreateExport Creates a new export in the specified export set, path, and +// file system. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateExport.go.html to see an example of how to use CreateExport API. +func (client FileStorageClient) CreateExport(ctx context.Context, request CreateExportRequest) (response CreateExportResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -865,42 +856,42 @@ func (client FileStorageClient) CreateSnapshot(ctx context.Context, request Crea request.OpcRetryToken = common.String(common.RetryToken()) } - ociResponse, err = common.Retry(ctx, request, client.createSnapshot, policy) + ociResponse, err = common.Retry(ctx, request, client.createExport, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = CreateSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = CreateExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = CreateSnapshotResponse{} + response = CreateExportResponse{} } } return } - if convertedResponse, ok := ociResponse.(CreateSnapshotResponse); ok { + if convertedResponse, ok := ociResponse.(CreateExportResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into CreateSnapshotResponse") + err = fmt.Errorf("failed to convert OCIResponse into CreateExportResponse") } return } -// createSnapshot implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) createSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// createExport implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createExport(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/snapshots", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/exports", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response CreateSnapshotResponse + var response CreateExportResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/CreateSnapshot" - err = common.PostProcessServiceError(err, "FileStorage", "CreateSnapshot", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/CreateExport" + err = common.PostProcessServiceError(err, "FileStorage", "CreateExport", apiReferenceLink) return response, err } @@ -908,12 +899,35 @@ func (client FileStorageClient) createSnapshot(ctx context.Context, request comm return response, err } -// DeleteExport Deletes the specified export. +// CreateFileSystem Creates a new file system in the specified compartment and +// availability domain. Instances can mount file systems in +// another availability domain, but doing so might increase +// latency when compared to mounting instances in the same +// availability domain. +// After you create a file system, you can associate it with a mount +// target. Instances can then mount the file system by connecting to the +// mount target's IP address. You can associate a file system with +// more than one mount target at a time. +// For information about access control and compartments, see +// Overview of the IAM Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). +// For information about Network Security Groups access control, see +// Network Security Groups (https://docs.cloud.oracle.com/Content/Network/Concepts/networksecuritygroups.htm). +// For information about availability domains, see Regions and +// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). +// To get a list of availability domains, use the +// `ListAvailabilityDomains` operation in the Identity and Access +// Management Service API. +// All Oracle Cloud Infrastructure resources, including +// file systems, get an Oracle-assigned, unique ID called an Oracle +// Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). +// When you create a resource, you can find its OCID in the response. +// You can also retrieve a resource's OCID by using a List API operation on that resource +// type or by viewing the resource in the Console. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteExport.go.html to see an example of how to use DeleteExport API. -func (client FileStorageClient) DeleteExport(ctx context.Context, request DeleteExportRequest) (response DeleteExportResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateFileSystem.go.html to see an example of how to use CreateFileSystem API. +func (client FileStorageClient) CreateFileSystem(ctx context.Context, request CreateFileSystemRequest) (response CreateFileSystemResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -922,42 +936,1003 @@ func (client FileStorageClient) DeleteExport(ctx context.Context, request Delete if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteExport, policy) + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createFileSystem, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = CreateFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteExportResponse{} + response = CreateFileSystemResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteExportResponse); ok { + if convertedResponse, ok := ociResponse.(CreateFileSystemResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteExportResponse") + err = fmt.Errorf("failed to convert OCIResponse into CreateFileSystemResponse") } return } -// deleteExport implements the OCIOperation interface (enables retrying operations) +// createFileSystem implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateFileSystemResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/CreateFileSystem" + err = common.PostProcessServiceError(err, "FileStorage", "CreateFileSystem", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// CreateFilesystemSnapshotPolicy Creates a new file system snapshot policy in the specified compartment and +// availability domain. +// After you create a file system snapshot policy, you can associate it with +// file systems. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateFilesystemSnapshotPolicy.go.html to see an example of how to use CreateFilesystemSnapshotPolicy API. +func (client FileStorageClient) CreateFilesystemSnapshotPolicy(ctx context.Context, request CreateFilesystemSnapshotPolicyRequest) (response CreateFilesystemSnapshotPolicyResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createFilesystemSnapshotPolicy, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = CreateFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = CreateFilesystemSnapshotPolicyResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(CreateFilesystemSnapshotPolicyResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into CreateFilesystemSnapshotPolicyResponse") + } + return +} + +// createFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateFilesystemSnapshotPolicyResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/CreateFilesystemSnapshotPolicy" + err = common.PostProcessServiceError(err, "FileStorage", "CreateFilesystemSnapshotPolicy", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// CreateMountTarget Creates a new mount target in the specified compartment and +// subnet. You can associate a file system with a mount +// target only when they exist in the same availability domain. Instances +// can connect to mount targets in another availablity domain, but +// you might see higher latency than with instances in the same +// availability domain as the mount target. +// Mount targets have one or more private IP addresses that you can +// provide as the host portion of remote target parameters in +// client mount commands. These private IP addresses are listed +// in the privateIpIds property of the mount target and are highly available. Mount +// targets also consume additional IP addresses in their subnet. +// Do not use /30 or smaller subnets for mount target creation because they +// do not have sufficient available IP addresses. +// Allow at least three IP addresses for each mount target. +// For information about access control and compartments, see +// Overview of the IAM +// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). +// For information about availability domains, see Regions and +// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). +// To get a list of availability domains, use the +// `ListAvailabilityDomains` operation in the Identity and Access +// Management Service API. +// All Oracle Cloud Infrastructure Services resources, including +// mount targets, get an Oracle-assigned, unique ID called an +// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). +// When you create a resource, you can find its OCID in the response. +// You can also retrieve a resource's OCID by using a List API operation on that resource +// type, or by viewing the resource in the Console. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateMountTarget.go.html to see an example of how to use CreateMountTarget API. +func (client FileStorageClient) CreateMountTarget(ctx context.Context, request CreateMountTargetRequest) (response CreateMountTargetResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createMountTarget, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = CreateMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = CreateMountTargetResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(CreateMountTargetResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into CreateMountTargetResponse") + } + return +} + +// createMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateMountTargetResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/CreateMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "CreateMountTarget", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// CreateOutboundConnector Creates a new outbound connector in the specified compartment. +// You can associate an outbound connector with a mount target only when +// they exist in the same availability domain. +// For information about access control and compartments, see +// Overview of the IAM +// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). +// For information about availability domains, see Regions and +// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). +// To get a list of availability domains, use the +// `ListAvailabilityDomains` operation in the Identity and Access +// Management Service API. +// All Oracle Cloud Infrastructure Services resources, including +// outbound connectors, get an Oracle-assigned, unique ID called an +// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). +// When you create a resource, you can find its OCID in the response. +// You can also retrieve a resource's OCID by using a List API operation on that resource +// type, or by viewing the resource in the Console. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateOutboundConnector.go.html to see an example of how to use CreateOutboundConnector API. +func (client FileStorageClient) CreateOutboundConnector(ctx context.Context, request CreateOutboundConnectorRequest) (response CreateOutboundConnectorResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createOutboundConnector, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = CreateOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = CreateOutboundConnectorResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(CreateOutboundConnectorResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into CreateOutboundConnectorResponse") + } + return +} + +// createOutboundConnector implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateOutboundConnectorResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/CreateOutboundConnector" + err = common.PostProcessServiceError(err, "FileStorage", "CreateOutboundConnector", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) + return response, err +} + +// CreateReplication Creates a new replication in the specified compartment. +// Replications are the primary resource that governs the policy of cross-region replication between source +// and target file systems. Replications are associated with a secondary resource called a ReplicationTarget +// located in another availability domain. +// The associated replication target resource is automatically created along with the replication resource. +// The replication retrieves the delta of data between two snapshots of a source file system +// and sends it to the associated `ReplicationTarget`, which retrieves the delta and applies it to the target +// file system. +// Only unexported file systems can be used as target file systems. +// For more information, see Using Replication (https://docs.cloud.oracle.com/iaas/Content/File/Tasks/FSreplication.htm). +// For information about access control and compartments, see +// Overview of the IAM +// Service (https://docs.cloud.oracle.com/Content/Identity/Concepts/overview.htm). +// For information about availability domains, see Regions and +// Availability Domains (https://docs.cloud.oracle.com/Content/General/Concepts/regions.htm). +// To get a list of availability domains, use the +// `ListAvailabilityDomains` operation in the Identity and Access +// Management Service API. +// All Oracle Cloud Infrastructure Services resources, including +// replications, get an Oracle-assigned, unique ID called an +// Oracle Cloud Identifier (OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)). +// When you create a resource, you can find its OCID in the response. +// You can also retrieve a resource's OCID by using a List API operation on that resource +// type, or by viewing the resource in the Console. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateReplication.go.html to see an example of how to use CreateReplication API. +func (client FileStorageClient) CreateReplication(ctx context.Context, request CreateReplicationRequest) (response CreateReplicationResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createReplication, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = CreateReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = CreateReplicationResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(CreateReplicationResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into CreateReplicationResponse") + } + return +} + +// createReplication implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateReplicationResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/CreateReplication" + err = common.PostProcessServiceError(err, "FileStorage", "CreateReplication", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// CreateSnapshot Creates a new snapshot of the specified file system. You +// can access the snapshot at `.snapshot/`. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/CreateSnapshot.go.html to see an example of how to use CreateSnapshot API. +func (client FileStorageClient) CreateSnapshot(ctx context.Context, request CreateSnapshotRequest) (response CreateSnapshotResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + + if !(request.OpcRetryToken != nil && *request.OpcRetryToken != "") { + request.OpcRetryToken = common.String(common.RetryToken()) + } + + ociResponse, err = common.Retry(ctx, request, client.createSnapshot, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = CreateSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = CreateSnapshotResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(CreateSnapshotResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into CreateSnapshotResponse") + } + return +} + +// createSnapshot implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) createSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/snapshots", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response CreateSnapshotResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/CreateSnapshot" + err = common.PostProcessServiceError(err, "FileStorage", "CreateSnapshot", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteExport Deletes the specified export. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteExport.go.html to see an example of how to use DeleteExport API. +func (client FileStorageClient) DeleteExport(ctx context.Context, request DeleteExportRequest) (response DeleteExportResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteExport, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteExportResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteExportResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteExportResponse") + } + return +} + +// deleteExport implements the OCIOperation interface (enables retrying operations) func (client FileStorageClient) deleteExport(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/exports/{exportId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/exports/{exportId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteExportResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/DeleteExport" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteExport", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteFileSystem Deletes the specified file system. Before you delete the file system, +// verify that no remaining export resources still reference it. Deleting a +// file system also deletes all of its snapshots. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteFileSystem.go.html to see an example of how to use DeleteFileSystem API. +func (client FileStorageClient) DeleteFileSystem(ctx context.Context, request DeleteFileSystemRequest) (response DeleteFileSystemResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteFileSystem, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteFileSystemResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteFileSystemResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteFileSystemResponse") + } + return +} + +// deleteFileSystem implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/fileSystems/{fileSystemId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteFileSystemResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/DeleteFileSystem" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteFileSystem", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteFilesystemSnapshotPolicy Deletes the specified file system snapshot policy. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteFilesystemSnapshotPolicy.go.html to see an example of how to use DeleteFilesystemSnapshotPolicy API. +func (client FileStorageClient) DeleteFilesystemSnapshotPolicy(ctx context.Context, request DeleteFilesystemSnapshotPolicyRequest) (response DeleteFilesystemSnapshotPolicyResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteFilesystemSnapshotPolicy, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteFilesystemSnapshotPolicyResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteFilesystemSnapshotPolicyResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteFilesystemSnapshotPolicyResponse") + } + return +} + +// deleteFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteFilesystemSnapshotPolicyResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/DeleteFilesystemSnapshotPolicy" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteFilesystemSnapshotPolicy", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteMountTarget Deletes the specified mount target. This operation also deletes the +// mount target's VNICs. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteMountTarget.go.html to see an example of how to use DeleteMountTarget API. +func (client FileStorageClient) DeleteMountTarget(ctx context.Context, request DeleteMountTargetRequest) (response DeleteMountTargetResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteMountTarget, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteMountTargetResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteMountTargetResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteMountTargetResponse") + } + return +} + +// deleteMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/mountTargets/{mountTargetId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteMountTargetResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/DeleteMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteMountTarget", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteOutboundConnector Deletes the specified outbound connector. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteOutboundConnector.go.html to see an example of how to use DeleteOutboundConnector API. +func (client FileStorageClient) DeleteOutboundConnector(ctx context.Context, request DeleteOutboundConnectorRequest) (response DeleteOutboundConnectorResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteOutboundConnector, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteOutboundConnectorResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteOutboundConnectorResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteOutboundConnectorResponse") + } + return +} + +// deleteOutboundConnector implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/outboundConnectors/{outboundConnectorId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteOutboundConnectorResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/DeleteOutboundConnector" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteOutboundConnector", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteReplication Deletes the specified replication and the the associated replication target. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteReplication.go.html to see an example of how to use DeleteReplication API. +func (client FileStorageClient) DeleteReplication(ctx context.Context, request DeleteReplicationRequest) (response DeleteReplicationResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteReplication, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteReplicationResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteReplicationResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteReplicationResponse") + } + return +} + +// deleteReplication implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/replications/{replicationId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteReplicationResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/DeleteReplication" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteReplication", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteReplicationTarget Deletes the specified replication target. +// This operation causes the immediate release of the target file system if there are currently no delta application operations. +// If there is any current delta being applied the delete operation is blocked until the current +// delta has been completely applied. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteReplicationTarget.go.html to see an example of how to use DeleteReplicationTarget API. +func (client FileStorageClient) DeleteReplicationTarget(ctx context.Context, request DeleteReplicationTargetRequest) (response DeleteReplicationTargetResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteReplicationTarget, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteReplicationTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteReplicationTargetResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteReplicationTargetResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteReplicationTargetResponse") + } + return +} + +// deleteReplicationTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteReplicationTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/replicationTargets/{replicationTargetId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteReplicationTargetResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTarget/DeleteReplicationTarget" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteReplicationTarget", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DeleteSnapshot Deletes the specified snapshot. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteSnapshot.go.html to see an example of how to use DeleteSnapshot API. +func (client FileStorageClient) DeleteSnapshot(ctx context.Context, request DeleteSnapshotRequest) (response DeleteSnapshotResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.deleteSnapshot, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DeleteSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DeleteSnapshotResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DeleteSnapshotResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DeleteSnapshotResponse") + } + return +} + +// deleteSnapshot implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) deleteSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodDelete, "/snapshots/{snapshotId}", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DeleteSnapshotResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/DeleteSnapshot" + err = common.PostProcessServiceError(err, "FileStorage", "DeleteSnapshot", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// DetachClone Detaches the file system from its parent file system +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DetachClone.go.html to see an example of how to use DetachClone API. +func (client FileStorageClient) DetachClone(ctx context.Context, request DetachCloneRequest) (response DetachCloneResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.detachClone, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = DetachCloneResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = DetachCloneResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(DetachCloneResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into DetachCloneResponse") + } + return +} + +// detachClone implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) detachClone(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/detachClone", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response DetachCloneResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/DetachClone" + err = common.PostProcessServiceError(err, "FileStorage", "DetachClone", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + +// EstimateReplication Provides estimates for replication created using specific file system. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/EstimateReplication.go.html to see an example of how to use EstimateReplication API. +func (client FileStorageClient) EstimateReplication(ctx context.Context, request EstimateReplicationRequest) (response EstimateReplicationResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.estimateReplication, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = EstimateReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = EstimateReplicationResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(EstimateReplicationResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into EstimateReplicationResponse") + } + return +} + +// estimateReplication implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) estimateReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/estimateReplication", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteExportResponse + var response EstimateReplicationResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/DeleteExport" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteExport", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/EstimateReplication" + err = common.PostProcessServiceError(err, "FileStorage", "EstimateReplication", apiReferenceLink) return response, err } @@ -965,14 +1940,12 @@ func (client FileStorageClient) deleteExport(ctx context.Context, request common return response, err } -// DeleteFileSystem Deletes the specified file system. Before you delete the file system, -// verify that no remaining export resources still reference it. Deleting a -// file system also deletes all of its snapshots. +// GetExport Gets the specified export's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteFileSystem.go.html to see an example of how to use DeleteFileSystem API. -func (client FileStorageClient) DeleteFileSystem(ctx context.Context, request DeleteFileSystemRequest) (response DeleteFileSystemResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetExport.go.html to see an example of how to use GetExport API. +func (client FileStorageClient) GetExport(ctx context.Context, request GetExportRequest) (response GetExportResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -981,42 +1954,42 @@ func (client FileStorageClient) DeleteFileSystem(ctx context.Context, request De if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteFileSystem, policy) + ociResponse, err = common.Retry(ctx, request, client.getExport, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteFileSystemResponse{} + response = GetExportResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteFileSystemResponse); ok { + if convertedResponse, ok := ociResponse.(GetExportResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteFileSystemResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetExportResponse") } return } -// deleteFileSystem implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getExport implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getExport(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/fileSystems/{fileSystemId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/exports/{exportId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteFileSystemResponse + var response GetExportResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/DeleteFileSystem" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteFileSystem", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/GetExport" + err = common.PostProcessServiceError(err, "FileStorage", "GetExport", apiReferenceLink) return response, err } @@ -1024,12 +1997,12 @@ func (client FileStorageClient) deleteFileSystem(ctx context.Context, request co return response, err } -// DeleteFilesystemSnapshotPolicy Deletes the specified file system snapshot policy. +// GetExportSet Gets the specified export set's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteFilesystemSnapshotPolicy.go.html to see an example of how to use DeleteFilesystemSnapshotPolicy API. -func (client FileStorageClient) DeleteFilesystemSnapshotPolicy(ctx context.Context, request DeleteFilesystemSnapshotPolicyRequest) (response DeleteFilesystemSnapshotPolicyResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetExportSet.go.html to see an example of how to use GetExportSet API. +func (client FileStorageClient) GetExportSet(ctx context.Context, request GetExportSetRequest) (response GetExportSetResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1038,42 +2011,42 @@ func (client FileStorageClient) DeleteFilesystemSnapshotPolicy(ctx context.Conte if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteFilesystemSnapshotPolicy, policy) + ociResponse, err = common.Retry(ctx, request, client.getExportSet, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetExportSetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteFilesystemSnapshotPolicyResponse{} + response = GetExportSetResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteFilesystemSnapshotPolicyResponse); ok { + if convertedResponse, ok := ociResponse.(GetExportSetResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteFilesystemSnapshotPolicyResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetExportSetResponse") } return } -// deleteFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getExportSet implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getExportSet(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/exportSets/{exportSetId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteFilesystemSnapshotPolicyResponse + var response GetExportSetResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/DeleteFilesystemSnapshotPolicy" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteFilesystemSnapshotPolicy", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSet/GetExportSet" + err = common.PostProcessServiceError(err, "FileStorage", "GetExportSet", apiReferenceLink) return response, err } @@ -1081,13 +2054,12 @@ func (client FileStorageClient) deleteFilesystemSnapshotPolicy(ctx context.Conte return response, err } -// DeleteMountTarget Deletes the specified mount target. This operation also deletes the -// mount target's VNICs. +// GetFileSystem Gets the specified file system's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteMountTarget.go.html to see an example of how to use DeleteMountTarget API. -func (client FileStorageClient) DeleteMountTarget(ctx context.Context, request DeleteMountTargetRequest) (response DeleteMountTargetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetFileSystem.go.html to see an example of how to use GetFileSystem API. +func (client FileStorageClient) GetFileSystem(ctx context.Context, request GetFileSystemRequest) (response GetFileSystemResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1096,42 +2068,42 @@ func (client FileStorageClient) DeleteMountTarget(ctx context.Context, request D if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteMountTarget, policy) + ociResponse, err = common.Retry(ctx, request, client.getFileSystem, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteMountTargetResponse{} + response = GetFileSystemResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteMountTargetResponse); ok { + if convertedResponse, ok := ociResponse.(GetFileSystemResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteMountTargetResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetFileSystemResponse") } return } -// deleteMountTarget implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getFileSystem implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/mountTargets/{mountTargetId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/fileSystems/{fileSystemId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteMountTargetResponse + var response GetFileSystemResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/DeleteMountTarget" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteMountTarget", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/GetFileSystem" + err = common.PostProcessServiceError(err, "FileStorage", "GetFileSystem", apiReferenceLink) return response, err } @@ -1139,12 +2111,12 @@ func (client FileStorageClient) deleteMountTarget(ctx context.Context, request c return response, err } -// DeleteOutboundConnector Deletes the specified outbound connector. +// GetFilesystemSnapshotPolicy Gets the specified file system snapshot policy's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteOutboundConnector.go.html to see an example of how to use DeleteOutboundConnector API. -func (client FileStorageClient) DeleteOutboundConnector(ctx context.Context, request DeleteOutboundConnectorRequest) (response DeleteOutboundConnectorResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetFilesystemSnapshotPolicy.go.html to see an example of how to use GetFilesystemSnapshotPolicy API. +func (client FileStorageClient) GetFilesystemSnapshotPolicy(ctx context.Context, request GetFilesystemSnapshotPolicyRequest) (response GetFilesystemSnapshotPolicyResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1153,42 +2125,42 @@ func (client FileStorageClient) DeleteOutboundConnector(ctx context.Context, req if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteOutboundConnector, policy) + ociResponse, err = common.Retry(ctx, request, client.getFilesystemSnapshotPolicy, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteOutboundConnectorResponse{} + response = GetFilesystemSnapshotPolicyResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteOutboundConnectorResponse); ok { + if convertedResponse, ok := ociResponse.(GetFilesystemSnapshotPolicyResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteOutboundConnectorResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetFilesystemSnapshotPolicyResponse") } return } -// deleteOutboundConnector implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/outboundConnectors/{outboundConnectorId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteOutboundConnectorResponse + var response GetFilesystemSnapshotPolicyResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/DeleteOutboundConnector" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteOutboundConnector", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/GetFilesystemSnapshotPolicy" + err = common.PostProcessServiceError(err, "FileStorage", "GetFilesystemSnapshotPolicy", apiReferenceLink) return response, err } @@ -1196,12 +2168,12 @@ func (client FileStorageClient) deleteOutboundConnector(ctx context.Context, req return response, err } -// DeleteReplication Deletes the specified replication and the the associated replication target. +// GetMountTarget Gets the specified mount target's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteReplication.go.html to see an example of how to use DeleteReplication API. -func (client FileStorageClient) DeleteReplication(ctx context.Context, request DeleteReplicationRequest) (response DeleteReplicationResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetMountTarget.go.html to see an example of how to use GetMountTarget API. +func (client FileStorageClient) GetMountTarget(ctx context.Context, request GetMountTargetRequest) (response GetMountTargetResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1210,42 +2182,42 @@ func (client FileStorageClient) DeleteReplication(ctx context.Context, request D if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteReplication, policy) + ociResponse, err = common.Retry(ctx, request, client.getMountTarget, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteReplicationResponse{} + response = GetMountTargetResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteReplicationResponse); ok { + if convertedResponse, ok := ociResponse.(GetMountTargetResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteReplicationResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetMountTargetResponse") } return } -// deleteReplication implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/replications/{replicationId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/mountTargets/{mountTargetId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteReplicationResponse + var response GetMountTargetResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/DeleteReplication" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteReplication", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/GetMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "GetMountTarget", apiReferenceLink) return response, err } @@ -1253,15 +2225,12 @@ func (client FileStorageClient) deleteReplication(ctx context.Context, request c return response, err } -// DeleteReplicationTarget Deletes the specified replication target. -// This operation causes the immediate release of the target file system if there are currently no delta application operations. -// If there is any current delta being applied the delete operation is blocked until the current -// delta has been completely applied. +// GetOutboundConnector Gets the specified outbound connector's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteReplicationTarget.go.html to see an example of how to use DeleteReplicationTarget API. -func (client FileStorageClient) DeleteReplicationTarget(ctx context.Context, request DeleteReplicationTargetRequest) (response DeleteReplicationTargetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetOutboundConnector.go.html to see an example of how to use GetOutboundConnector API. +func (client FileStorageClient) GetOutboundConnector(ctx context.Context, request GetOutboundConnectorRequest) (response GetOutboundConnectorResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1270,55 +2239,55 @@ func (client FileStorageClient) DeleteReplicationTarget(ctx context.Context, req if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteReplicationTarget, policy) + ociResponse, err = common.Retry(ctx, request, client.getOutboundConnector, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteReplicationTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteReplicationTargetResponse{} + response = GetOutboundConnectorResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteReplicationTargetResponse); ok { + if convertedResponse, ok := ociResponse.(GetOutboundConnectorResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteReplicationTargetResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetOutboundConnectorResponse") } return } -// deleteReplicationTarget implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteReplicationTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getOutboundConnector implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/replicationTargets/{replicationTargetId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/outboundConnectors/{outboundConnectorId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteReplicationTargetResponse + var response GetOutboundConnectorResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTarget/DeleteReplicationTarget" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteReplicationTarget", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/GetOutboundConnector" + err = common.PostProcessServiceError(err, "FileStorage", "GetOutboundConnector", apiReferenceLink) return response, err } - err = common.UnmarshalResponse(httpResponse, &response) + err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) return response, err } -// DeleteSnapshot Deletes the specified snapshot. +// GetReplication Gets the specified replication's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/DeleteSnapshot.go.html to see an example of how to use DeleteSnapshot API. -func (client FileStorageClient) DeleteSnapshot(ctx context.Context, request DeleteSnapshotRequest) (response DeleteSnapshotResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetReplication.go.html to see an example of how to use GetReplication API. +func (client FileStorageClient) GetReplication(ctx context.Context, request GetReplicationRequest) (response GetReplicationResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1327,42 +2296,42 @@ func (client FileStorageClient) DeleteSnapshot(ctx context.Context, request Dele if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.deleteSnapshot, policy) + ociResponse, err = common.Retry(ctx, request, client.getReplication, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = DeleteSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = DeleteSnapshotResponse{} + response = GetReplicationResponse{} } } return } - if convertedResponse, ok := ociResponse.(DeleteSnapshotResponse); ok { + if convertedResponse, ok := ociResponse.(GetReplicationResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into DeleteSnapshotResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetReplicationResponse") } return } -// deleteSnapshot implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) deleteSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getReplication implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodDelete, "/snapshots/{snapshotId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/replications/{replicationId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response DeleteSnapshotResponse + var response GetReplicationResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/DeleteSnapshot" - err = common.PostProcessServiceError(err, "FileStorage", "DeleteSnapshot", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/GetReplication" + err = common.PostProcessServiceError(err, "FileStorage", "GetReplication", apiReferenceLink) return response, err } @@ -1370,12 +2339,12 @@ func (client FileStorageClient) deleteSnapshot(ctx context.Context, request comm return response, err } -// EstimateReplication Provides estimates for replication created using specific file system. +// GetReplicationTarget Gets the specified replication target's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/EstimateReplication.go.html to see an example of how to use EstimateReplication API. -func (client FileStorageClient) EstimateReplication(ctx context.Context, request EstimateReplicationRequest) (response EstimateReplicationResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetReplicationTarget.go.html to see an example of how to use GetReplicationTarget API. +func (client FileStorageClient) GetReplicationTarget(ctx context.Context, request GetReplicationTargetRequest) (response GetReplicationTargetResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1384,42 +2353,42 @@ func (client FileStorageClient) EstimateReplication(ctx context.Context, request if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.estimateReplication, policy) + ociResponse, err = common.Retry(ctx, request, client.getReplicationTarget, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = EstimateReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetReplicationTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = EstimateReplicationResponse{} + response = GetReplicationTargetResponse{} } } return } - if convertedResponse, ok := ociResponse.(EstimateReplicationResponse); ok { + if convertedResponse, ok := ociResponse.(GetReplicationTargetResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into EstimateReplicationResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetReplicationTargetResponse") } return } -// estimateReplication implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) estimateReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getReplicationTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getReplicationTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/estimateReplication", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/replicationTargets/{replicationTargetId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response EstimateReplicationResponse + var response GetReplicationTargetResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/EstimateReplication" - err = common.PostProcessServiceError(err, "FileStorage", "EstimateReplication", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTarget/GetReplicationTarget" + err = common.PostProcessServiceError(err, "FileStorage", "GetReplicationTarget", apiReferenceLink) return response, err } @@ -1427,12 +2396,12 @@ func (client FileStorageClient) estimateReplication(ctx context.Context, request return response, err } -// GetExport Gets the specified export's information. +// GetSnapshot Gets the specified snapshot's information. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetExport.go.html to see an example of how to use GetExport API. -func (client FileStorageClient) GetExport(ctx context.Context, request GetExportRequest) (response GetExportResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetSnapshot.go.html to see an example of how to use GetSnapshot API. +func (client FileStorageClient) GetSnapshot(ctx context.Context, request GetSnapshotRequest) (response GetSnapshotResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1441,42 +2410,42 @@ func (client FileStorageClient) GetExport(ctx context.Context, request GetExport if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getExport, policy) + ociResponse, err = common.Retry(ctx, request, client.getSnapshot, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetExportResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = GetSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetExportResponse{} + response = GetSnapshotResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetExportResponse); ok { + if convertedResponse, ok := ociResponse.(GetSnapshotResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetExportResponse") + err = fmt.Errorf("failed to convert OCIResponse into GetSnapshotResponse") } return } -// getExport implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getExport(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// getSnapshot implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) getSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/exports/{exportId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/snapshots/{snapshotId}", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetExportResponse + var response GetSnapshotResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/GetExport" - err = common.PostProcessServiceError(err, "FileStorage", "GetExport", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/GetSnapshot" + err = common.PostProcessServiceError(err, "FileStorage", "GetSnapshot", apiReferenceLink) return response, err } @@ -1484,12 +2453,12 @@ func (client FileStorageClient) getExport(ctx context.Context, request common.OC return response, err } -// GetExportSet Gets the specified export set's information. +// ListExportSets Lists the export set resources in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetExportSet.go.html to see an example of how to use GetExportSet API. -func (client FileStorageClient) GetExportSet(ctx context.Context, request GetExportSetRequest) (response GetExportSetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListExportSets.go.html to see an example of how to use ListExportSets API. +func (client FileStorageClient) ListExportSets(ctx context.Context, request ListExportSetsRequest) (response ListExportSetsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1498,42 +2467,42 @@ func (client FileStorageClient) GetExportSet(ctx context.Context, request GetExp if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getExportSet, policy) + ociResponse, err = common.Retry(ctx, request, client.listExportSets, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetExportSetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListExportSetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetExportSetResponse{} + response = ListExportSetsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetExportSetResponse); ok { + if convertedResponse, ok := ociResponse.(ListExportSetsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetExportSetResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListExportSetsResponse") } return } -// getExportSet implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getExportSet(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listExportSets implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listExportSets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/exportSets/{exportSetId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/exportSets", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetExportSetResponse + var response ListExportSetsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSet/GetExportSet" - err = common.PostProcessServiceError(err, "FileStorage", "GetExportSet", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSetSummary/ListExportSets" + err = common.PostProcessServiceError(err, "FileStorage", "ListExportSets", apiReferenceLink) return response, err } @@ -1541,12 +2510,14 @@ func (client FileStorageClient) getExportSet(ctx context.Context, request common return response, err } -// GetFileSystem Gets the specified file system's information. +// ListExports Lists export resources by compartment, file system, or export +// set. You must specify an export set ID, a file system ID, and +// / or a compartment ID. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetFileSystem.go.html to see an example of how to use GetFileSystem API. -func (client FileStorageClient) GetFileSystem(ctx context.Context, request GetFileSystemRequest) (response GetFileSystemResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListExports.go.html to see an example of how to use ListExports API. +func (client FileStorageClient) ListExports(ctx context.Context, request ListExportsRequest) (response ListExportsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1555,42 +2526,42 @@ func (client FileStorageClient) GetFileSystem(ctx context.Context, request GetFi if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getFileSystem, policy) + ociResponse, err = common.Retry(ctx, request, client.listExports, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetFileSystemResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListExportsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetFileSystemResponse{} + response = ListExportsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetFileSystemResponse); ok { + if convertedResponse, ok := ociResponse.(ListExportsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetFileSystemResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListExportsResponse") } return } -// getFileSystem implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getFileSystem(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listExports implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listExports(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/fileSystems/{fileSystemId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/exports", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetFileSystemResponse + var response ListExportsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/GetFileSystem" - err = common.PostProcessServiceError(err, "FileStorage", "GetFileSystem", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSummary/ListExports" + err = common.PostProcessServiceError(err, "FileStorage", "ListExports", apiReferenceLink) return response, err } @@ -1598,12 +2569,13 @@ func (client FileStorageClient) getFileSystem(ctx context.Context, request commo return response, err } -// GetFilesystemSnapshotPolicy Gets the specified file system snapshot policy's information. +// ListFileSystems Lists the file system resources in the specified compartment, or by the specified compartment and +// file system snapshot policy. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetFilesystemSnapshotPolicy.go.html to see an example of how to use GetFilesystemSnapshotPolicy API. -func (client FileStorageClient) GetFilesystemSnapshotPolicy(ctx context.Context, request GetFilesystemSnapshotPolicyRequest) (response GetFilesystemSnapshotPolicyResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListFileSystems.go.html to see an example of how to use ListFileSystems API. +func (client FileStorageClient) ListFileSystems(ctx context.Context, request ListFileSystemsRequest) (response ListFileSystemsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1612,42 +2584,42 @@ func (client FileStorageClient) GetFilesystemSnapshotPolicy(ctx context.Context, if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getFilesystemSnapshotPolicy, policy) + ociResponse, err = common.Retry(ctx, request, client.listFileSystems, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListFileSystemsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetFilesystemSnapshotPolicyResponse{} + response = ListFileSystemsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetFilesystemSnapshotPolicyResponse); ok { + if convertedResponse, ok := ociResponse.(ListFileSystemsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetFilesystemSnapshotPolicyResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListFileSystemsResponse") } return } -// getFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listFileSystems implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listFileSystems(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/fileSystems", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetFilesystemSnapshotPolicyResponse + var response ListFileSystemsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/GetFilesystemSnapshotPolicy" - err = common.PostProcessServiceError(err, "FileStorage", "GetFilesystemSnapshotPolicy", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystemSummary/ListFileSystems" + err = common.PostProcessServiceError(err, "FileStorage", "ListFileSystems", apiReferenceLink) return response, err } @@ -1655,12 +2627,12 @@ func (client FileStorageClient) getFilesystemSnapshotPolicy(ctx context.Context, return response, err } -// GetMountTarget Gets the specified mount target's information. +// ListFilesystemSnapshotPolicies Lists file system snapshot policies in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetMountTarget.go.html to see an example of how to use GetMountTarget API. -func (client FileStorageClient) GetMountTarget(ctx context.Context, request GetMountTargetRequest) (response GetMountTargetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListFilesystemSnapshotPolicies.go.html to see an example of how to use ListFilesystemSnapshotPolicies API. +func (client FileStorageClient) ListFilesystemSnapshotPolicies(ctx context.Context, request ListFilesystemSnapshotPoliciesRequest) (response ListFilesystemSnapshotPoliciesResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1669,42 +2641,42 @@ func (client FileStorageClient) GetMountTarget(ctx context.Context, request GetM if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getMountTarget, policy) + ociResponse, err = common.Retry(ctx, request, client.listFilesystemSnapshotPolicies, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListFilesystemSnapshotPoliciesResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetMountTargetResponse{} + response = ListFilesystemSnapshotPoliciesResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetMountTargetResponse); ok { + if convertedResponse, ok := ociResponse.(ListFilesystemSnapshotPoliciesResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetMountTargetResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListFilesystemSnapshotPoliciesResponse") } return } -// getMountTarget implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listFilesystemSnapshotPolicies implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listFilesystemSnapshotPolicies(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/mountTargets/{mountTargetId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/filesystemSnapshotPolicies", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetMountTargetResponse + var response ListFilesystemSnapshotPoliciesResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/GetMountTarget" - err = common.PostProcessServiceError(err, "FileStorage", "GetMountTarget", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicySummary/ListFilesystemSnapshotPolicies" + err = common.PostProcessServiceError(err, "FileStorage", "ListFilesystemSnapshotPolicies", apiReferenceLink) return response, err } @@ -1712,12 +2684,12 @@ func (client FileStorageClient) getMountTarget(ctx context.Context, request comm return response, err } -// GetOutboundConnector Gets the specified outbound connector's information. +// ListMountTargets Lists the mount target resources in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetOutboundConnector.go.html to see an example of how to use GetOutboundConnector API. -func (client FileStorageClient) GetOutboundConnector(ctx context.Context, request GetOutboundConnectorRequest) (response GetOutboundConnectorResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListMountTargets.go.html to see an example of how to use ListMountTargets API. +func (client FileStorageClient) ListMountTargets(ctx context.Context, request ListMountTargetsRequest) (response ListMountTargetsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1726,55 +2698,71 @@ func (client FileStorageClient) GetOutboundConnector(ctx context.Context, reques if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getOutboundConnector, policy) + ociResponse, err = common.Retry(ctx, request, client.listMountTargets, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetOutboundConnectorResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListMountTargetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetOutboundConnectorResponse{} + response = ListMountTargetsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetOutboundConnectorResponse); ok { + if convertedResponse, ok := ociResponse.(ListMountTargetsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetOutboundConnectorResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListMountTargetsResponse") } return } -// getOutboundConnector implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getOutboundConnector(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listMountTargets implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listMountTargets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/outboundConnectors/{outboundConnectorId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/mountTargets", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetOutboundConnectorResponse + var response ListMountTargetsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/GetOutboundConnector" - err = common.PostProcessServiceError(err, "FileStorage", "GetOutboundConnector", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTargetSummary/ListMountTargets" + err = common.PostProcessServiceError(err, "FileStorage", "ListMountTargets", apiReferenceLink) return response, err } - err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) + err = common.UnmarshalResponse(httpResponse, &response) return response, err } -// GetReplication Gets the specified replication's information. +// listoutboundconnectorsummary allows to unmarshal list of polymorphic OutboundConnectorSummary +type listoutboundconnectorsummary []outboundconnectorsummary + +// UnmarshalPolymorphicJSON unmarshals polymorphic json list of items +func (m *listoutboundconnectorsummary) UnmarshalPolymorphicJSON(data []byte) (interface{}, error) { + res := make([]OutboundConnectorSummary, len(*m)) + for i, v := range *m { + nn, err := v.UnmarshalPolymorphicJSON(v.JsonData) + if err != nil { + return nil, err + } + res[i] = nn.(OutboundConnectorSummary) + } + return res, nil +} + +// ListOutboundConnectors Lists the outbound connector resources in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetReplication.go.html to see an example of how to use GetReplication API. -func (client FileStorageClient) GetReplication(ctx context.Context, request GetReplicationRequest) (response GetReplicationResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListOutboundConnectors.go.html to see an example of how to use ListOutboundConnectors API. +func (client FileStorageClient) ListOutboundConnectors(ctx context.Context, request ListOutboundConnectorsRequest) (response ListOutboundConnectorsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1783,55 +2771,55 @@ func (client FileStorageClient) GetReplication(ctx context.Context, request GetR if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getReplication, policy) + ociResponse, err = common.Retry(ctx, request, client.listOutboundConnectors, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetReplicationResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListOutboundConnectorsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetReplicationResponse{} + response = ListOutboundConnectorsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetReplicationResponse); ok { + if convertedResponse, ok := ociResponse.(ListOutboundConnectorsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetReplicationResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListOutboundConnectorsResponse") } return } -// getReplication implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getReplication(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listOutboundConnectors implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listOutboundConnectors(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/replications/{replicationId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/outboundConnectors", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetReplicationResponse + var response ListOutboundConnectorsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/GetReplication" - err = common.PostProcessServiceError(err, "FileStorage", "GetReplication", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnectorSummary/ListOutboundConnectors" + err = common.PostProcessServiceError(err, "FileStorage", "ListOutboundConnectors", apiReferenceLink) return response, err } - err = common.UnmarshalResponse(httpResponse, &response) + err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &listoutboundconnectorsummary{}) return response, err } -// GetReplicationTarget Gets the specified replication target's information. +// ListReplicationTargets Lists the replication target resources in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetReplicationTarget.go.html to see an example of how to use GetReplicationTarget API. -func (client FileStorageClient) GetReplicationTarget(ctx context.Context, request GetReplicationTargetRequest) (response GetReplicationTargetResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListReplicationTargets.go.html to see an example of how to use ListReplicationTargets API. +func (client FileStorageClient) ListReplicationTargets(ctx context.Context, request ListReplicationTargetsRequest) (response ListReplicationTargetsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1840,42 +2828,42 @@ func (client FileStorageClient) GetReplicationTarget(ctx context.Context, reques if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getReplicationTarget, policy) + ociResponse, err = common.Retry(ctx, request, client.listReplicationTargets, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetReplicationTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListReplicationTargetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetReplicationTargetResponse{} + response = ListReplicationTargetsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetReplicationTargetResponse); ok { + if convertedResponse, ok := ociResponse.(ListReplicationTargetsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetReplicationTargetResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListReplicationTargetsResponse") } return } -// getReplicationTarget implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getReplicationTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listReplicationTargets implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listReplicationTargets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/replicationTargets/{replicationTargetId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/replicationTargets", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetReplicationTargetResponse + var response ListReplicationTargetsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTarget/GetReplicationTarget" - err = common.PostProcessServiceError(err, "FileStorage", "GetReplicationTarget", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTargetSummary/ListReplicationTargets" + err = common.PostProcessServiceError(err, "FileStorage", "ListReplicationTargets", apiReferenceLink) return response, err } @@ -1883,12 +2871,12 @@ func (client FileStorageClient) getReplicationTarget(ctx context.Context, reques return response, err } -// GetSnapshot Gets the specified snapshot's information. +// ListReplications Lists the replication resources in the specified compartment. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/GetSnapshot.go.html to see an example of how to use GetSnapshot API. -func (client FileStorageClient) GetSnapshot(ctx context.Context, request GetSnapshotRequest) (response GetSnapshotResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListReplications.go.html to see an example of how to use ListReplications API. +func (client FileStorageClient) ListReplications(ctx context.Context, request ListReplicationsRequest) (response ListReplicationsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1897,42 +2885,42 @@ func (client FileStorageClient) GetSnapshot(ctx context.Context, request GetSnap if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.getSnapshot, policy) + ociResponse, err = common.Retry(ctx, request, client.listReplications, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = GetSnapshotResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListReplicationsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = GetSnapshotResponse{} + response = ListReplicationsResponse{} } } return } - if convertedResponse, ok := ociResponse.(GetSnapshotResponse); ok { + if convertedResponse, ok := ociResponse.(ListReplicationsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into GetSnapshotResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListReplicationsResponse") } return } -// getSnapshot implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) getSnapshot(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listReplications implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listReplications(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/snapshots/{snapshotId}", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/replications", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response GetSnapshotResponse + var response ListReplicationsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/GetSnapshot" - err = common.PostProcessServiceError(err, "FileStorage", "GetSnapshot", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationSummary/ListReplications" + err = common.PostProcessServiceError(err, "FileStorage", "ListReplications", apiReferenceLink) return response, err } @@ -1940,12 +2928,16 @@ func (client FileStorageClient) getSnapshot(ctx context.Context, request common. return response, err } -// ListExportSets Lists the export set resources in the specified compartment. +// ListSnapshots Lists snapshots of the specified file system, or by file system snapshot policy and compartment, +// or by file system snapshot policy and file system. +// If file system ID is not specified, a file system snapshot policy ID and compartment ID must be specified. +// Users can only sort by time created when listing snapshots by file system snapshot policy ID and compartment ID +// (sort by name is NOT supported for listing snapshots by policy and compartment). // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListExportSets.go.html to see an example of how to use ListExportSets API. -func (client FileStorageClient) ListExportSets(ctx context.Context, request ListExportSetsRequest) (response ListExportSetsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListSnapshots.go.html to see an example of how to use ListSnapshots API. +func (client FileStorageClient) ListSnapshots(ctx context.Context, request ListSnapshotsRequest) (response ListSnapshotsResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -1954,42 +2946,42 @@ func (client FileStorageClient) ListExportSets(ctx context.Context, request List if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listExportSets, policy) + ociResponse, err = common.Retry(ctx, request, client.listSnapshots, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListExportSetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ListSnapshotsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListExportSetsResponse{} + response = ListSnapshotsResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListExportSetsResponse); ok { + if convertedResponse, ok := ociResponse.(ListSnapshotsResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListExportSetsResponse") + err = fmt.Errorf("failed to convert OCIResponse into ListSnapshotsResponse") } return } -// listExportSets implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listExportSets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// listSnapshots implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) listSnapshots(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/exportSets", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodGet, "/snapshots", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListExportSetsResponse + var response ListSnapshotsResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSetSummary/ListExportSets" - err = common.PostProcessServiceError(err, "FileStorage", "ListExportSets", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/SnapshotSummary/ListSnapshots" + err = common.PostProcessServiceError(err, "FileStorage", "ListSnapshots", apiReferenceLink) return response, err } @@ -1997,14 +2989,16 @@ func (client FileStorageClient) listExportSets(ctx context.Context, request comm return response, err } -// ListExports Lists export resources by compartment, file system, or export -// set. You must specify an export set ID, a file system ID, and -// / or a compartment ID. +// PauseFilesystemSnapshotPolicy This operation pauses the scheduled snapshot creation and snapshot deletion of the policy and updates the lifecycle state of the file system +// snapshot policy from ACTIVE to INACTIVE. When a file system snapshot policy is paused, file systems that are associated with the +// policy will not have scheduled snapshots created or deleted. +// If the policy is already paused, or in the INACTIVE state, you cannot pause it again. You can't pause a policy +// that is in a DELETING, DELETED, FAILED, CREATING or INACTIVE state; attempts to pause a policy in these states result in a 409 conflict error. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListExports.go.html to see an example of how to use ListExports API. -func (client FileStorageClient) ListExports(ctx context.Context, request ListExportsRequest) (response ListExportsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/PauseFilesystemSnapshotPolicy.go.html to see an example of how to use PauseFilesystemSnapshotPolicy API. +func (client FileStorageClient) PauseFilesystemSnapshotPolicy(ctx context.Context, request PauseFilesystemSnapshotPolicyRequest) (response PauseFilesystemSnapshotPolicyResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2013,42 +3007,42 @@ func (client FileStorageClient) ListExports(ctx context.Context, request ListExp if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listExports, policy) + ociResponse, err = common.Retry(ctx, request, client.pauseFilesystemSnapshotPolicy, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListExportsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = PauseFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListExportsResponse{} + response = PauseFilesystemSnapshotPolicyResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListExportsResponse); ok { + if convertedResponse, ok := ociResponse.(PauseFilesystemSnapshotPolicyResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListExportsResponse") + err = fmt.Errorf("failed to convert OCIResponse into PauseFilesystemSnapshotPolicyResponse") } return } -// listExports implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listExports(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// pauseFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) pauseFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/exports", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/pause", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListExportsResponse + var response PauseFilesystemSnapshotPolicyResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ExportSummary/ListExports" - err = common.PostProcessServiceError(err, "FileStorage", "ListExports", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/PauseFilesystemSnapshotPolicy" + err = common.PostProcessServiceError(err, "FileStorage", "PauseFilesystemSnapshotPolicy", apiReferenceLink) return response, err } @@ -2056,13 +3050,12 @@ func (client FileStorageClient) listExports(ctx context.Context, request common. return response, err } -// ListFileSystems Lists the file system resources in the specified compartment, or by the specified compartment and -// file system snapshot policy. +// RemoveExportLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListFileSystems.go.html to see an example of how to use ListFileSystems API. -func (client FileStorageClient) ListFileSystems(ctx context.Context, request ListFileSystemsRequest) (response ListFileSystemsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveExportLock.go.html to see an example of how to use RemoveExportLock API. +func (client FileStorageClient) RemoveExportLock(ctx context.Context, request RemoveExportLockRequest) (response RemoveExportLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2071,42 +3064,42 @@ func (client FileStorageClient) ListFileSystems(ctx context.Context, request Lis if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listFileSystems, policy) + ociResponse, err = common.Retry(ctx, request, client.removeExportLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListFileSystemsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveExportLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListFileSystemsResponse{} + response = RemoveExportLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListFileSystemsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveExportLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListFileSystemsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveExportLockResponse") } return } -// listFileSystems implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listFileSystems(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeExportLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeExportLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/fileSystems", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/exports/{exportId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListFileSystemsResponse + var response RemoveExportLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystemSummary/ListFileSystems" - err = common.PostProcessServiceError(err, "FileStorage", "ListFileSystems", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Export/RemoveExportLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveExportLock", apiReferenceLink) return response, err } @@ -2114,12 +3107,12 @@ func (client FileStorageClient) listFileSystems(ctx context.Context, request com return response, err } -// ListFilesystemSnapshotPolicies Lists file system snapshot policies in the specified compartment. +// RemoveFileSystemLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListFilesystemSnapshotPolicies.go.html to see an example of how to use ListFilesystemSnapshotPolicies API. -func (client FileStorageClient) ListFilesystemSnapshotPolicies(ctx context.Context, request ListFilesystemSnapshotPoliciesRequest) (response ListFilesystemSnapshotPoliciesResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveFileSystemLock.go.html to see an example of how to use RemoveFileSystemLock API. +func (client FileStorageClient) RemoveFileSystemLock(ctx context.Context, request RemoveFileSystemLockRequest) (response RemoveFileSystemLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2128,42 +3121,42 @@ func (client FileStorageClient) ListFilesystemSnapshotPolicies(ctx context.Conte if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listFilesystemSnapshotPolicies, policy) + ociResponse, err = common.Retry(ctx, request, client.removeFileSystemLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListFilesystemSnapshotPoliciesResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveFileSystemLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListFilesystemSnapshotPoliciesResponse{} + response = RemoveFileSystemLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListFilesystemSnapshotPoliciesResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveFileSystemLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListFilesystemSnapshotPoliciesResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveFileSystemLockResponse") } return } -// listFilesystemSnapshotPolicies implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listFilesystemSnapshotPolicies(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeFileSystemLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeFileSystemLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/filesystemSnapshotPolicies", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/fileSystems/{fileSystemId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListFilesystemSnapshotPoliciesResponse + var response RemoveFileSystemLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicySummary/ListFilesystemSnapshotPolicies" - err = common.PostProcessServiceError(err, "FileStorage", "ListFilesystemSnapshotPolicies", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FileSystem/RemoveFileSystemLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveFileSystemLock", apiReferenceLink) return response, err } @@ -2171,12 +3164,12 @@ func (client FileStorageClient) listFilesystemSnapshotPolicies(ctx context.Conte return response, err } -// ListMountTargets Lists the mount target resources in the specified compartment. +// RemoveFilesystemSnapshotPolicyLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListMountTargets.go.html to see an example of how to use ListMountTargets API. -func (client FileStorageClient) ListMountTargets(ctx context.Context, request ListMountTargetsRequest) (response ListMountTargetsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveFilesystemSnapshotPolicyLock.go.html to see an example of how to use RemoveFilesystemSnapshotPolicyLock API. +func (client FileStorageClient) RemoveFilesystemSnapshotPolicyLock(ctx context.Context, request RemoveFilesystemSnapshotPolicyLockRequest) (response RemoveFilesystemSnapshotPolicyLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2185,42 +3178,42 @@ func (client FileStorageClient) ListMountTargets(ctx context.Context, request Li if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listMountTargets, policy) + ociResponse, err = common.Retry(ctx, request, client.removeFilesystemSnapshotPolicyLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListMountTargetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveFilesystemSnapshotPolicyLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListMountTargetsResponse{} + response = RemoveFilesystemSnapshotPolicyLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListMountTargetsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveFilesystemSnapshotPolicyLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListMountTargetsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveFilesystemSnapshotPolicyLockResponse") } return } -// listMountTargets implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listMountTargets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeFilesystemSnapshotPolicyLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeFilesystemSnapshotPolicyLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/mountTargets", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListMountTargetsResponse + var response RemoveFilesystemSnapshotPolicyLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTargetSummary/ListMountTargets" - err = common.PostProcessServiceError(err, "FileStorage", "ListMountTargets", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/RemoveFilesystemSnapshotPolicyLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveFilesystemSnapshotPolicyLock", apiReferenceLink) return response, err } @@ -2228,28 +3221,12 @@ func (client FileStorageClient) listMountTargets(ctx context.Context, request co return response, err } -// listoutboundconnectorsummary allows to unmarshal list of polymorphic OutboundConnectorSummary -type listoutboundconnectorsummary []outboundconnectorsummary - -// UnmarshalPolymorphicJSON unmarshals polymorphic json list of items -func (m *listoutboundconnectorsummary) UnmarshalPolymorphicJSON(data []byte) (interface{}, error) { - res := make([]OutboundConnectorSummary, len(*m)) - for i, v := range *m { - nn, err := v.UnmarshalPolymorphicJSON(v.JsonData) - if err != nil { - return nil, err - } - res[i] = nn.(OutboundConnectorSummary) - } - return res, nil -} - -// ListOutboundConnectors Lists the outbound connector resources in the specified compartment. +// RemoveMountTargetLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListOutboundConnectors.go.html to see an example of how to use ListOutboundConnectors API. -func (client FileStorageClient) ListOutboundConnectors(ctx context.Context, request ListOutboundConnectorsRequest) (response ListOutboundConnectorsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveMountTargetLock.go.html to see an example of how to use RemoveMountTargetLock API. +func (client FileStorageClient) RemoveMountTargetLock(ctx context.Context, request RemoveMountTargetLockRequest) (response RemoveMountTargetLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2258,55 +3235,55 @@ func (client FileStorageClient) ListOutboundConnectors(ctx context.Context, requ if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listOutboundConnectors, policy) + ociResponse, err = common.Retry(ctx, request, client.removeMountTargetLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListOutboundConnectorsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveMountTargetLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListOutboundConnectorsResponse{} + response = RemoveMountTargetLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListOutboundConnectorsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveMountTargetLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListOutboundConnectorsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveMountTargetLockResponse") } return } -// listOutboundConnectors implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listOutboundConnectors(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeMountTargetLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeMountTargetLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/outboundConnectors", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListOutboundConnectorsResponse + var response RemoveMountTargetLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnectorSummary/ListOutboundConnectors" - err = common.PostProcessServiceError(err, "FileStorage", "ListOutboundConnectors", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/RemoveMountTargetLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveMountTargetLock", apiReferenceLink) return response, err } - err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &listoutboundconnectorsummary{}) + err = common.UnmarshalResponse(httpResponse, &response) return response, err } -// ListReplicationTargets Lists the replication target resources in the specified compartment. +// RemoveOutboundConnectorLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListReplicationTargets.go.html to see an example of how to use ListReplicationTargets API. -func (client FileStorageClient) ListReplicationTargets(ctx context.Context, request ListReplicationTargetsRequest) (response ListReplicationTargetsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveOutboundConnectorLock.go.html to see an example of how to use RemoveOutboundConnectorLock API. +func (client FileStorageClient) RemoveOutboundConnectorLock(ctx context.Context, request RemoveOutboundConnectorLockRequest) (response RemoveOutboundConnectorLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2315,55 +3292,55 @@ func (client FileStorageClient) ListReplicationTargets(ctx context.Context, requ if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listReplicationTargets, policy) + ociResponse, err = common.Retry(ctx, request, client.removeOutboundConnectorLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListReplicationTargetsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveOutboundConnectorLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListReplicationTargetsResponse{} + response = RemoveOutboundConnectorLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListReplicationTargetsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveOutboundConnectorLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListReplicationTargetsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveOutboundConnectorLockResponse") } return } -// listReplicationTargets implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listReplicationTargets(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeOutboundConnectorLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeOutboundConnectorLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/replicationTargets", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/outboundConnectors/{outboundConnectorId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListReplicationTargetsResponse + var response RemoveOutboundConnectorLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationTargetSummary/ListReplicationTargets" - err = common.PostProcessServiceError(err, "FileStorage", "ListReplicationTargets", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/OutboundConnector/RemoveOutboundConnectorLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveOutboundConnectorLock", apiReferenceLink) return response, err } - err = common.UnmarshalResponse(httpResponse, &response) + err = common.UnmarshalResponseWithPolymorphicBody(httpResponse, &response, &outboundconnector{}) return response, err } -// ListReplications Lists the replication resources in the specified compartment. +// RemoveReplicationLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListReplications.go.html to see an example of how to use ListReplications API. -func (client FileStorageClient) ListReplications(ctx context.Context, request ListReplicationsRequest) (response ListReplicationsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveReplicationLock.go.html to see an example of how to use RemoveReplicationLock API. +func (client FileStorageClient) RemoveReplicationLock(ctx context.Context, request RemoveReplicationLockRequest) (response RemoveReplicationLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2372,42 +3349,42 @@ func (client FileStorageClient) ListReplications(ctx context.Context, request Li if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listReplications, policy) + ociResponse, err = common.Retry(ctx, request, client.removeReplicationLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListReplicationsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveReplicationLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListReplicationsResponse{} + response = RemoveReplicationLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListReplicationsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveReplicationLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListReplicationsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveReplicationLockResponse") } return } -// listReplications implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listReplications(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeReplicationLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeReplicationLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/replications", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/replications/{replicationId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListReplicationsResponse + var response RemoveReplicationLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/ReplicationSummary/ListReplications" - err = common.PostProcessServiceError(err, "FileStorage", "ListReplications", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Replication/RemoveReplicationLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveReplicationLock", apiReferenceLink) return response, err } @@ -2415,16 +3392,12 @@ func (client FileStorageClient) listReplications(ctx context.Context, request co return response, err } -// ListSnapshots Lists snapshots of the specified file system, or by file system snapshot policy and compartment, -// or by file system snapshot policy and file system. -// If file system ID is not specified, a file system snapshot policy ID and compartment ID must be specified. -// Users can only sort by time created when listing snapshots by file system snapshot policy ID and compartment ID -// (sort by name is NOT supported for listing snapshots by policy and compartment). +// RemoveSnapshotLock Removes a lock to a resource. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ListSnapshots.go.html to see an example of how to use ListSnapshots API. -func (client FileStorageClient) ListSnapshots(ctx context.Context, request ListSnapshotsRequest) (response ListSnapshotsResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveSnapshotLock.go.html to see an example of how to use RemoveSnapshotLock API. +func (client FileStorageClient) RemoveSnapshotLock(ctx context.Context, request RemoveSnapshotLockRequest) (response RemoveSnapshotLockResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2433,42 +3406,42 @@ func (client FileStorageClient) ListSnapshots(ctx context.Context, request ListS if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.listSnapshots, policy) + ociResponse, err = common.Retry(ctx, request, client.removeSnapshotLock, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = ListSnapshotsResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = RemoveSnapshotLockResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = ListSnapshotsResponse{} + response = RemoveSnapshotLockResponse{} } } return } - if convertedResponse, ok := ociResponse.(ListSnapshotsResponse); ok { + if convertedResponse, ok := ociResponse.(RemoveSnapshotLockResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into ListSnapshotsResponse") + err = fmt.Errorf("failed to convert OCIResponse into RemoveSnapshotLockResponse") } return } -// listSnapshots implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) listSnapshots(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// removeSnapshotLock implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) removeSnapshotLock(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodGet, "/snapshots", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/snapshots/{snapshotId}/actions/removeLock", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response ListSnapshotsResponse + var response RemoveSnapshotLockResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/SnapshotSummary/ListSnapshots" - err = common.PostProcessServiceError(err, "FileStorage", "ListSnapshots", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/Snapshot/RemoveSnapshotLock" + err = common.PostProcessServiceError(err, "FileStorage", "RemoveSnapshotLock", apiReferenceLink) return response, err } @@ -2476,16 +3449,12 @@ func (client FileStorageClient) listSnapshots(ctx context.Context, request commo return response, err } -// PauseFilesystemSnapshotPolicy This operation pauses the scheduled snapshot creation and snapshot deletion of the policy and updates the lifecycle state of the file system -// snapshot policy from ACTIVE to INACTIVE. When a file system snapshot policy is paused, file systems that are associated with the -// policy will not have scheduled snapshots created or deleted. -// If the policy is already paused, or in the INACTIVE state, you cannot pause it again. You can't pause a policy -// that is in a DELETING, DELETED, FAILED, CREATING or INACTIVE state; attempts to pause a policy in these states result in a 409 conflict error. +// ScheduleDowngradeShapeMountTarget Schedule a downgrade shape of the mount target. // // # See also // -// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/PauseFilesystemSnapshotPolicy.go.html to see an example of how to use PauseFilesystemSnapshotPolicy API. -func (client FileStorageClient) PauseFilesystemSnapshotPolicy(ctx context.Context, request PauseFilesystemSnapshotPolicyRequest) (response PauseFilesystemSnapshotPolicyResponse, err error) { +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ScheduleDowngradeShapeMountTarget.go.html to see an example of how to use ScheduleDowngradeShapeMountTarget API. +func (client FileStorageClient) ScheduleDowngradeShapeMountTarget(ctx context.Context, request ScheduleDowngradeShapeMountTargetRequest) (response ScheduleDowngradeShapeMountTargetResponse, err error) { var ociResponse common.OCIResponse policy := common.NoRetryPolicy() if client.RetryPolicy() != nil { @@ -2494,42 +3463,42 @@ func (client FileStorageClient) PauseFilesystemSnapshotPolicy(ctx context.Contex if request.RetryPolicy() != nil { policy = *request.RetryPolicy() } - ociResponse, err = common.Retry(ctx, request, client.pauseFilesystemSnapshotPolicy, policy) + ociResponse, err = common.Retry(ctx, request, client.scheduleDowngradeShapeMountTarget, policy) if err != nil { if ociResponse != nil { if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { opcRequestId := httpResponse.Header.Get("opc-request-id") - response = PauseFilesystemSnapshotPolicyResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + response = ScheduleDowngradeShapeMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} } else { - response = PauseFilesystemSnapshotPolicyResponse{} + response = ScheduleDowngradeShapeMountTargetResponse{} } } return } - if convertedResponse, ok := ociResponse.(PauseFilesystemSnapshotPolicyResponse); ok { + if convertedResponse, ok := ociResponse.(ScheduleDowngradeShapeMountTargetResponse); ok { response = convertedResponse } else { - err = fmt.Errorf("failed to convert OCIResponse into PauseFilesystemSnapshotPolicyResponse") + err = fmt.Errorf("failed to convert OCIResponse into ScheduleDowngradeShapeMountTargetResponse") } return } -// pauseFilesystemSnapshotPolicy implements the OCIOperation interface (enables retrying operations) -func (client FileStorageClient) pauseFilesystemSnapshotPolicy(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { +// scheduleDowngradeShapeMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) scheduleDowngradeShapeMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { - httpRequest, err := request.HTTPRequest(http.MethodPost, "/filesystemSnapshotPolicies/{filesystemSnapshotPolicyId}/actions/pause", binaryReqBody, extraHeaders) + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/scheduleShapeDowngrade", binaryReqBody, extraHeaders) if err != nil { return nil, err } - var response PauseFilesystemSnapshotPolicyResponse + var response ScheduleDowngradeShapeMountTargetResponse var httpResponse *http.Response httpResponse, err = client.Call(ctx, &httpRequest) defer common.CloseBodyIfValid(httpResponse) response.RawResponse = httpResponse if err != nil { - apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/FilesystemSnapshotPolicy/PauseFilesystemSnapshotPolicy" - err = common.PostProcessServiceError(err, "FileStorage", "PauseFilesystemSnapshotPolicy", apiReferenceLink) + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/ScheduleDowngradeShapeMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "ScheduleDowngradeShapeMountTarget", apiReferenceLink) return response, err } @@ -3054,6 +4023,63 @@ func (client FileStorageClient) updateSnapshot(ctx context.Context, request comm return response, err } +// UpgradeShapeMountTarget Upgrade shape request for mount target. +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/UpgradeShapeMountTarget.go.html to see an example of how to use UpgradeShapeMountTarget API. +func (client FileStorageClient) UpgradeShapeMountTarget(ctx context.Context, request UpgradeShapeMountTargetRequest) (response UpgradeShapeMountTargetResponse, err error) { + var ociResponse common.OCIResponse + policy := common.NoRetryPolicy() + if client.RetryPolicy() != nil { + policy = *client.RetryPolicy() + } + if request.RetryPolicy() != nil { + policy = *request.RetryPolicy() + } + ociResponse, err = common.Retry(ctx, request, client.upgradeShapeMountTarget, policy) + if err != nil { + if ociResponse != nil { + if httpResponse := ociResponse.HTTPResponse(); httpResponse != nil { + opcRequestId := httpResponse.Header.Get("opc-request-id") + response = UpgradeShapeMountTargetResponse{RawResponse: httpResponse, OpcRequestId: &opcRequestId} + } else { + response = UpgradeShapeMountTargetResponse{} + } + } + return + } + if convertedResponse, ok := ociResponse.(UpgradeShapeMountTargetResponse); ok { + response = convertedResponse + } else { + err = fmt.Errorf("failed to convert OCIResponse into UpgradeShapeMountTargetResponse") + } + return +} + +// upgradeShapeMountTarget implements the OCIOperation interface (enables retrying operations) +func (client FileStorageClient) upgradeShapeMountTarget(ctx context.Context, request common.OCIRequest, binaryReqBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (common.OCIResponse, error) { + + httpRequest, err := request.HTTPRequest(http.MethodPost, "/mountTargets/{mountTargetId}/actions/upgradeShape", binaryReqBody, extraHeaders) + if err != nil { + return nil, err + } + + var response UpgradeShapeMountTargetResponse + var httpResponse *http.Response + httpResponse, err = client.Call(ctx, &httpRequest) + defer common.CloseBodyIfValid(httpResponse) + response.RawResponse = httpResponse + if err != nil { + apiReferenceLink := "https://docs.oracle.com/iaas/api/#/en/filestorage/20171215/MountTarget/UpgradeShapeMountTarget" + err = common.PostProcessServiceError(err, "FileStorage", "UpgradeShapeMountTarget", apiReferenceLink) + return response, err + } + + err = common.UnmarshalResponse(httpResponse, &response) + return response, err +} + // ValidateKeyTabs Validates keytab contents for the secret details passed on the request or validte keytab contents associated with // the mount target passed in the request. The keytabs are deserialized, the contents are validated for compatibility // and the principal, key version number and encryption type of each entry is provided as part of the response. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy.go index 97898ea941..3f7407aac5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy.go @@ -53,6 +53,9 @@ type FilesystemSnapshotPolicy struct { // The list of associated snapshot schedules. A maximum of 10 schedules can be associated with a policy. Schedules []SnapshotSchedule `mandatory:"false" json:"schedules"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy_summary.go index 188b892f27..e71c3268fd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/filesystem_snapshot_policy_summary.go @@ -42,6 +42,9 @@ type FilesystemSnapshotPolicySummary struct { // Example: `My Filesystem Snapshot Policy` DisplayName *string `mandatory:"false" json:"displayName"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // The prefix to apply to all snapshots created by this policy. // Example: `acme` PolicyPrefix *string `mandatory:"false" json:"policyPrefix"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account.go index 3668e1fe40..ff6dab2133 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account.go @@ -47,6 +47,9 @@ type LdapBindAccount struct { // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"false" json:"availabilityDomain"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -98,6 +101,11 @@ func (m LdapBindAccount) GetTimeCreated() *common.SDKTime { return m.TimeCreated } +// GetLocks returns Locks +func (m LdapBindAccount) GetLocks() []ResourceLock { + return m.Locks +} + // GetFreeformTags returns FreeformTags func (m LdapBindAccount) GetFreeformTags() map[string]string { return m.FreeformTags diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account_summary.go index 6bfd487232..32dff3d6f7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/ldap_bind_account_summary.go @@ -47,6 +47,9 @@ type LdapBindAccountSummary struct { // Example: `Uocm:PHX-AD-1` AvailabilityDomain *string `mandatory:"false" json:"availabilityDomain"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -92,6 +95,11 @@ func (m LdapBindAccountSummary) GetTimeCreated() *common.SDKTime { return m.TimeCreated } +// GetLocks returns Locks +func (m LdapBindAccountSummary) GetLocks() []ResourceLock { + return m.Locks +} + // GetFreeformTags returns FreeformTags func (m LdapBindAccountSummary) GetFreeformTags() map[string]string { return m.FreeformTags diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_export_sets_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_export_sets_request_response.go index a20ade7b3b..e89b223dad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_export_sets_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_export_sets_request_response.go @@ -27,7 +27,7 @@ type ListExportSetsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -154,6 +154,7 @@ type ListExportSetsLifecycleStateEnum string const ( ListExportSetsLifecycleStateCreating ListExportSetsLifecycleStateEnum = "CREATING" ListExportSetsLifecycleStateActive ListExportSetsLifecycleStateEnum = "ACTIVE" + ListExportSetsLifecycleStateUpdating ListExportSetsLifecycleStateEnum = "UPDATING" ListExportSetsLifecycleStateDeleting ListExportSetsLifecycleStateEnum = "DELETING" ListExportSetsLifecycleStateDeleted ListExportSetsLifecycleStateEnum = "DELETED" ListExportSetsLifecycleStateFailed ListExportSetsLifecycleStateEnum = "FAILED" @@ -162,6 +163,7 @@ const ( var mappingListExportSetsLifecycleStateEnum = map[string]ListExportSetsLifecycleStateEnum{ "CREATING": ListExportSetsLifecycleStateCreating, "ACTIVE": ListExportSetsLifecycleStateActive, + "UPDATING": ListExportSetsLifecycleStateUpdating, "DELETING": ListExportSetsLifecycleStateDeleting, "DELETED": ListExportSetsLifecycleStateDeleted, "FAILED": ListExportSetsLifecycleStateFailed, @@ -170,6 +172,7 @@ var mappingListExportSetsLifecycleStateEnum = map[string]ListExportSetsLifecycle var mappingListExportSetsLifecycleStateEnumLowerCase = map[string]ListExportSetsLifecycleStateEnum{ "creating": ListExportSetsLifecycleStateCreating, "active": ListExportSetsLifecycleStateActive, + "updating": ListExportSetsLifecycleStateUpdating, "deleting": ListExportSetsLifecycleStateDeleting, "deleted": ListExportSetsLifecycleStateDeleted, "failed": ListExportSetsLifecycleStateFailed, @@ -189,6 +192,7 @@ func GetListExportSetsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_exports_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_exports_request_response.go index 84e1aac026..49fac638ee 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_exports_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_exports_request_response.go @@ -23,7 +23,7 @@ type ListExportsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -152,6 +152,7 @@ type ListExportsLifecycleStateEnum string const ( ListExportsLifecycleStateCreating ListExportsLifecycleStateEnum = "CREATING" ListExportsLifecycleStateActive ListExportsLifecycleStateEnum = "ACTIVE" + ListExportsLifecycleStateUpdating ListExportsLifecycleStateEnum = "UPDATING" ListExportsLifecycleStateDeleting ListExportsLifecycleStateEnum = "DELETING" ListExportsLifecycleStateDeleted ListExportsLifecycleStateEnum = "DELETED" ListExportsLifecycleStateFailed ListExportsLifecycleStateEnum = "FAILED" @@ -160,6 +161,7 @@ const ( var mappingListExportsLifecycleStateEnum = map[string]ListExportsLifecycleStateEnum{ "CREATING": ListExportsLifecycleStateCreating, "ACTIVE": ListExportsLifecycleStateActive, + "UPDATING": ListExportsLifecycleStateUpdating, "DELETING": ListExportsLifecycleStateDeleting, "DELETED": ListExportsLifecycleStateDeleted, "FAILED": ListExportsLifecycleStateFailed, @@ -168,6 +170,7 @@ var mappingListExportsLifecycleStateEnum = map[string]ListExportsLifecycleStateE var mappingListExportsLifecycleStateEnumLowerCase = map[string]ListExportsLifecycleStateEnum{ "creating": ListExportsLifecycleStateCreating, "active": ListExportsLifecycleStateActive, + "updating": ListExportsLifecycleStateUpdating, "deleting": ListExportsLifecycleStateDeleting, "deleted": ListExportsLifecycleStateDeleted, "failed": ListExportsLifecycleStateFailed, @@ -187,6 +190,7 @@ func GetListExportsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_file_systems_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_file_systems_request_response.go index bed1d84973..856d7d5d01 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_file_systems_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_file_systems_request_response.go @@ -27,7 +27,7 @@ type ListFileSystemsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -164,6 +164,7 @@ type ListFileSystemsLifecycleStateEnum string const ( ListFileSystemsLifecycleStateCreating ListFileSystemsLifecycleStateEnum = "CREATING" ListFileSystemsLifecycleStateActive ListFileSystemsLifecycleStateEnum = "ACTIVE" + ListFileSystemsLifecycleStateUpdating ListFileSystemsLifecycleStateEnum = "UPDATING" ListFileSystemsLifecycleStateDeleting ListFileSystemsLifecycleStateEnum = "DELETING" ListFileSystemsLifecycleStateDeleted ListFileSystemsLifecycleStateEnum = "DELETED" ListFileSystemsLifecycleStateFailed ListFileSystemsLifecycleStateEnum = "FAILED" @@ -172,6 +173,7 @@ const ( var mappingListFileSystemsLifecycleStateEnum = map[string]ListFileSystemsLifecycleStateEnum{ "CREATING": ListFileSystemsLifecycleStateCreating, "ACTIVE": ListFileSystemsLifecycleStateActive, + "UPDATING": ListFileSystemsLifecycleStateUpdating, "DELETING": ListFileSystemsLifecycleStateDeleting, "DELETED": ListFileSystemsLifecycleStateDeleted, "FAILED": ListFileSystemsLifecycleStateFailed, @@ -180,6 +182,7 @@ var mappingListFileSystemsLifecycleStateEnum = map[string]ListFileSystemsLifecyc var mappingListFileSystemsLifecycleStateEnumLowerCase = map[string]ListFileSystemsLifecycleStateEnum{ "creating": ListFileSystemsLifecycleStateCreating, "active": ListFileSystemsLifecycleStateActive, + "updating": ListFileSystemsLifecycleStateUpdating, "deleting": ListFileSystemsLifecycleStateDeleting, "deleted": ListFileSystemsLifecycleStateDeleted, "failed": ListFileSystemsLifecycleStateFailed, @@ -199,6 +202,7 @@ func GetListFileSystemsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_filesystem_snapshot_policies_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_filesystem_snapshot_policies_request_response.go index ede7048daf..ab4b8fd53d 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_filesystem_snapshot_policies_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_filesystem_snapshot_policies_request_response.go @@ -27,7 +27,7 @@ type ListFilesystemSnapshotPoliciesRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_mount_targets_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_mount_targets_request_response.go index 903c4c8f04..b33852c919 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_mount_targets_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_mount_targets_request_response.go @@ -27,7 +27,7 @@ type ListMountTargetsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -157,6 +157,7 @@ type ListMountTargetsLifecycleStateEnum string const ( ListMountTargetsLifecycleStateCreating ListMountTargetsLifecycleStateEnum = "CREATING" ListMountTargetsLifecycleStateActive ListMountTargetsLifecycleStateEnum = "ACTIVE" + ListMountTargetsLifecycleStateUpdating ListMountTargetsLifecycleStateEnum = "UPDATING" ListMountTargetsLifecycleStateDeleting ListMountTargetsLifecycleStateEnum = "DELETING" ListMountTargetsLifecycleStateDeleted ListMountTargetsLifecycleStateEnum = "DELETED" ListMountTargetsLifecycleStateFailed ListMountTargetsLifecycleStateEnum = "FAILED" @@ -165,6 +166,7 @@ const ( var mappingListMountTargetsLifecycleStateEnum = map[string]ListMountTargetsLifecycleStateEnum{ "CREATING": ListMountTargetsLifecycleStateCreating, "ACTIVE": ListMountTargetsLifecycleStateActive, + "UPDATING": ListMountTargetsLifecycleStateUpdating, "DELETING": ListMountTargetsLifecycleStateDeleting, "DELETED": ListMountTargetsLifecycleStateDeleted, "FAILED": ListMountTargetsLifecycleStateFailed, @@ -173,6 +175,7 @@ var mappingListMountTargetsLifecycleStateEnum = map[string]ListMountTargetsLifec var mappingListMountTargetsLifecycleStateEnumLowerCase = map[string]ListMountTargetsLifecycleStateEnum{ "creating": ListMountTargetsLifecycleStateCreating, "active": ListMountTargetsLifecycleStateActive, + "updating": ListMountTargetsLifecycleStateUpdating, "deleting": ListMountTargetsLifecycleStateDeleting, "deleted": ListMountTargetsLifecycleStateDeleted, "failed": ListMountTargetsLifecycleStateFailed, @@ -192,6 +195,7 @@ func GetListMountTargetsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_outbound_connectors_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_outbound_connectors_request_response.go index ae62304ddc..d054125987 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_outbound_connectors_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_outbound_connectors_request_response.go @@ -27,7 +27,7 @@ type ListOutboundConnectorsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -154,6 +154,7 @@ type ListOutboundConnectorsLifecycleStateEnum string const ( ListOutboundConnectorsLifecycleStateCreating ListOutboundConnectorsLifecycleStateEnum = "CREATING" ListOutboundConnectorsLifecycleStateActive ListOutboundConnectorsLifecycleStateEnum = "ACTIVE" + ListOutboundConnectorsLifecycleStateUpdating ListOutboundConnectorsLifecycleStateEnum = "UPDATING" ListOutboundConnectorsLifecycleStateDeleting ListOutboundConnectorsLifecycleStateEnum = "DELETING" ListOutboundConnectorsLifecycleStateDeleted ListOutboundConnectorsLifecycleStateEnum = "DELETED" ListOutboundConnectorsLifecycleStateFailed ListOutboundConnectorsLifecycleStateEnum = "FAILED" @@ -162,6 +163,7 @@ const ( var mappingListOutboundConnectorsLifecycleStateEnum = map[string]ListOutboundConnectorsLifecycleStateEnum{ "CREATING": ListOutboundConnectorsLifecycleStateCreating, "ACTIVE": ListOutboundConnectorsLifecycleStateActive, + "UPDATING": ListOutboundConnectorsLifecycleStateUpdating, "DELETING": ListOutboundConnectorsLifecycleStateDeleting, "DELETED": ListOutboundConnectorsLifecycleStateDeleted, "FAILED": ListOutboundConnectorsLifecycleStateFailed, @@ -170,6 +172,7 @@ var mappingListOutboundConnectorsLifecycleStateEnum = map[string]ListOutboundCon var mappingListOutboundConnectorsLifecycleStateEnumLowerCase = map[string]ListOutboundConnectorsLifecycleStateEnum{ "creating": ListOutboundConnectorsLifecycleStateCreating, "active": ListOutboundConnectorsLifecycleStateActive, + "updating": ListOutboundConnectorsLifecycleStateUpdating, "deleting": ListOutboundConnectorsLifecycleStateDeleting, "deleted": ListOutboundConnectorsLifecycleStateDeleted, "failed": ListOutboundConnectorsLifecycleStateFailed, @@ -189,6 +192,7 @@ func GetListOutboundConnectorsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replication_targets_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replication_targets_request_response.go index 7799d06081..b2198900b8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replication_targets_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replication_targets_request_response.go @@ -27,7 +27,7 @@ type ListReplicationTargetsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -154,6 +154,7 @@ type ListReplicationTargetsLifecycleStateEnum string const ( ListReplicationTargetsLifecycleStateCreating ListReplicationTargetsLifecycleStateEnum = "CREATING" ListReplicationTargetsLifecycleStateActive ListReplicationTargetsLifecycleStateEnum = "ACTIVE" + ListReplicationTargetsLifecycleStateUpdating ListReplicationTargetsLifecycleStateEnum = "UPDATING" ListReplicationTargetsLifecycleStateDeleting ListReplicationTargetsLifecycleStateEnum = "DELETING" ListReplicationTargetsLifecycleStateDeleted ListReplicationTargetsLifecycleStateEnum = "DELETED" ListReplicationTargetsLifecycleStateFailed ListReplicationTargetsLifecycleStateEnum = "FAILED" @@ -162,6 +163,7 @@ const ( var mappingListReplicationTargetsLifecycleStateEnum = map[string]ListReplicationTargetsLifecycleStateEnum{ "CREATING": ListReplicationTargetsLifecycleStateCreating, "ACTIVE": ListReplicationTargetsLifecycleStateActive, + "UPDATING": ListReplicationTargetsLifecycleStateUpdating, "DELETING": ListReplicationTargetsLifecycleStateDeleting, "DELETED": ListReplicationTargetsLifecycleStateDeleted, "FAILED": ListReplicationTargetsLifecycleStateFailed, @@ -170,6 +172,7 @@ var mappingListReplicationTargetsLifecycleStateEnum = map[string]ListReplication var mappingListReplicationTargetsLifecycleStateEnumLowerCase = map[string]ListReplicationTargetsLifecycleStateEnum{ "creating": ListReplicationTargetsLifecycleStateCreating, "active": ListReplicationTargetsLifecycleStateActive, + "updating": ListReplicationTargetsLifecycleStateUpdating, "deleting": ListReplicationTargetsLifecycleStateDeleting, "deleted": ListReplicationTargetsLifecycleStateDeleted, "failed": ListReplicationTargetsLifecycleStateFailed, @@ -189,6 +192,7 @@ func GetListReplicationTargetsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replications_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replications_request_response.go index 4cacc7f90a..5ddf9c398c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replications_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_replications_request_response.go @@ -27,7 +27,7 @@ type ListReplicationsRequest struct { // For list pagination. The maximum number of results per page, // or items to return in a paginated "List" call. - // 1 is the minimum, 1000 is the maximum. + // 1 is the minimum, 4096 is the maximum. // For important details about how pagination works, // see List Pagination (https://docs.cloud.oracle.com/iaas/Content/API/Concepts/usingapi.htm#nine). // Example: `500` @@ -157,6 +157,7 @@ type ListReplicationsLifecycleStateEnum string const ( ListReplicationsLifecycleStateCreating ListReplicationsLifecycleStateEnum = "CREATING" ListReplicationsLifecycleStateActive ListReplicationsLifecycleStateEnum = "ACTIVE" + ListReplicationsLifecycleStateUpdating ListReplicationsLifecycleStateEnum = "UPDATING" ListReplicationsLifecycleStateDeleting ListReplicationsLifecycleStateEnum = "DELETING" ListReplicationsLifecycleStateDeleted ListReplicationsLifecycleStateEnum = "DELETED" ListReplicationsLifecycleStateFailed ListReplicationsLifecycleStateEnum = "FAILED" @@ -165,6 +166,7 @@ const ( var mappingListReplicationsLifecycleStateEnum = map[string]ListReplicationsLifecycleStateEnum{ "CREATING": ListReplicationsLifecycleStateCreating, "ACTIVE": ListReplicationsLifecycleStateActive, + "UPDATING": ListReplicationsLifecycleStateUpdating, "DELETING": ListReplicationsLifecycleStateDeleting, "DELETED": ListReplicationsLifecycleStateDeleted, "FAILED": ListReplicationsLifecycleStateFailed, @@ -173,6 +175,7 @@ var mappingListReplicationsLifecycleStateEnum = map[string]ListReplicationsLifec var mappingListReplicationsLifecycleStateEnumLowerCase = map[string]ListReplicationsLifecycleStateEnum{ "creating": ListReplicationsLifecycleStateCreating, "active": ListReplicationsLifecycleStateActive, + "updating": ListReplicationsLifecycleStateUpdating, "deleting": ListReplicationsLifecycleStateDeleting, "deleted": ListReplicationsLifecycleStateDeleted, "failed": ListReplicationsLifecycleStateFailed, @@ -192,6 +195,7 @@ func GetListReplicationsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_snapshots_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_snapshots_request_response.go index c283b2d6ec..1b896654fa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_snapshots_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/list_snapshots_request_response.go @@ -144,6 +144,7 @@ type ListSnapshotsLifecycleStateEnum string const ( ListSnapshotsLifecycleStateCreating ListSnapshotsLifecycleStateEnum = "CREATING" ListSnapshotsLifecycleStateActive ListSnapshotsLifecycleStateEnum = "ACTIVE" + ListSnapshotsLifecycleStateUpdating ListSnapshotsLifecycleStateEnum = "UPDATING" ListSnapshotsLifecycleStateDeleting ListSnapshotsLifecycleStateEnum = "DELETING" ListSnapshotsLifecycleStateDeleted ListSnapshotsLifecycleStateEnum = "DELETED" ListSnapshotsLifecycleStateFailed ListSnapshotsLifecycleStateEnum = "FAILED" @@ -152,6 +153,7 @@ const ( var mappingListSnapshotsLifecycleStateEnum = map[string]ListSnapshotsLifecycleStateEnum{ "CREATING": ListSnapshotsLifecycleStateCreating, "ACTIVE": ListSnapshotsLifecycleStateActive, + "UPDATING": ListSnapshotsLifecycleStateUpdating, "DELETING": ListSnapshotsLifecycleStateDeleting, "DELETED": ListSnapshotsLifecycleStateDeleted, "FAILED": ListSnapshotsLifecycleStateFailed, @@ -160,6 +162,7 @@ var mappingListSnapshotsLifecycleStateEnum = map[string]ListSnapshotsLifecycleSt var mappingListSnapshotsLifecycleStateEnumLowerCase = map[string]ListSnapshotsLifecycleStateEnum{ "creating": ListSnapshotsLifecycleStateCreating, "active": ListSnapshotsLifecycleStateActive, + "updating": ListSnapshotsLifecycleStateUpdating, "deleting": ListSnapshotsLifecycleStateDeleting, "deleted": ListSnapshotsLifecycleStateDeleted, "failed": ListSnapshotsLifecycleStateFailed, @@ -179,6 +182,7 @@ func GetListSnapshotsLifecycleStateEnumStringValues() []string { return []string{ "CREATING", "ACTIVE", + "UPDATING", "DELETING", "DELETED", "FAILED", diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target.go index 47b6a170a0..ea4973ae80 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target.go @@ -72,6 +72,25 @@ type MountTarget struct { Kerberos *Kerberos `mandatory:"false" json:"kerberos"` + // The date and time the mount target current billing cycle will end and next one starts, expressed + // in RFC 3339 (https://tools.ietf.org/rfc/rfc3339) timestamp format. + // Example: `2016-08-25T21:10:29.600Z` + TimeBillingCycleEnd *common.SDKTime `mandatory:"false" json:"timeBillingCycleEnd"` + + // Current billed throughput for mount target in Gbps. This corresponds to shape of mount target. + // Available shapes and corresponding throughput are listed at Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + ObservedThroughput *int64 `mandatory:"false" json:"observedThroughput"` + + // - New throughput for mount target at the end of billing cycle in Gbps. + RequestedThroughput *int64 `mandatory:"false" json:"requestedThroughput"` + + // - Reserved capacity (GB) associated with this mount target. Reserved capacity depends on observedThroughput value + // of mount target. Value is listed at Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + ReservedStorageCapacity *int64 `mandatory:"false" json:"reservedStorageCapacity"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -116,6 +135,7 @@ const ( MountTargetLifecycleStateDeleting MountTargetLifecycleStateEnum = "DELETING" MountTargetLifecycleStateDeleted MountTargetLifecycleStateEnum = "DELETED" MountTargetLifecycleStateFailed MountTargetLifecycleStateEnum = "FAILED" + MountTargetLifecycleStateUpdating MountTargetLifecycleStateEnum = "UPDATING" ) var mappingMountTargetLifecycleStateEnum = map[string]MountTargetLifecycleStateEnum{ @@ -124,6 +144,7 @@ var mappingMountTargetLifecycleStateEnum = map[string]MountTargetLifecycleStateE "DELETING": MountTargetLifecycleStateDeleting, "DELETED": MountTargetLifecycleStateDeleted, "FAILED": MountTargetLifecycleStateFailed, + "UPDATING": MountTargetLifecycleStateUpdating, } var mappingMountTargetLifecycleStateEnumLowerCase = map[string]MountTargetLifecycleStateEnum{ @@ -132,6 +153,7 @@ var mappingMountTargetLifecycleStateEnumLowerCase = map[string]MountTargetLifecy "deleting": MountTargetLifecycleStateDeleting, "deleted": MountTargetLifecycleStateDeleted, "failed": MountTargetLifecycleStateFailed, + "updating": MountTargetLifecycleStateUpdating, } // GetMountTargetLifecycleStateEnumValues Enumerates the set of values for MountTargetLifecycleStateEnum @@ -151,6 +173,7 @@ func GetMountTargetLifecycleStateEnumStringValues() []string { "DELETING", "DELETED", "FAILED", + "UPDATING", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target_summary.go index 3d742f51b2..1e2ce1dd60 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/mount_target_summary.go @@ -60,6 +60,26 @@ type MountTargetSummary struct { // For more information about NSGs, see Security Rules (https://docs.cloud.oracle.com/Content/Network/Concepts/securityrules.htm). NsgIds []string `mandatory:"false" json:"nsgIds"` + // The date and time the mount target current billing cycle will end, expressed in + // RFC 3339 (https://tools.ietf.org/rfc/rfc3339) timestamp format. Once a cycle ends, it is updated + // automatically to next timestamp which is after 30 days. + // Example: `2016-08-25T21:10:29.600Z` + TimeBillingCycleEnd *common.SDKTime `mandatory:"false" json:"timeBillingCycleEnd"` + + // Current billed throughput for mount target in Gbps. This corresponds to shape of mount target. + // Available shapes and corresponding throughput are listed at Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + ObservedThroughput *int64 `mandatory:"false" json:"observedThroughput"` + + // - New throughput for mount target at the end of billing cycle in Gbps. + RequestedThroughput *int64 `mandatory:"false" json:"requestedThroughput"` + + // - Reserved capacity (GB) associated with this mount target. Reserved capacity depends on observedThroughput value + // of mount target. Value is listed at Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + ReservedStorageCapacity *int64 `mandatory:"false" json:"reservedStorageCapacity"` + + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -101,6 +121,7 @@ const ( MountTargetSummaryLifecycleStateDeleting MountTargetSummaryLifecycleStateEnum = "DELETING" MountTargetSummaryLifecycleStateDeleted MountTargetSummaryLifecycleStateEnum = "DELETED" MountTargetSummaryLifecycleStateFailed MountTargetSummaryLifecycleStateEnum = "FAILED" + MountTargetSummaryLifecycleStateUpdating MountTargetSummaryLifecycleStateEnum = "UPDATING" ) var mappingMountTargetSummaryLifecycleStateEnum = map[string]MountTargetSummaryLifecycleStateEnum{ @@ -109,6 +130,7 @@ var mappingMountTargetSummaryLifecycleStateEnum = map[string]MountTargetSummaryL "DELETING": MountTargetSummaryLifecycleStateDeleting, "DELETED": MountTargetSummaryLifecycleStateDeleted, "FAILED": MountTargetSummaryLifecycleStateFailed, + "UPDATING": MountTargetSummaryLifecycleStateUpdating, } var mappingMountTargetSummaryLifecycleStateEnumLowerCase = map[string]MountTargetSummaryLifecycleStateEnum{ @@ -117,6 +139,7 @@ var mappingMountTargetSummaryLifecycleStateEnumLowerCase = map[string]MountTarge "deleting": MountTargetSummaryLifecycleStateDeleting, "deleted": MountTargetSummaryLifecycleStateDeleted, "failed": MountTargetSummaryLifecycleStateFailed, + "updating": MountTargetSummaryLifecycleStateUpdating, } // GetMountTargetSummaryLifecycleStateEnumValues Enumerates the set of values for MountTargetSummaryLifecycleStateEnum @@ -136,6 +159,7 @@ func GetMountTargetSummaryLifecycleStateEnumStringValues() []string { "DELETING", "DELETED", "FAILED", + "UPDATING", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector.go index cd648ae68e..feb2cc8065 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector.go @@ -45,6 +45,9 @@ type OutboundConnector interface { // Example: `Uocm:PHX-AD-1` GetAvailabilityDomain() *string + // Locks associated with this resource. + GetLocks() []ResourceLock + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -60,6 +63,7 @@ type OutboundConnector interface { type outboundconnector struct { JsonData []byte AvailabilityDomain *string `mandatory:"false" json:"availabilityDomain"` + Locks []ResourceLock `mandatory:"false" json:"locks"` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` CompartmentId *string `mandatory:"true" json:"compartmentId"` @@ -87,6 +91,7 @@ func (m *outboundconnector) UnmarshalJSON(data []byte) error { m.DisplayName = s.Model.DisplayName m.TimeCreated = s.Model.TimeCreated m.AvailabilityDomain = s.Model.AvailabilityDomain + m.Locks = s.Model.Locks m.FreeformTags = s.Model.FreeformTags m.DefinedTags = s.Model.DefinedTags m.ConnectorType = s.Model.ConnectorType @@ -118,6 +123,11 @@ func (m outboundconnector) GetAvailabilityDomain() *string { return m.AvailabilityDomain } +// GetLocks returns Locks +func (m outboundconnector) GetLocks() []ResourceLock { + return m.Locks +} + // GetFreeformTags returns FreeformTags func (m outboundconnector) GetFreeformTags() map[string]string { return m.FreeformTags diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector_summary.go index 708d7ffbb3..4e99ad99eb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/outbound_connector_summary.go @@ -44,6 +44,9 @@ type OutboundConnectorSummary interface { // Example: `Uocm:PHX-AD-1` GetAvailabilityDomain() *string + // Locks associated with this resource. + GetLocks() []ResourceLock + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). @@ -59,6 +62,7 @@ type OutboundConnectorSummary interface { type outboundconnectorsummary struct { JsonData []byte AvailabilityDomain *string `mandatory:"false" json:"availabilityDomain"` + Locks []ResourceLock `mandatory:"false" json:"locks"` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` CompartmentId *string `mandatory:"true" json:"compartmentId"` @@ -86,6 +90,7 @@ func (m *outboundconnectorsummary) UnmarshalJSON(data []byte) error { m.DisplayName = s.Model.DisplayName m.TimeCreated = s.Model.TimeCreated m.AvailabilityDomain = s.Model.AvailabilityDomain + m.Locks = s.Model.Locks m.FreeformTags = s.Model.FreeformTags m.DefinedTags = s.Model.DefinedTags m.ConnectorType = s.Model.ConnectorType @@ -117,6 +122,11 @@ func (m outboundconnectorsummary) GetAvailabilityDomain() *string { return m.AvailabilityDomain } +// GetLocks returns Locks +func (m outboundconnectorsummary) GetLocks() []ResourceLock { + return m.Locks +} + // GetFreeformTags returns FreeformTags func (m outboundconnectorsummary) GetFreeformTags() map[string]string { return m.FreeformTags diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/pause_filesystem_snapshot_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/pause_filesystem_snapshot_policy_request_response.go index 49b8616d4c..ed055a261b 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/pause_filesystem_snapshot_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/pause_filesystem_snapshot_policy_request_response.go @@ -32,6 +32,9 @@ type PauseFilesystemSnapshotPolicyRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_export_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_export_lock_request_response.go new file mode 100644 index 0000000000..9eb7c4c578 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_export_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveExportLockRequest wrapper for the RemoveExportLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveExportLock.go.html to see an example of how to use RemoveExportLockRequest. +type RemoveExportLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the export. + ExportId *string `mandatory:"true" contributesTo:"path" name:"exportId"` + + // The details to be updated for the RemoveLock. + RemoveExportLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveExportLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveExportLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveExportLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveExportLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveExportLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveExportLockResponse wrapper for the RemoveExportLock operation +type RemoveExportLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Export instance + Export `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveExportLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveExportLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_file_system_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_file_system_lock_request_response.go new file mode 100644 index 0000000000..ca3ebc5e43 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_file_system_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveFileSystemLockRequest wrapper for the RemoveFileSystemLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveFileSystemLock.go.html to see an example of how to use RemoveFileSystemLockRequest. +type RemoveFileSystemLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the file system. + FileSystemId *string `mandatory:"true" contributesTo:"path" name:"fileSystemId"` + + // The details to be updated for the RemoveLock. + RemoveFileSystemLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveFileSystemLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveFileSystemLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveFileSystemLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveFileSystemLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveFileSystemLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveFileSystemLockResponse wrapper for the RemoveFileSystemLock operation +type RemoveFileSystemLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The FileSystem instance + FileSystem `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveFileSystemLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveFileSystemLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_filesystem_snapshot_policy_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_filesystem_snapshot_policy_lock_request_response.go new file mode 100644 index 0000000000..5cb3d00bd8 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_filesystem_snapshot_policy_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveFilesystemSnapshotPolicyLockRequest wrapper for the RemoveFilesystemSnapshotPolicyLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveFilesystemSnapshotPolicyLock.go.html to see an example of how to use RemoveFilesystemSnapshotPolicyLockRequest. +type RemoveFilesystemSnapshotPolicyLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the file system snapshot policy. + FilesystemSnapshotPolicyId *string `mandatory:"true" contributesTo:"path" name:"filesystemSnapshotPolicyId"` + + // The details to be updated for the RemoveLock. + RemoveFilesystemSnapshotPolicyLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveFilesystemSnapshotPolicyLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveFilesystemSnapshotPolicyLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveFilesystemSnapshotPolicyLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveFilesystemSnapshotPolicyLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveFilesystemSnapshotPolicyLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveFilesystemSnapshotPolicyLockResponse wrapper for the RemoveFilesystemSnapshotPolicyLock operation +type RemoveFilesystemSnapshotPolicyLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The FilesystemSnapshotPolicy instance + FilesystemSnapshotPolicy `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveFilesystemSnapshotPolicyLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveFilesystemSnapshotPolicyLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_mount_target_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_mount_target_lock_request_response.go new file mode 100644 index 0000000000..d2a4204175 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_mount_target_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveMountTargetLockRequest wrapper for the RemoveMountTargetLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveMountTargetLock.go.html to see an example of how to use RemoveMountTargetLockRequest. +type RemoveMountTargetLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target. + MountTargetId *string `mandatory:"true" contributesTo:"path" name:"mountTargetId"` + + // The details to be updated for the RemoveLock. + RemoveMountTargetLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveMountTargetLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveMountTargetLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveMountTargetLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveMountTargetLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveMountTargetLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveMountTargetLockResponse wrapper for the RemoveMountTargetLock operation +type RemoveMountTargetLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The MountTarget instance + MountTarget `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveMountTargetLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveMountTargetLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_outbound_connector_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_outbound_connector_lock_request_response.go new file mode 100644 index 0000000000..b6693a29a7 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_outbound_connector_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveOutboundConnectorLockRequest wrapper for the RemoveOutboundConnectorLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveOutboundConnectorLock.go.html to see an example of how to use RemoveOutboundConnectorLockRequest. +type RemoveOutboundConnectorLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the outbound connector. + OutboundConnectorId *string `mandatory:"true" contributesTo:"path" name:"outboundConnectorId"` + + // The details to be updated for the RemoveLock. + RemoveOutboundConnectorLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveOutboundConnectorLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveOutboundConnectorLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveOutboundConnectorLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveOutboundConnectorLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveOutboundConnectorLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveOutboundConnectorLockResponse wrapper for the RemoveOutboundConnectorLock operation +type RemoveOutboundConnectorLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The OutboundConnector instance + OutboundConnector `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveOutboundConnectorLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveOutboundConnectorLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_replication_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_replication_lock_request_response.go new file mode 100644 index 0000000000..cc4b29ac48 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_replication_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveReplicationLockRequest wrapper for the RemoveReplicationLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveReplicationLock.go.html to see an example of how to use RemoveReplicationLockRequest. +type RemoveReplicationLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the replication. + ReplicationId *string `mandatory:"true" contributesTo:"path" name:"replicationId"` + + // The details to be updated for the RemoveLock. + RemoveReplicationLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveReplicationLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveReplicationLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveReplicationLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveReplicationLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveReplicationLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveReplicationLockResponse wrapper for the RemoveReplicationLock operation +type RemoveReplicationLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Replication instance + Replication `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveReplicationLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveReplicationLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_snapshot_lock_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_snapshot_lock_request_response.go new file mode 100644 index 0000000000..64e3626df2 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/remove_snapshot_lock_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// RemoveSnapshotLockRequest wrapper for the RemoveSnapshotLock operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/RemoveSnapshotLock.go.html to see an example of how to use RemoveSnapshotLockRequest. +type RemoveSnapshotLockRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the snapshot. + SnapshotId *string `mandatory:"true" contributesTo:"path" name:"snapshotId"` + + // The details to be updated for the RemoveLock. + RemoveSnapshotLockDetails ResourceLock `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request RemoveSnapshotLockRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request RemoveSnapshotLockRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request RemoveSnapshotLockRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request RemoveSnapshotLockRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request RemoveSnapshotLockRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// RemoveSnapshotLockResponse wrapper for the RemoveSnapshotLock operation +type RemoveSnapshotLockResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The Snapshot instance + Snapshot `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response RemoveSnapshotLockResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response RemoveSnapshotLockResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication.go index 6a066e1a90..612c367e67 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication.go @@ -77,6 +77,9 @@ type Replication struct { // Percentage progress of the current replication cycle. DeltaProgress *int64 `mandatory:"false" json:"deltaProgress"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication_summary.go index 5adef4a362..5504f28c75 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/replication_summary.go @@ -43,6 +43,9 @@ type ReplicationSummary struct { // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the compartment that contains the replication. CompartmentId *string `mandatory:"false" json:"compartmentId"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Duration in minutes between replication snapshots. ReplicationInterval *int64 `mandatory:"false" json:"replicationInterval"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/resource_lock.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/resource_lock.go new file mode 100644 index 0000000000..36a36b7adf --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/resource_lock.go @@ -0,0 +1,97 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// File Storage API +// +// Use the File Storage service API to manage file systems, mount targets, and snapshots. +// For more information, see Overview of File Storage (https://docs.cloud.oracle.com/iaas/Content/File/Concepts/filestorageoverview.htm). +// + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// ResourceLock Resource locks are used to prevent certain APIs from being called for the resource. +// A full lock prevents both updating the resource and deleting the resource. A delete +// lock prevents deleting the resource. +type ResourceLock struct { + + // Type of the lock. + Type ResourceLockTypeEnum `mandatory:"true" json:"type"` + + // The ID of the resource that is locking this resource. Indicates that deleting this resource will remove the lock. + RelatedResourceId *string `mandatory:"false" json:"relatedResourceId"` + + // A message added by the creator of the lock. This is typically used to give an + // indication of why the resource is locked. + Message *string `mandatory:"false" json:"message"` + + // When the lock was created. + TimeCreated *common.SDKTime `mandatory:"false" json:"timeCreated"` +} + +func (m ResourceLock) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m ResourceLock) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if _, ok := GetMappingResourceLockTypeEnum(string(m.Type)); !ok && m.Type != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Type: %s. Supported values are: %s.", m.Type, strings.Join(GetResourceLockTypeEnumStringValues(), ","))) + } + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// ResourceLockTypeEnum Enum with underlying type: string +type ResourceLockTypeEnum string + +// Set of constants representing the allowable values for ResourceLockTypeEnum +const ( + ResourceLockTypeFull ResourceLockTypeEnum = "FULL" + ResourceLockTypeDelete ResourceLockTypeEnum = "DELETE" +) + +var mappingResourceLockTypeEnum = map[string]ResourceLockTypeEnum{ + "FULL": ResourceLockTypeFull, + "DELETE": ResourceLockTypeDelete, +} + +var mappingResourceLockTypeEnumLowerCase = map[string]ResourceLockTypeEnum{ + "full": ResourceLockTypeFull, + "delete": ResourceLockTypeDelete, +} + +// GetResourceLockTypeEnumValues Enumerates the set of values for ResourceLockTypeEnum +func GetResourceLockTypeEnumValues() []ResourceLockTypeEnum { + values := make([]ResourceLockTypeEnum, 0) + for _, v := range mappingResourceLockTypeEnum { + values = append(values, v) + } + return values +} + +// GetResourceLockTypeEnumStringValues Enumerates the set of values in String for ResourceLockTypeEnum +func GetResourceLockTypeEnumStringValues() []string { + return []string{ + "FULL", + "DELETE", + } +} + +// GetMappingResourceLockTypeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingResourceLockTypeEnum(val string) (ResourceLockTypeEnum, bool) { + enum, ok := mappingResourceLockTypeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_details.go new file mode 100644 index 0000000000..5e66852fcb --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_details.go @@ -0,0 +1,41 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// File Storage API +// +// Use the File Storage service API to manage file systems, mount targets, and snapshots. +// For more information, see Overview of File Storage (https://docs.cloud.oracle.com/iaas/Content/File/Concepts/filestorageoverview.htm). +// + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// ScheduleDowngradeShapeMountTargetDetails Shape details about the Mount Target. +type ScheduleDowngradeShapeMountTargetDetails struct { + + // New throughput for mount target in Gbps. Available shapes and corresponding throughput are listed at + // Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + RequestedThroughput *int64 `mandatory:"false" json:"requestedThroughput"` +} + +func (m ScheduleDowngradeShapeMountTargetDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m ScheduleDowngradeShapeMountTargetDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_request_response.go new file mode 100644 index 0000000000..e8cdb2eb03 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/schedule_downgrade_shape_mount_target_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// ScheduleDowngradeShapeMountTargetRequest wrapper for the ScheduleDowngradeShapeMountTarget operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/ScheduleDowngradeShapeMountTarget.go.html to see an example of how to use ScheduleDowngradeShapeMountTargetRequest. +type ScheduleDowngradeShapeMountTargetRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target. + MountTargetId *string `mandatory:"true" contributesTo:"path" name:"mountTargetId"` + + // Details for changing the shape of mount target. + ScheduleDowngradeShapeMountTargetDetails `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request ScheduleDowngradeShapeMountTargetRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request ScheduleDowngradeShapeMountTargetRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request ScheduleDowngradeShapeMountTargetRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request ScheduleDowngradeShapeMountTargetRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request ScheduleDowngradeShapeMountTargetRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// ScheduleDowngradeShapeMountTargetResponse wrapper for the ScheduleDowngradeShapeMountTarget operation +type ScheduleDowngradeShapeMountTargetResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The MountTarget instance + MountTarget `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response ScheduleDowngradeShapeMountTargetResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response ScheduleDowngradeShapeMountTargetResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot.go index 509fdd4e09..ca62c6f2df 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot.go @@ -65,6 +65,9 @@ type Snapshot struct { // Additional information about the current `lifecycleState`. LifecycleDetails *string `mandatory:"false" json:"lifecycleDetails"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Free-form tags for this resource. Each tag is a simple key-value pair // with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_schedule.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_schedule.go index 903e8cd74a..e2daa3da78 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_schedule.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_schedule.go @@ -40,20 +40,23 @@ type SnapshotSchedule struct { RetentionDurationInSeconds *int64 `mandatory:"false" json:"retentionDurationInSeconds"` // The hour of the day to create a DAILY, WEEKLY, MONTHLY, or YEARLY snapshot. - // If not set, a value will be chosen at creation time. + // If not set, the system chooses a value at creation time. HourOfDay *int `mandatory:"false" json:"hourOfDay"` // The day of the week to create a scheduled snapshot. // Used for WEEKLY snapshot schedules. + // If not set, the system chooses a value at creation time. DayOfWeek SnapshotScheduleDayOfWeekEnum `mandatory:"false" json:"dayOfWeek,omitempty"` // The day of the month to create a scheduled snapshot. // If the day does not exist for the month, snapshot creation will be skipped. // Used for MONTHLY and YEARLY snapshot schedules. + // If not set, the system chooses a value at creation time. DayOfMonth *int `mandatory:"false" json:"dayOfMonth"` // The month to create a scheduled snapshot. // Used only for YEARLY snapshot schedules. + // If not set, the system chooses a value at creation time. Month SnapshotScheduleMonthEnum `mandatory:"false" json:"month,omitempty"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_summary.go index 2aab856e8d..a25e128306 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/snapshot_summary.go @@ -38,6 +38,9 @@ type SnapshotSummary struct { // Example: `2016-08-25T21:10:29.600Z` TimeCreated *common.SDKTime `mandatory:"true" json:"timeCreated"` + // Locks associated with this resource. + Locks []ResourceLock `mandatory:"false" json:"locks"` + // Specifies the generation type of the snapshot. SnapshotType SnapshotSummarySnapshotTypeEnum `mandatory:"false" json:"snapshotType,omitempty"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/unpause_filesystem_snapshot_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/unpause_filesystem_snapshot_policy_request_response.go index 9fabb1cd49..407ad8c133 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/unpause_filesystem_snapshot_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/unpause_filesystem_snapshot_policy_request_response.go @@ -32,6 +32,9 @@ type UnpauseFilesystemSnapshotPolicyRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_export_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_export_request_response.go index d3d7845ce4..6e44994da2 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_export_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_export_request_response.go @@ -35,6 +35,9 @@ type UpdateExportRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_file_system_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_file_system_request_response.go index 478252d470..e09c5aa108 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_file_system_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_file_system_request_response.go @@ -35,6 +35,9 @@ type UpdateFileSystemRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_filesystem_snapshot_policy_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_filesystem_snapshot_policy_request_response.go index bbcbf9a37e..d3d09bc855 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_filesystem_snapshot_policy_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_filesystem_snapshot_policy_request_response.go @@ -35,6 +35,9 @@ type UpdateFilesystemSnapshotPolicyRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_mount_target_request_response.go index ea891bc300..3eae72f885 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_mount_target_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_mount_target_request_response.go @@ -35,6 +35,9 @@ type UpdateMountTargetRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_outbound_connector_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_outbound_connector_request_response.go index 9285de346c..66fbb7ca42 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_outbound_connector_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_outbound_connector_request_response.go @@ -35,6 +35,9 @@ type UpdateOutboundConnectorRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_replication_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_replication_request_response.go index 11f681cda5..8cc15818f5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_replication_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_replication_request_response.go @@ -35,6 +35,9 @@ type UpdateReplicationRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_snapshot_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_snapshot_request_response.go index ae10d485f8..cf958813b8 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_snapshot_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/update_snapshot_request_response.go @@ -35,6 +35,9 @@ type UpdateSnapshotRequest struct { // If you need to contact Oracle about a particular request, please provide the request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // Whether to override locks (if any exist). + IsLockOverride *bool `mandatory:"false" contributesTo:"query" name:"isLockOverride"` + // Metadata about the request. This information will not be transmitted to the service, but // represents information that the SDK will consume to drive retry behavior. RequestMetadata common.RequestMetadata diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_details.go new file mode 100644 index 0000000000..2540522308 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_details.go @@ -0,0 +1,41 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// File Storage API +// +// Use the File Storage service API to manage file systems, mount targets, and snapshots. +// For more information, see Overview of File Storage (https://docs.cloud.oracle.com/iaas/Content/File/Concepts/filestorageoverview.htm). +// + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// UpgradeShapeMountTargetDetails Shape details about the Mount Target. +type UpgradeShapeMountTargetDetails struct { + + // New throughput for mount target in Gbps. Available shapes and corresponding throughput are listed at + // Mount Target Performance (https://docs.oracle.com/iaas/Content/File/Tasks/managingmounttargets.htm#performance). + RequestedThroughput *int64 `mandatory:"false" json:"requestedThroughput"` +} + +func (m UpgradeShapeMountTargetDetails) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m UpgradeShapeMountTargetDetails) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_request_response.go new file mode 100644 index 0000000000..aef83d3fff --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/filestorage/upgrade_shape_mount_target_request_response.go @@ -0,0 +1,105 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +package filestorage + +import ( + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "net/http" + "strings" +) + +// UpgradeShapeMountTargetRequest wrapper for the UpgradeShapeMountTarget operation +// +// # See also +// +// Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/filestorage/UpgradeShapeMountTarget.go.html to see an example of how to use UpgradeShapeMountTargetRequest. +type UpgradeShapeMountTargetRequest struct { + + // The OCID (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the mount target. + MountTargetId *string `mandatory:"true" contributesTo:"path" name:"mountTargetId"` + + // Details for changing the shape of mount target. + UpgradeShapeMountTargetDetails `contributesTo:"body"` + + // For optimistic concurrency control. In the PUT or DELETE call + // for a resource, set the `if-match` parameter to the value of the + // etag from a previous GET or POST response for that resource. + // The resource will be updated or deleted only if the etag you + // provide matches the resource's current etag value. + IfMatch *string `mandatory:"false" contributesTo:"header" name:"if-match"` + + // Unique identifier for the request. + // If you need to contact Oracle about a particular request, please provide the request ID. + OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + + // Metadata about the request. This information will not be transmitted to the service, but + // represents information that the SDK will consume to drive retry behavior. + RequestMetadata common.RequestMetadata +} + +func (request UpgradeShapeMountTargetRequest) String() string { + return common.PointerString(request) +} + +// HTTPRequest implements the OCIRequest interface +func (request UpgradeShapeMountTargetRequest) HTTPRequest(method, path string, binaryRequestBody *common.OCIReadSeekCloser, extraHeaders map[string]string) (http.Request, error) { + + _, err := request.ValidateEnumValue() + if err != nil { + return http.Request{}, err + } + return common.MakeDefaultHTTPRequestWithTaggedStructAndExtraHeaders(method, path, request, extraHeaders) +} + +// BinaryRequestBody implements the OCIRequest interface +func (request UpgradeShapeMountTargetRequest) BinaryRequestBody() (*common.OCIReadSeekCloser, bool) { + + return nil, false + +} + +// RetryPolicy implements the OCIRetryableRequest interface. This retrieves the specified retry policy. +func (request UpgradeShapeMountTargetRequest) RetryPolicy() *common.RetryPolicy { + return request.RequestMetadata.RetryPolicy +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (request UpgradeShapeMountTargetRequest) ValidateEnumValue() (bool, error) { + errMessage := []string{} + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// UpgradeShapeMountTargetResponse wrapper for the UpgradeShapeMountTarget operation +type UpgradeShapeMountTargetResponse struct { + + // The underlying http response + RawResponse *http.Response + + // The MountTarget instance + MountTarget `presentIn:"body"` + + // For optimistic concurrency control. See `if-match`. + Etag *string `presentIn:"header" name:"etag"` + + // Unique Oracle-assigned identifier for the request. If + // you need to contact Oracle about a particular request, + // please provide the request ID. + OpcRequestId *string `presentIn:"header" name:"opc-request-id"` +} + +func (response UpgradeShapeMountTargetResponse) String() string { + return common.PointerString(response) +} + +// HTTPResponse implements the OCIResponse interface +func (response UpgradeShapeMountTargetResponse) HTTPResponse() *http.Response { + return response.RawResponse +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend.go index a48ccfdac3..b69e7fc309 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend.go @@ -55,6 +55,12 @@ type Backend struct { // traffic. // Example: `false` Offline *bool `mandatory:"true" json:"offline"` + + // The maximum number of simultaneous connections the load balancer can make to the backend. + // If this is not set then the maximum number of simultaneous connections the load balancer + // can make to the backend is unlimited. + // Example: `300` + MaxConnections *int `mandatory:"false" json:"maxConnections"` } func (m Backend) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_details.go index 2718233b81..b6a42ad3f1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_details.go @@ -35,6 +35,12 @@ type BackendDetails struct { // Example: `3` Weight *int `mandatory:"false" json:"weight"` + // The maximum number of simultaneous connections the load balancer can make to the backend. + // If this is not set then the maximum number of simultaneous connections the load balancer + // can make to the backend is unlimited. + // Example: `300` + MaxConnections *int `mandatory:"false" json:"maxConnections"` + // Whether the load balancer should treat this server as a backup unit. If `true`, the load balancer forwards no ingress // traffic to this backend server unless all other backend servers not marked as "backup" fail the health check policy. // **Note:** You cannot add a backend server marked as `backup` to a backend set that uses the IP Hash policy. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set.go index e0497fc625..167d87e5ad 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set.go @@ -40,6 +40,13 @@ type BackendSet struct { HealthChecker *HealthChecker `mandatory:"true" json:"healthChecker"` + // The maximum number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting. If this is not + // set then the number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting is unlimited. + // Example: `300` + BackendMaxConnections *int `mandatory:"false" json:"backendMaxConnections"` + SslConfiguration *SslConfiguration `mandatory:"false" json:"sslConfiguration"` SessionPersistenceConfiguration *SessionPersistenceConfigurationDetails `mandatory:"false" json:"sessionPersistenceConfiguration"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set_details.go index f6dda30a63..2708bed219 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/backend_set_details.go @@ -33,6 +33,13 @@ type BackendSetDetails struct { Backends []BackendDetails `mandatory:"false" json:"backends"` + // The maximum number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting. If this is not + // set then the number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting is unlimited. + // Example: `300` + BackendMaxConnections *int `mandatory:"false" json:"backendMaxConnections"` + SslConfiguration *SslConfigurationDetails `mandatory:"false" json:"sslConfiguration"` SessionPersistenceConfiguration *SessionPersistenceConfigurationDetails `mandatory:"false" json:"sessionPersistenceConfiguration"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/connection_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/connection_configuration.go index 3f1b1bef5e..fdebbb7b62 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/connection_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/connection_configuration.go @@ -29,6 +29,10 @@ type ConnectionConfiguration struct { // The backend TCP Proxy Protocol version. // Example: `1` BackendTcpProxyProtocolVersion *int `mandatory:"false" json:"backendTcpProxyProtocolVersion"` + + // An array that represents the PPV2 Options that can be enabled on TCP Listeners. + // Example: ["PP2_TYPE_AUTHORITY"] + BackendTcpProxyProtocolOptions []ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum `mandatory:"false" json:"backendTcpProxyProtocolOptions,omitempty"` } func (m ConnectionConfiguration) String() string { @@ -41,8 +45,52 @@ func (m ConnectionConfiguration) String() string { func (m ConnectionConfiguration) ValidateEnumValue() (bool, error) { errMessage := []string{} + for _, val := range m.BackendTcpProxyProtocolOptions { + if _, ok := GetMappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnum(string(val)); !ok && val != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for BackendTcpProxyProtocolOptions: %s. Supported values are: %s.", val, strings.Join(GetConnectionConfigurationBackendTcpProxyProtocolOptionsEnumStringValues(), ","))) + } + } + if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } return false, nil } + +// ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum Enum with underlying type: string +type ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum string + +// Set of constants representing the allowable values for ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum +const ( + ConnectionConfigurationBackendTcpProxyProtocolOptionsPp2TypeAuthority ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum = "PP2_TYPE_AUTHORITY" +) + +var mappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnum = map[string]ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{ + "PP2_TYPE_AUTHORITY": ConnectionConfigurationBackendTcpProxyProtocolOptionsPp2TypeAuthority, +} + +var mappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnumLowerCase = map[string]ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum{ + "pp2_type_authority": ConnectionConfigurationBackendTcpProxyProtocolOptionsPp2TypeAuthority, +} + +// GetConnectionConfigurationBackendTcpProxyProtocolOptionsEnumValues Enumerates the set of values for ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum +func GetConnectionConfigurationBackendTcpProxyProtocolOptionsEnumValues() []ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum { + values := make([]ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum, 0) + for _, v := range mappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnum { + values = append(values, v) + } + return values +} + +// GetConnectionConfigurationBackendTcpProxyProtocolOptionsEnumStringValues Enumerates the set of values in String for ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum +func GetConnectionConfigurationBackendTcpProxyProtocolOptionsEnumStringValues() []string { + return []string{ + "PP2_TYPE_AUTHORITY", + } +} + +// GetMappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnum(val string) (ConnectionConfigurationBackendTcpProxyProtocolOptionsEnum, bool) { + enum, ok := mappingConnectionConfigurationBackendTcpProxyProtocolOptionsEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_details.go index b0f61b7917..9bf0f762cc 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_details.go @@ -37,6 +37,12 @@ type CreateBackendDetails struct { // Example: `3` Weight *int `mandatory:"false" json:"weight"` + // The maximum number of simultaneous connections the load balancer can make to the backend. + // If this is not set then number of simultaneous connections the load balancer can make to + // the backend is unlimited. + // Example: `300` + MaxConnections *int `mandatory:"false" json:"maxConnections"` + // Whether the load balancer should treat this server as a backup unit. If `true`, the load balancer forwards no ingress // traffic to this backend server unless all other backend servers not marked as "backup" fail the health check policy. // **Note:** You cannot add a backend server marked as `backup` to a backend set that uses the IP Hash policy. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_set_details.go index 59e1d46994..8773d77558 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_backend_set_details.go @@ -40,6 +40,13 @@ type CreateBackendSetDetails struct { Backends []BackendDetails `mandatory:"false" json:"backends"` + // The maximum number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting. If this is not + // set then the number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting is unlimited. + // Example: `300` + BackendMaxConnections *int `mandatory:"false" json:"backendMaxConnections"` + SslConfiguration *SslConfigurationDetails `mandatory:"false" json:"sslConfiguration"` SessionPersistenceConfiguration *SessionPersistenceConfigurationDetails `mandatory:"false" json:"sessionPersistenceConfiguration"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_listener_details.go index 6f1d93b5ff..bea5393999 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_listener_details.go @@ -30,9 +30,8 @@ type CreateListenerDetails struct { // Example: `80` Port *int `mandatory:"true" json:"port"` - // The protocol on which the listener accepts connection requests. - // To get a list of valid protocols, use the ListProtocols - // operation. + // The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. + // You can also use the ListProtocols operation to get a list of valid protocols. // Example: `HTTP` Protocol *string `mandatory:"true" json:"protocol"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_load_balancer_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_load_balancer_details.go index 48ffef6939..2b35e90e87 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_load_balancer_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_load_balancer_details.go @@ -32,7 +32,7 @@ type CreateLoadBalancerDetails struct { // To get a list of available shapes, use the ListShapes // operation. // Example: `flexible` - // NOTE: Starting May 2023, Fixed shapes - 10Mbps, 100Mbps, 400Mbps, 8000Mbps would be deprecated and only shape + // NOTE: After May 2023, Fixed shapes - 10Mbps, 100Mbps, 400Mbps, 8000Mbps would be deprecated and only shape // allowed would be `Flexible` ShapeName *string `mandatory:"true" json:"shapeName"` @@ -51,12 +51,44 @@ type CreateLoadBalancerDetails struct { // Example: `true` IsPrivate *bool `mandatory:"false" json:"isPrivate"` + // Whether or not the load balancer has delete protection enabled. + // If "true", the loadbalancer will be protected against deletion if configured to accept traffic. + // If "false", the loadbalancer will not be protected against deletion. + // Delete protection will not be enabled unless a value of "true" is provided. + // Example: `true` + IsDeleteProtectionEnabled *bool `mandatory:"false" json:"isDeleteProtectionEnabled"` + // Whether the load balancer has an IPv4 or IPv6 IP address. // If "IPV4", the service assigns an IPv4 address and the load balancer supports IPv4 traffic. // If "IPV6", the service assigns an IPv6 address and the load balancer supports IPv6 traffic. // Example: "ipMode":"IPV6" IpMode CreateLoadBalancerDetailsIpModeEnum `mandatory:"false" json:"ipMode,omitempty"` + // Whether or not the load balancer has the Request Id feature enabled for HTTP listeners. + // If "true", the load balancer will attach a unique request id header to every request + // passed through from the load balancer to load balancer backends. This same request id + // header also will be added to the response the lb received from the backend handling + // the request before the load balancer returns the response to the requestor. The name + // of the unique request id header is set the by value of requestIdHeader. + // If "false", the loadbalancer not add this unique request id header to either the request + // passed through to the load balancer backends nor to the reponse returned to the user. + // New load balancers have the Request Id feature disabled unless isRequestIdEnabled is set to true. + // Example: `true` + IsRequestIdEnabled *bool `mandatory:"false" json:"isRequestIdEnabled"` + + // If isRequestIdEnabled is true then this field contains the name of the header field + // that contains the unique request id that is attached to every request from + // the load balancer to the load balancer backends and to every response from the load + // balancer. + // If a request to the load balancer already contains a header with same name as specified + // in requestIdHeader then the load balancer will not change the value of that field. + // If isRequestIdEnabled is false then this field is ignored. + // If this field is not set or is set to "" then this field defaults to X-Request-Id + // **Notes:** + // * Unless the header name is "" it must start with "X-" prefix. + // * Setting the header name to "" will set it to the default: X-Request-Id. + RequestIdHeader *string `mandatory:"false" json:"requestIdHeader"` + // An array of reserved Ips. ReservedIps []ReservedIp `mandatory:"false" json:"reservedIps"` @@ -91,6 +123,10 @@ type CreateLoadBalancerDetails struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Extended Defined tags for ZPR for this resource. Each key is predefined and scoped to a namespace. + // Example: `{"Oracle-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit", "usagetype" : "zpr"}}}` + ZprTags map[string]map[string]interface{} `mandatory:"false" json:"zprTags"` + RuleSets map[string]RuleSetDetails `mandatory:"false" json:"ruleSets"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_ssl_cipher_suite_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_ssl_cipher_suite_details.go index bc9aabd0af..e35914bd86 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_ssl_cipher_suite_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/create_ssl_cipher_suite_details.go @@ -172,6 +172,69 @@ import ( // "RC4-MD5" // "RC4-SHA" // "SEED-SHA" +// - __oci-default-http2-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// - __oci-default-http2-tls-13-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-default-http2-tls-12-13-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-13-recommended-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// - __oci-tls-11-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// "ECDHE-ECDSA-AES128-SHA" +// "ECDHE-RSA-AES128-SHA" +// "ECDHE-RSA-AES256-SHA" +// "ECDHE-ECDSA-AES256-SHA" +// "AES128-SHA" +// "AES256-SHA" type CreateSslCipherSuiteDetails struct { // A friendly name for the SSL cipher suite. It must be unique and it cannot be changed. @@ -182,11 +245,23 @@ type CreateSslCipherSuiteDetails struct { // * oci-compatible-ssl-cipher-suite-v1 // * oci-wider-compatible-ssl-cipher-suite-v1 // * oci-customized-ssl-cipher-suite + // * oci-default-http2-ssl-cipher-suite-v1 + // * oci-default-http2-tls-13-ssl-cipher-suite-v1 + // * oci-default-http2-tls-12-13-ssl-cipher-suite-v1 + // * oci-tls-13-recommended-ssl-cipher-suite-v1 + // * oci-tls-12-13-wider-ssl-cipher-suite-v1 + // * oci-tls-11-12-13-wider-ssl-cipher-suite-v1 // example: `example_cipher_suite` Name *string `mandatory:"true" json:"name"` // A list of SSL ciphers the load balancer must support for HTTPS or SSL connections. // The following ciphers are valid values for this property: + // * __TLSv1.3 ciphers__ + // "TLS_AES_128_GCM_SHA256" + // "TLS_AES_256_GCM_SHA384" + // "TLS_CHACHA20_POLY1305_SHA256" + // "TLS_AES_128_CCM_SHA256" + // "TLS_AES_128_CCM_8_SHA256" // * __TLSv1.2 ciphers__ // "AES128-GCM-SHA256" // "AES128-SHA256" diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ip_max_connections.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ip_max_connections.go index d6e216e8d6..011294af2c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ip_max_connections.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ip_max_connections.go @@ -23,7 +23,10 @@ type IpMaxConnections struct { // Example: '["129.213.176.0/24", "150.136.187.0/24", "2002::1234:abcd:ffff:c0a8:101/64"]' IpAddresses []string `mandatory:"true" json:"ipAddresses"` - // The max number of connections that the specified IPs can make to the Listener. + // The maximum number of simultaneous connections that the specified IPs can make to the + // Listener. IPs without a maxConnections setting can make either defaultMaxConnections + // simultaneous connections to a listener or, if no defaultMaxConnections is specified, an + // unlimited number of simultaneous connections to a listener. MaxConnections *int `mandatory:"true" json:"maxConnections"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/list_listener_rules_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/list_listener_rules_request_response.go index 367831bdd1..49e790d1d1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/list_listener_rules_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/list_listener_rules_request_response.go @@ -22,6 +22,7 @@ type ListListenerRulesRequest struct { LoadBalancerId *string `mandatory:"true" contributesTo:"path" name:"loadBalancerId"` // The name of the listener the rules are associated with. + // Example: `example_listener` ListenerName *string `mandatory:"true" contributesTo:"path" name:"listenerName"` // The unique Oracle-assigned identifier for the request. If you need to contact Oracle about a diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener.go index ae1c79b543..1e6cddab89 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener.go @@ -33,9 +33,8 @@ type Listener struct { // Example: `80` Port *int `mandatory:"true" json:"port"` - // The protocol on which the listener accepts connection requests. - // To get a list of valid protocols, use the ListProtocols - // operation. + // The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. + // You can also use the ListProtocols operation to get a list of valid protocols. // Example: `HTTP` Protocol *string `mandatory:"true" json:"protocol"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener_details.go index 914f4a4f59..9814c72eb9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/listener_details.go @@ -27,9 +27,8 @@ type ListenerDetails struct { // Example: `80` Port *int `mandatory:"true" json:"port"` - // The protocol on which the listener accepts connection requests. - // To get a list of valid protocols, use the ListProtocols - // operation. + // The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. + // You can also use the ListProtocols operation to get a list of valid protocols. // Example: `HTTP` Protocol *string `mandatory:"true" json:"protocol"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/load_balancer.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/load_balancer.go index 46811cba04..02e7073163 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/load_balancer.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/load_balancer.go @@ -63,6 +63,33 @@ type LoadBalancer struct { // Example: `true` IsPrivate *bool `mandatory:"false" json:"isPrivate"` + // Whether or not the load balancer has delete protection enabled. + // If "true", the loadbalancer will be protected against deletion if configured to accept traffic. + // If "false", the loadbalancer will not be protected against deletion. + // Delete protection is not be enabled unless this field is set to "true". + // Example: `true` + IsDeleteProtectionEnabled *bool `mandatory:"false" json:"isDeleteProtectionEnabled"` + + // Whether or not the load balancer has the Request Id feature enabled for HTTP listeners. + // If "true", the load balancer will attach a unique request id header to every request + // passed through from the load balancer to load balancer backends. This same request id + // header also will be added to the response the lb received from the backend handling + // the request before the load balancer returns the response to the requestor. The name + // of the unique request id header is set the by value of requestIdHeader. + // If "false", the loadbalancer not add this unique request id header to either the request + // passed through to the load balancer backends nor to the reponse returned to the user. + // Example: `true` + IsRequestIdEnabled *bool `mandatory:"false" json:"isRequestIdEnabled"` + + // If isRequestIdEnabled is true then this field contains the name of the header field + // that contains the unique request id that is attached to every request from + // the load balancer to the load balancer backends and to every response from the load + // balancer. + // If a request to the load balancer already contains a header with same name as specified + // in requestIdHeader then the load balancer will not change the value of that field. + // If this field is set to "" this field defaults to X-Request-Id. + RequestIdHeader *string `mandatory:"false" json:"requestIdHeader"` + // An array of subnet OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm). SubnetIds []string `mandatory:"false" json:"subnetIds"` @@ -98,6 +125,10 @@ type LoadBalancer struct { // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + // Extended Defined tags for ZPR for this resource. Each key is predefined and scoped to a namespace. + // Example: `{"Oracle-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit", "usagetype" : "zpr"}}}` + ZprTags map[string]map[string]interface{} `mandatory:"false" json:"zprTags"` + // System tags for this resource. Each key is predefined and scoped to a namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // System tags can be viewed by users, but can only be created by the system. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/reserved_ip.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/reserved_ip.go index 95ef7fb313..cd56ab41b5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/reserved_ip.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/reserved_ip.go @@ -18,6 +18,13 @@ import ( // ReservedIp The representation of ReservedIp type ReservedIp struct { + + // Ocid of the Reserved IP/Public Ip created with VCN. + // Reserved IPs are IPs which already registered using VCN API. + // Create a reserved Public IP and then while creating the load balancer pass the ocid of the reserved IP in this + // field reservedIp to attach the Ip to Load balancer. Load balancer will be configured to listen to traffic on this IP. + // Reserved IPs will not be deleted when the Load balancer is deleted. They will be unattached from the Load balancer. + // Example: "ocid1.publicip.oc1.phx.unique_ID" Id *string `mandatory:"false" json:"id"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/rule.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/rule.go index ae1ff04a13..67b2fa1177 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/rule.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/rule.go @@ -79,6 +79,10 @@ func (m *rule) UnmarshalPolymorphicJSON(data []byte) (interface{}, error) { mm := AllowRule{} err = json.Unmarshal(data, &mm) return mm, err + case "IP_BASED_MAX_CONNECTIONS": + mm := IpBasedMaxConnectionsRule{} + err = json.Unmarshal(data, &mm) + return mm, err case "HTTP_HEADER": mm := HttpHeaderRule{} err = json.Unmarshal(data, &mm) @@ -128,6 +132,7 @@ const ( RuleActionControlAccessUsingHttpMethods RuleActionEnum = "CONTROL_ACCESS_USING_HTTP_METHODS" RuleActionRedirect RuleActionEnum = "REDIRECT" RuleActionHttpHeader RuleActionEnum = "HTTP_HEADER" + RuleActionIpBasedMaxConnections RuleActionEnum = "IP_BASED_MAX_CONNECTIONS" ) var mappingRuleActionEnum = map[string]RuleActionEnum{ @@ -141,6 +146,7 @@ var mappingRuleActionEnum = map[string]RuleActionEnum{ "CONTROL_ACCESS_USING_HTTP_METHODS": RuleActionControlAccessUsingHttpMethods, "REDIRECT": RuleActionRedirect, "HTTP_HEADER": RuleActionHttpHeader, + "IP_BASED_MAX_CONNECTIONS": RuleActionIpBasedMaxConnections, } var mappingRuleActionEnumLowerCase = map[string]RuleActionEnum{ @@ -154,6 +160,7 @@ var mappingRuleActionEnumLowerCase = map[string]RuleActionEnum{ "control_access_using_http_methods": RuleActionControlAccessUsingHttpMethods, "redirect": RuleActionRedirect, "http_header": RuleActionHttpHeader, + "ip_based_max_connections": RuleActionIpBasedMaxConnections, } // GetRuleActionEnumValues Enumerates the set of values for RuleActionEnum @@ -178,6 +185,7 @@ func GetRuleActionEnumStringValues() []string { "CONTROL_ACCESS_USING_HTTP_METHODS", "REDIRECT", "HTTP_HEADER", + "IP_BASED_MAX_CONNECTIONS", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite.go index 6efdff3df8..7241341ebb 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite.go @@ -172,6 +172,69 @@ import ( // "RC4-MD5" // "RC4-SHA" // "SEED-SHA" +// - __oci-default-http2-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// - __oci-default-http2-tls-13-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-default-http2-tls-12-13-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-13-recommended-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// - __oci-tls-11-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// "ECDHE-ECDSA-AES128-SHA" +// "ECDHE-RSA-AES128-SHA" +// "ECDHE-RSA-AES256-SHA" +// "ECDHE-ECDSA-AES256-SHA" +// "AES128-SHA" +// "AES256-SHA" type SslCipherSuite struct { // A friendly name for the SSL cipher suite. It must be unique and it cannot be changed. @@ -182,11 +245,23 @@ type SslCipherSuite struct { // * oci-compatible-ssl-cipher-suite-v1 // * oci-wider-compatible-ssl-cipher-suite-v1 // * oci-customized-ssl-cipher-suite + // * oci-default-http2-ssl-cipher-suite-v1 + // * oci-default-http2-tls-13-ssl-cipher-suite-v1 + // * oci-default-http2-tls-12-13-ssl-cipher-suite-v1 + // * oci-tls-13-recommended-ssl-cipher-suite-v1 + // * oci-tls-12-13-wider-ssl-cipher-suite-v1 + // * oci-tls-11-12-13-wider-ssl-cipher-suite-v1 // example: `example_cipher_suite` Name *string `mandatory:"true" json:"name"` // A list of SSL ciphers the load balancer must support for HTTPS or SSL connections. // The following ciphers are valid values for this property: + // * __TLSv1.3 ciphers__ + // "TLS_AES_128_GCM_SHA256" + // "TLS_AES_256_GCM_SHA384" + // "TLS_CHACHA20_POLY1305_SHA256" + // "TLS_AES_128_CCM_SHA256" + // "TLS_AES_128_CCM_8_SHA256" // * __TLSv1.2 ciphers__ // "AES128-GCM-SHA256" // "AES128-SHA256" diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite_details.go index 66595886e5..9aa981c2f7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_cipher_suite_details.go @@ -172,6 +172,69 @@ import ( // "RC4-MD5" // "RC4-SHA" // "SEED-SHA" +// - __oci-default-http2-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// - __oci-default-http2-tls-13-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-default-http2-tls-12-13-ssl-cipher-suite-v1__ +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "DHE-RSA-AES256-GCM-SHA384" +// "DHE-RSA-AES128-GCM-SHA256" +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-13-recommended-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// - __oci-tls-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// - __oci-tls-11-12-13-wider-ssl-cipher-suite-v1__ +// "TLS_AES_128_GCM_SHA256" +// "TLS_AES_256_GCM_SHA384" +// "TLS_CHACHA20_POLY1305_SHA256" +// "ECDHE-ECDSA-AES128-GCM-SHA256" +// "ECDHE-RSA-AES128-GCM-SHA256" +// "ECDHE-ECDSA-AES128-SHA256" +// "ECDHE-RSA-AES128-SHA256" +// "ECDHE-ECDSA-AES256-GCM-SHA384" +// "ECDHE-RSA-AES256-GCM-SHA384" +// "ECDHE-ECDSA-AES256-SHA384" +// "ECDHE-RSA-AES256-SHA384" +// "AES128-GCM-SHA256" +// "AES128-SHA256" +// "AES256-GCM-SHA384" +// "AES256-SHA256" +// "ECDHE-ECDSA-AES128-SHA" +// "ECDHE-RSA-AES128-SHA" +// "ECDHE-RSA-AES256-SHA" +// "ECDHE-ECDSA-AES256-SHA" +// "AES128-SHA" +// "AES256-SHA" type SslCipherSuiteDetails struct { // A friendly name for the SSL cipher suite. It must be unique and it cannot be changed. @@ -182,11 +245,23 @@ type SslCipherSuiteDetails struct { // * oci-compatible-ssl-cipher-suite-v1 // * oci-wider-compatible-ssl-cipher-suite-v1 // * oci-customized-ssl-cipher-suite + // * oci-default-http2-ssl-cipher-suite-v1 + // * oci-default-http2-tls-13-ssl-cipher-suite-v1 + // * oci-default-http2-tls-12-13-ssl-cipher-suite-v1 + // * oci-tls-13-recommended-ssl-cipher-suite-v1 + // * oci-tls-12-13-wider-ssl-cipher-suite-v1 + // * oci-tls-11-12-13-wider-ssl-cipher-suite-v1 // example: `example_cipher_suite` Name *string `mandatory:"true" json:"name"` // A list of SSL ciphers the load balancer must support for HTTPS or SSL connections. // The following ciphers are valid values for this property: + // * __TLSv1.3 ciphers__ + // "TLS_AES_128_GCM_SHA256" + // "TLS_AES_256_GCM_SHA384" + // "TLS_CHACHA20_POLY1305_SHA256" + // "TLS_AES_128_CCM_SHA256" + // "TLS_AES_128_CCM_8_SHA256" // * __TLSv1.2 ciphers__ // "AES128-GCM-SHA256" // "AES128-SHA256" diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration.go index e2ac10bbf2..79925043d5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration.go @@ -29,6 +29,13 @@ type SslConfiguration struct { // Example: `true` VerifyPeerCertificate *bool `mandatory:"true" json:"verifyPeerCertificate"` + // Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. + // If "true", the service resumes the previous TLS encrypted session. + // If "false", the service starts a new TLS encrypted session. + // Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. + // Example: `true` + HasSessionResumption *bool `mandatory:"false" json:"hasSessionResumption"` + // Ids for OCI certificates service CA or CA bundles for the load balancer to trust. // Example: `[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]` TrustedCertificateAuthorityIds []string `mandatory:"false" json:"trustedCertificateAuthorityIds"` @@ -79,6 +86,7 @@ type SslConfiguration struct { // * TLSv1 // * TLSv1.1 // * TLSv1.2 + // * TLSv1.3 // If this field is not specified, TLSv1.2 is the default. // **Warning:** All SSL listeners created on a given port must use the same set of SSL protocols. // **Notes:** diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration_details.go index 88ad08b7ad..657cb4074a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/ssl_configuration_details.go @@ -28,6 +28,13 @@ type SslConfigurationDetails struct { // Example: `true` VerifyPeerCertificate *bool `mandatory:"false" json:"verifyPeerCertificate"` + // Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. + // If "true", the service resumes the previous TLS encrypted session. + // If "false", the service starts a new TLS encrypted session. + // Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. + // Example: `true` + HasSessionResumption *bool `mandatory:"false" json:"hasSessionResumption"` + // Ids for OCI certificates service CA or CA bundles for the load balancer to trust. // Example: `[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]` TrustedCertificateAuthorityIds []string `mandatory:"false" json:"trustedCertificateAuthorityIds"` @@ -49,6 +56,7 @@ type SslConfigurationDetails struct { // * TLSv1 // * TLSv1.1 // * TLSv1.2 + // * TLSv1.3 // If this field is not specified, TLSv1.2 is the default. // **Warning:** All SSL listeners created on a given port must use the same set of SSL protocols. // **Notes:** diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_details.go index 3753b7c9b9..952f25d355 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_details.go @@ -42,6 +42,12 @@ type UpdateBackendDetails struct { // traffic. // Example: `false` Offline *bool `mandatory:"true" json:"offline"` + + // The maximum number of simultaneous connections the load balancer can make to the backend. + // If this is not set then the maximum number of simultaneous connections the load balancer + // can make to the backend is unlimited. + // Example: `300` + MaxConnections *int `mandatory:"false" json:"maxConnections"` } func (m UpdateBackendDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_set_details.go index 54895a1c9b..13ab5a78fd 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_backend_set_details.go @@ -34,6 +34,13 @@ type UpdateBackendSetDetails struct { HealthChecker *HealthCheckerDetails `mandatory:"true" json:"healthChecker"` + // The maximum number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting. If this is not + // set then the number of simultaneous connections the load balancer can make to any backend + // in the backend set unless the backend has its own maxConnections setting is unlimited. + // Example: `300` + BackendMaxConnections *int `mandatory:"false" json:"backendMaxConnections"` + SslConfiguration *SslConfigurationDetails `mandatory:"false" json:"sslConfiguration"` SessionPersistenceConfiguration *SessionPersistenceConfigurationDetails `mandatory:"false" json:"sessionPersistenceConfiguration"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_listener_details.go index 5299af7238..87d824005a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_listener_details.go @@ -27,9 +27,8 @@ type UpdateListenerDetails struct { // Example: `80` Port *int `mandatory:"true" json:"port"` - // The protocol on which the listener accepts connection requests. - // To get a list of valid protocols, use the ListProtocols - // operation. + // The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. + // You can also use the ListProtocols operation to get a list of valid protocols. // Example: `HTTP` Protocol *string `mandatory:"true" json:"protocol"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_details.go index e5b1fe9ba2..7c89f7b669 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_details.go @@ -25,6 +25,37 @@ type UpdateLoadBalancerDetails struct { // Example: `example_load_balancer` DisplayName *string `mandatory:"false" json:"displayName"` + // Whether or not the load balancer has delete protection enabled. + // If "true", the loadbalancer will be protected against deletion if configured to accept traffic. + // If "false", the loadbalancer will not be protected against deletion. + // If null or unset, the value for delete protection will not be changed. + // Example: `true` + IsDeleteProtectionEnabled *bool `mandatory:"false" json:"isDeleteProtectionEnabled"` + + // Whether or not the load balancer has the Request Id feature enabled for HTTP listeners. + // If "true", the load balancer will attach a unique request id header to every request + // passed through from the load balancer to load balancer backends. This same request id + // header also will be added to the response the lb received from the backend handling + // the request before the load balancer returns the response to the requestor. The name + // of the unique request id header is set the by value of requestIdHeader. + // If "false", the loadbalancer not add this unique request id header to either the request + // passed through to the load balancer backends nor to the reponse returned to the user. + // New load balancers have the Request Id feature enabled unless isRequestIdEnabled is set to False. + // Example: `true` + IsRequestIdEnabled *bool `mandatory:"false" json:"isRequestIdEnabled"` + + // If isRequestIdEnabled is true then this field contains the name of the header field + // that contains the unique request id that is attached to every request from + // the load balancer to the load balancer backends and to every response from the load + // balancer. + // If a request to the load balancer already contains a header with same name as specified + // in requestIdHeader then the load balancer will not change the value of that field. + // If isRequestIdEnabled is false then this field is ignored. + // **Notes:** + // * Unless the header name is "" it must start with "X-" prefix. + // * Setting the header name to "" will set it to the default: X-Request-Id. + RequestIdHeader *string `mandatory:"false" json:"requestIdHeader"` + // Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Department": "Finance"}` @@ -34,6 +65,10 @@ type UpdateLoadBalancerDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Extended Defined tags for ZPR for this resource. Each key is predefined and scoped to a namespace. + // Example: `{"Oracle-ZPR": {"MaxEgressCount": {"value":"42","mode":"audit", "usagetype" : "zpr"}}}` + ZprTags map[string]map[string]interface{} `mandatory:"false" json:"zprTags"` } func (m UpdateLoadBalancerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_shape_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_shape_details.go index 7de1d7610e..6fb88e7e24 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_shape_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_load_balancer_shape_details.go @@ -27,7 +27,7 @@ type UpdateLoadBalancerShapeDetails struct { // * 8000Mbps // * Flexible // Example: `flexible` - // * NOTE: Fixed shapes 10Mbps, 100Mbps, 400Mbps, 8000Mbps will be deprecated from May 2023. This api + // * NOTE: Fixed shapes 10Mbps, 100Mbps, 400Mbps, 8000Mbps will be deprecated after May 2023. This api // * will only support `Flexible` shape after that date. ShapeName *string `mandatory:"true" json:"shapeName"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_ssl_cipher_suite_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_ssl_cipher_suite_details.go index 6c27dc9483..4fb3bde1f1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_ssl_cipher_suite_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/loadbalancer/update_ssl_cipher_suite_details.go @@ -22,6 +22,12 @@ type UpdateSslCipherSuiteDetails struct { // A list of SSL ciphers the load balancer must support for HTTPS or SSL connections. // The following ciphers are valid values for this property: + // * __TLSv1.3 ciphers__ + // "TLS_AES_128_GCM_SHA256" + // "TLS_AES_256_GCM_SHA384" + // "TLS_CHACHA20_POLY1305_SHA256" + // "TLS_AES_128_CCM_SHA256" + // "TLS_AES_128_CCM_8_SHA256" // * __TLSv1.2 ciphers__ // "AES128-GCM-SHA256" // "AES128-SHA256" diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm.go index bbeab7080f..61ec35b3f5 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm.go @@ -55,7 +55,10 @@ type Alarm struct { // rule condition has been met. The query must specify a metric, statistic, interval, and trigger // rule (threshold or absence). Supported values for interval depend on the specified time range. More // interval values are supported for smaller time ranges. You can optionally - // specify dimensions and grouping functions. Supported grouping functions: `grouping()`, `groupBy()`. + // specify dimensions and grouping functions. + // Also, you can customize the + // absence detection period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/create-edit-alarm-query-absence-detection-period.htm). + // Supported grouping functions: `grouping()`, `groupBy()`. // For information about writing MQL expressions, see // Editing the MQL Expression for a Query (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/query-metric-mql.htm). // For details about MQL, see @@ -70,6 +73,12 @@ type Alarm struct { // ----- // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent() // ----- + // Example of absence alarm with custom absence detection period of 20 hours: + // ----- + // + // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent(20h) + // + // ----- Query *string `mandatory:"true" json:"query"` // The perceived type of response required when the alarm is in the "FIRING" state. @@ -128,7 +137,9 @@ type Alarm struct { // Example: `PT5M` PendingDuration *string `mandatory:"false" json:"pendingDuration"` - // The human-readable content of the delivered alarm notification. Oracle recommends providing guidance + // The human-readable content of the delivered alarm notification. + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // Oracle recommends providing guidance // to operators for resolving the alarm condition. Consider adding links to standard runbook // practices. Avoid entering confidential information. // Example: `High CPU usage alert. Follow runbook instructions for resolution.` @@ -161,6 +172,40 @@ type Alarm struct { // Usage of predefined tag keys. These predefined keys are scoped to namespaces. // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // A set of overrides that control evaluations of the alarm. + // Each override can specify values for query, severity, body, and pending duration. + // When an alarm contains overrides, the Monitoring service evaluates each override in order, beginning with the first override in the array (index position `0`), + // and then evaluates the alarm's base values (`ruleName` value of `BASE`). + Overrides []AlarmOverride `mandatory:"false" json:"overrides"` + + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"false" json:"ruleName"` + + // The version of the alarm notification to be delivered. Allowed value: `1.X` + // The value must start with a number (up to four digits), followed by a period and an uppercase X. + NotificationVersion *string `mandatory:"false" json:"notificationVersion"` + + // Customizable notification title (`title` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The notification title appears as the subject line in a formatted email message and as the title in a Slack message. + NotificationTitle *string `mandatory:"false" json:"notificationTitle"` + + // Customizable slack period to wait for metric ingestion before evaluating the alarm. + // Specify a string in ISO 8601 format (`PT10M` for ten minutes or `PT1H` + // for one hour). Minimum: PT3M. Maximum: PT2H. Default: PT3M. + // For more information about the slack period, see + // About the Internal Reset Period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#reset). + EvaluationSlackDuration *string `mandatory:"false" json:"evaluationSlackDuration"` + + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"false" json:"alarmSummary"` } func (m Alarm) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_dimension_states_entry.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_dimension_states_entry.go index da29e8bf19..55cbaffeca 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_dimension_states_entry.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_dimension_states_entry.go @@ -21,6 +21,14 @@ import ( // AlarmDimensionStatesEntry A timestamped alarm state entry for a metric stream. type AlarmDimensionStatesEntry struct { + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"true" json:"alarmSummary"` + // Indicator of the metric stream associated with the alarm state entry. Includes one or more dimension key-value pairs. Dimensions map[string]string `mandatory:"true" json:"dimensions"` @@ -28,6 +36,10 @@ type AlarmDimensionStatesEntry struct { // Example: `FIRING` Status AlarmDimensionStatesEntryStatusEnum `mandatory:"true" json:"status"` + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"true" json:"ruleName"` + // Transition time associated with the alarm state entry. Format defined by RFC3339. // Example: `2022-02-01T01:02:29.600Z` Timestamp *common.SDKTime `mandatory:"true" json:"timestamp"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_history_entry.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_history_entry.go index 95cd7179af..3dd2bfa198 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_history_entry.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_history_entry.go @@ -22,6 +22,14 @@ import ( // If the entry corresponds to a state transition, such as OK to Firing, then the entry also includes a transition timestamp. type AlarmHistoryEntry struct { + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"true" json:"alarmSummary"` + // Description for this alarm history entry. // Example 1 - alarm state history entry: `The alarm state is FIRING` // Example 2 - alarm state transition history entry: `State transitioned from OK to Firing` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_status_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_status_summary.go index abe970ceb7..0a889cff79 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_status_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_status_summary.go @@ -41,11 +41,23 @@ type AlarmStatusSummary struct { // Example: `CRITICAL` Severity AlarmStatusSummarySeverityEnum `mandatory:"true" json:"severity"` + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"true" json:"ruleName"` + // Timestamp for the transition of the alarm state. For example, the time when the alarm transitioned from OK to Firing. // Note: A three-minute lag for this value accounts for any late-arriving metrics. // Example: `2023-02-01T01:02:29.600Z` TimestampTriggered *common.SDKTime `mandatory:"true" json:"timestampTriggered"` + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"true" json:"alarmSummary"` + // The status of this alarm. // Status is collective, across all metric streams in the alarm. // To list alarm status for each metric stream, use RetrieveDimensionStates. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_summary.go index 58bf247178..72cfb01626 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_summary.go @@ -105,6 +105,45 @@ type AlarmSummary struct { // Usage of predefined tag keys. These predefined keys are scoped to namespaces. // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // A set of overrides that control evaluations of the alarm. + // Each override can specify values for query, severity, body, and pending duration. + // When an alarm contains overrides, the Monitoring service evaluates each override in order, beginning with the first override in the array (index position `0`), + // and then evaluates the alarm's base values (`ruleName` value of `BASE`). + Overrides []AlarmOverride `mandatory:"false" json:"overrides"` + + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"false" json:"ruleName"` + + // The version of the alarm notification to be delivered. Allowed value: `1.X` + // The value must start with a number (up to four digits), followed by a period and an uppercase X. + NotificationVersion *string `mandatory:"false" json:"notificationVersion"` + + // Customizable notification title (`title` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The notification title appears as the subject line in a formatted email message and as the title in a Slack message. + NotificationTitle *string `mandatory:"false" json:"notificationTitle"` + + // Customizable slack period to wait for metric ingestion before evaluating the alarm. + // Specify a string in ISO 8601 format (`PT10M` for ten minutes or `PT1H` + // for one hour). Minimum: PT3M. Maximum: PT2H. Default: PT3M. + // For more information about the slack period, see + // About the Internal Reset Period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#reset). + EvaluationSlackDuration *string `mandatory:"false" json:"evaluationSlackDuration"` + + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"false" json:"alarmSummary"` + + // Resource group that you want to match. A null value returns only metric data that has no resource groups. The specified resource group must exist in the definition of the posted metric. Only one resource group can be applied per metric. + // A valid resourceGroup value starts with an alphabetical character and includes only alphanumeric characters, periods (.), underscores (_), hyphens (-), and dollar signs ($). + // Example: `frontend-fleet` + ResourceGroup *string `mandatory:"false" json:"resourceGroup"` } func (m AlarmSummary) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression.go index 3419eec859..2cc28a200c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression.go @@ -19,7 +19,7 @@ import ( "strings" ) -// AlarmSuppression The configuration details for a dimension-specific alarm suppression. +// AlarmSuppression The configuration details for an alarm suppression. type AlarmSuppression struct { // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the alarm suppression. @@ -30,13 +30,14 @@ type AlarmSuppression struct { AlarmSuppressionTarget AlarmSuppressionTarget `mandatory:"true" json:"alarmSuppressionTarget"` + // The level of this alarm suppression. + // `ALARM` indicates a suppression of the entire alarm, regardless of dimension. + // `DIMENSION` indicates a suppression configured for specified dimensions. + Level AlarmSuppressionLevelEnum `mandatory:"true" json:"level"` + // A user-friendly name for the alarm suppression. It does not have to be unique, and it's changeable. Avoid entering confidential information. DisplayName *string `mandatory:"true" json:"displayName"` - // Configured dimension filter for suppressing alarm state entries that include the set of specified dimension key-value pairs. - // Example: `{"resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}` - Dimensions map[string]string `mandatory:"true" json:"dimensions"` - // The start date and time for the suppression to take place, inclusive. Format defined by RFC3339. // Example: `2018-02-01T01:02:29.600Z` TimeSuppressFrom *common.SDKTime `mandatory:"true" json:"timeSuppressFrom"` @@ -57,6 +58,14 @@ type AlarmSuppression struct { // Example: `2018-02-03T01:02:29.600Z` TimeUpdated *common.SDKTime `mandatory:"true" json:"timeUpdated"` + // Array of all preconditions for alarm suppression. + // Example: `[{ + // conditionType: "RECURRENCE", + // suppressionRecurrence: "FRQ=DAILY;BYHOUR=10", + // suppressionDuration: "PT1H" + // }]` + SuppressionConditions []SuppressionCondition `mandatory:"false" json:"suppressionConditions"` + // Human-readable reason for this alarm suppression. // It does not have to be unique, and it's changeable. // Avoid entering confidential information. @@ -65,6 +74,10 @@ type AlarmSuppression struct { // Example: `Planned outage due to change IT-1234.` Description *string `mandatory:"false" json:"description"` + // Configured dimension filter for suppressing alarm state entries that include the set of specified dimension key-value pairs. + // Example: `{"resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}` + Dimensions map[string]string `mandatory:"false" json:"dimensions"` + // Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` @@ -83,6 +96,9 @@ func (m AlarmSuppression) String() string { // Not recommended for calling this function directly func (m AlarmSuppression) ValidateEnumValue() (bool, error) { errMessage := []string{} + if _, ok := GetMappingAlarmSuppressionLevelEnum(string(m.Level)); !ok && m.Level != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Level: %s. Supported values are: %s.", m.Level, strings.Join(GetAlarmSuppressionLevelEnumStringValues(), ","))) + } if _, ok := GetMappingAlarmSuppressionLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetAlarmSuppressionLifecycleStateEnumStringValues(), ","))) } @@ -96,14 +112,16 @@ func (m AlarmSuppression) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *AlarmSuppression) UnmarshalJSON(data []byte) (e error) { model := struct { + SuppressionConditions []suppressioncondition `json:"suppressionConditions"` Description *string `json:"description"` + Dimensions map[string]string `json:"dimensions"` FreeformTags map[string]string `json:"freeformTags"` DefinedTags map[string]map[string]interface{} `json:"definedTags"` Id *string `json:"id"` CompartmentId *string `json:"compartmentId"` AlarmSuppressionTarget alarmsuppressiontarget `json:"alarmSuppressionTarget"` + Level AlarmSuppressionLevelEnum `json:"level"` DisplayName *string `json:"displayName"` - Dimensions map[string]string `json:"dimensions"` TimeSuppressFrom *common.SDKTime `json:"timeSuppressFrom"` TimeSuppressUntil *common.SDKTime `json:"timeSuppressUntil"` LifecycleState AlarmSuppressionLifecycleStateEnum `json:"lifecycleState"` @@ -116,8 +134,22 @@ func (m *AlarmSuppression) UnmarshalJSON(data []byte) (e error) { return } var nn interface{} + m.SuppressionConditions = make([]SuppressionCondition, len(model.SuppressionConditions)) + for i, n := range model.SuppressionConditions { + nn, e = n.UnmarshalPolymorphicJSON(n.JsonData) + if e != nil { + return e + } + if nn != nil { + m.SuppressionConditions[i] = nn.(SuppressionCondition) + } else { + m.SuppressionConditions[i] = nil + } + } m.Description = model.Description + m.Dimensions = model.Dimensions + m.FreeformTags = model.FreeformTags m.DefinedTags = model.DefinedTags @@ -136,9 +168,9 @@ func (m *AlarmSuppression) UnmarshalJSON(data []byte) (e error) { m.AlarmSuppressionTarget = nil } - m.DisplayName = model.DisplayName + m.Level = model.Level - m.Dimensions = model.Dimensions + m.DisplayName = model.DisplayName m.TimeSuppressFrom = model.TimeSuppressFrom @@ -153,6 +185,48 @@ func (m *AlarmSuppression) UnmarshalJSON(data []byte) (e error) { return } +// AlarmSuppressionLevelEnum Enum with underlying type: string +type AlarmSuppressionLevelEnum string + +// Set of constants representing the allowable values for AlarmSuppressionLevelEnum +const ( + AlarmSuppressionLevelAlarm AlarmSuppressionLevelEnum = "ALARM" + AlarmSuppressionLevelDimension AlarmSuppressionLevelEnum = "DIMENSION" +) + +var mappingAlarmSuppressionLevelEnum = map[string]AlarmSuppressionLevelEnum{ + "ALARM": AlarmSuppressionLevelAlarm, + "DIMENSION": AlarmSuppressionLevelDimension, +} + +var mappingAlarmSuppressionLevelEnumLowerCase = map[string]AlarmSuppressionLevelEnum{ + "alarm": AlarmSuppressionLevelAlarm, + "dimension": AlarmSuppressionLevelDimension, +} + +// GetAlarmSuppressionLevelEnumValues Enumerates the set of values for AlarmSuppressionLevelEnum +func GetAlarmSuppressionLevelEnumValues() []AlarmSuppressionLevelEnum { + values := make([]AlarmSuppressionLevelEnum, 0) + for _, v := range mappingAlarmSuppressionLevelEnum { + values = append(values, v) + } + return values +} + +// GetAlarmSuppressionLevelEnumStringValues Enumerates the set of values in String for AlarmSuppressionLevelEnum +func GetAlarmSuppressionLevelEnumStringValues() []string { + return []string{ + "ALARM", + "DIMENSION", + } +} + +// GetMappingAlarmSuppressionLevelEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingAlarmSuppressionLevelEnum(val string) (AlarmSuppressionLevelEnum, bool) { + enum, ok := mappingAlarmSuppressionLevelEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + // AlarmSuppressionLifecycleStateEnum Enum with underlying type: string type AlarmSuppressionLifecycleStateEnum string diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_collection.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_collection.go index 3413087206..94ab763d22 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_collection.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_collection.go @@ -18,10 +18,10 @@ import ( "strings" ) -// AlarmSuppressionCollection Collection of property summaries for dimension-specific alarm suppressions. +// AlarmSuppressionCollection Collection of property summaries for alarm suppressions. type AlarmSuppressionCollection struct { - // List of property summaries for dimension-specific alarm suppressions. + // List of property summaries for alarm suppressions. Items []AlarmSuppressionSummary `mandatory:"true" json:"items"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_compartment_target.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_compartment_target.go new file mode 100644 index 0000000000..54178d3786 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_compartment_target.go @@ -0,0 +1,65 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Monitoring API +// +// Use the Monitoring API to manage metric queries and alarms for assessing the health, capacity, and performance of your cloud resources. +// Endpoints vary by operation. For PostMetricData, use the `telemetry-ingestion` endpoints; for all other operations, use the `telemetry` endpoints. +// For more information, see +// the Monitoring documentation (https://docs.cloud.oracle.com/iaas/Content/Monitoring/home.htm). +// + +package monitoring + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// AlarmSuppressionCompartmentTarget The compartment target of the alarm suppression. +type AlarmSuppressionCompartmentTarget struct { + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment or tenancy that is the + // target of the alarm suppression. + // Example: `ocid1.compartment.oc1..exampleuniqueID` + CompartmentId *string `mandatory:"true" json:"compartmentId"` + + // When true, the alarm suppression targets all alarms under all compartments and subcompartments of + // the tenancy specified. The parameter can only be set to true when compartmentId is the tenancy OCID + // (the tenancy is the root compartment). When false, the alarm suppression targets only the alarms under + // the specified compartment. + CompartmentIdInSubtree *bool `mandatory:"false" json:"compartmentIdInSubtree"` +} + +func (m AlarmSuppressionCompartmentTarget) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m AlarmSuppressionCompartmentTarget) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m AlarmSuppressionCompartmentTarget) MarshalJSON() (buff []byte, e error) { + type MarshalTypeAlarmSuppressionCompartmentTarget AlarmSuppressionCompartmentTarget + s := struct { + DiscriminatorParam string `json:"targetType"` + MarshalTypeAlarmSuppressionCompartmentTarget + }{ + "COMPARTMENT", + (MarshalTypeAlarmSuppressionCompartmentTarget)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_history_item.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_history_item.go index d6abfece38..4e01aac5bf 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_history_item.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_history_item.go @@ -54,6 +54,14 @@ type AlarmSuppressionHistoryItem struct { // Configured dimension filter for suppressing alarm state entries that include the set of specified dimension key-value pairs. // Example: `{"resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}` Dimensions map[string]string `mandatory:"false" json:"dimensions"` + + // Array of all preconditions for alarm suppression. + // Example: `[{ + // conditionType: "RECURRENCE", + // suppressionRecurrence: "FRQ=DAILY;BYHOUR=10", + // suppressionDuration: "PT1H" + // }]` + SuppressionConditions []SuppressionCondition `mandatory:"false" json:"suppressionConditions"` } func (m AlarmSuppressionHistoryItem) String() string { @@ -80,6 +88,7 @@ func (m *AlarmSuppressionHistoryItem) UnmarshalJSON(data []byte) (e error) { model := struct { Description *string `json:"description"` Dimensions map[string]string `json:"dimensions"` + SuppressionConditions []suppressioncondition `json:"suppressionConditions"` SuppressionId *string `json:"suppressionId"` AlarmSuppressionTarget alarmsuppressiontarget `json:"alarmSuppressionTarget"` Level AlarmSuppressionHistoryItemLevelEnum `json:"level"` @@ -97,6 +106,18 @@ func (m *AlarmSuppressionHistoryItem) UnmarshalJSON(data []byte) (e error) { m.Dimensions = model.Dimensions + m.SuppressionConditions = make([]SuppressionCondition, len(model.SuppressionConditions)) + for i, n := range model.SuppressionConditions { + nn, e = n.UnmarshalPolymorphicJSON(n.JsonData) + if e != nil { + return e + } + if nn != nil { + m.SuppressionConditions[i] = nn.(SuppressionCondition) + } else { + m.SuppressionConditions[i] = nil + } + } m.SuppressionId = model.SuppressionId nn, e = model.AlarmSuppressionTarget.UnmarshalPolymorphicJSON(model.AlarmSuppressionTarget.JsonData) diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_summary.go index 8f963ffcb8..c8a0fb6ec1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_summary.go @@ -19,7 +19,7 @@ import ( "strings" ) -// AlarmSuppressionSummary A summary of properties for the specified dimension-specific alarm suppression. +// AlarmSuppressionSummary A summary of properties for the specified alarm suppression. type AlarmSuppressionSummary struct { // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the alarm suppression. @@ -30,13 +30,14 @@ type AlarmSuppressionSummary struct { AlarmSuppressionTarget AlarmSuppressionTarget `mandatory:"true" json:"alarmSuppressionTarget"` + // The level of this alarm suppression. + // `ALARM` indicates a suppression of the entire alarm, regardless of dimension. + // `DIMENSION` indicates a suppression configured for specified dimensions. + Level AlarmSuppressionLevelEnum `mandatory:"true" json:"level"` + // A user-friendly name for the alarm suppression. It does not have to be unique, and it's changeable. Avoid entering confidential information. DisplayName *string `mandatory:"true" json:"displayName"` - // Configured dimension filter for suppressing alarm state entries that include the set of specified dimension key-value pairs. - // Example: `{"resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}` - Dimensions map[string]string `mandatory:"true" json:"dimensions"` - // The start date and time for the suppression to take place, inclusive. Format defined by RFC3339. // Example: `2023-02-01T01:02:29.600Z` TimeSuppressFrom *common.SDKTime `mandatory:"true" json:"timeSuppressFrom"` @@ -57,6 +58,14 @@ type AlarmSuppressionSummary struct { // Example: `2023-02-03T01:02:29.600Z` TimeUpdated *common.SDKTime `mandatory:"true" json:"timeUpdated"` + // Array of all preconditions for alarm suppression. + // Example: `[{ + // conditionType: "RECURRENCE", + // suppressionRecurrence: "FRQ=DAILY;BYHOUR=10", + // suppressionDuration: "PT1H" + // }]` + SuppressionConditions []SuppressionCondition `mandatory:"false" json:"suppressionConditions"` + // Human-readable reason for this alarm suppression. // It does not have to be unique, and it's changeable. // Avoid entering confidential information. @@ -65,6 +74,10 @@ type AlarmSuppressionSummary struct { // Example: `Planned outage due to change IT-1234.` Description *string `mandatory:"false" json:"description"` + // Configured dimension filter for suppressing alarm state entries that include the set of specified dimension key-value pairs. + // Example: `{"resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}` + Dimensions map[string]string `mandatory:"false" json:"dimensions"` + // Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. // Example: `{"bar-key": "value"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` @@ -83,6 +96,9 @@ func (m AlarmSuppressionSummary) String() string { // Not recommended for calling this function directly func (m AlarmSuppressionSummary) ValidateEnumValue() (bool, error) { errMessage := []string{} + if _, ok := GetMappingAlarmSuppressionLevelEnum(string(m.Level)); !ok && m.Level != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Level: %s. Supported values are: %s.", m.Level, strings.Join(GetAlarmSuppressionLevelEnumStringValues(), ","))) + } if _, ok := GetMappingAlarmSuppressionLifecycleStateEnum(string(m.LifecycleState)); !ok && m.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", m.LifecycleState, strings.Join(GetAlarmSuppressionLifecycleStateEnumStringValues(), ","))) } @@ -96,14 +112,16 @@ func (m AlarmSuppressionSummary) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *AlarmSuppressionSummary) UnmarshalJSON(data []byte) (e error) { model := struct { + SuppressionConditions []suppressioncondition `json:"suppressionConditions"` Description *string `json:"description"` + Dimensions map[string]string `json:"dimensions"` FreeformTags map[string]string `json:"freeformTags"` DefinedTags map[string]map[string]interface{} `json:"definedTags"` Id *string `json:"id"` CompartmentId *string `json:"compartmentId"` AlarmSuppressionTarget alarmsuppressiontarget `json:"alarmSuppressionTarget"` + Level AlarmSuppressionLevelEnum `json:"level"` DisplayName *string `json:"displayName"` - Dimensions map[string]string `json:"dimensions"` TimeSuppressFrom *common.SDKTime `json:"timeSuppressFrom"` TimeSuppressUntil *common.SDKTime `json:"timeSuppressUntil"` LifecycleState AlarmSuppressionLifecycleStateEnum `json:"lifecycleState"` @@ -116,8 +134,22 @@ func (m *AlarmSuppressionSummary) UnmarshalJSON(data []byte) (e error) { return } var nn interface{} + m.SuppressionConditions = make([]SuppressionCondition, len(model.SuppressionConditions)) + for i, n := range model.SuppressionConditions { + nn, e = n.UnmarshalPolymorphicJSON(n.JsonData) + if e != nil { + return e + } + if nn != nil { + m.SuppressionConditions[i] = nn.(SuppressionCondition) + } else { + m.SuppressionConditions[i] = nil + } + } m.Description = model.Description + m.Dimensions = model.Dimensions + m.FreeformTags = model.FreeformTags m.DefinedTags = model.DefinedTags @@ -136,9 +168,9 @@ func (m *AlarmSuppressionSummary) UnmarshalJSON(data []byte) (e error) { m.AlarmSuppressionTarget = nil } - m.DisplayName = model.DisplayName + m.Level = model.Level - m.Dimensions = model.Dimensions + m.DisplayName = model.DisplayName m.TimeSuppressFrom = model.TimeSuppressFrom diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_target.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_target.go index 767af5c738..e56f123178 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_target.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/alarm_suppression_target.go @@ -57,6 +57,10 @@ func (m *alarmsuppressiontarget) UnmarshalPolymorphicJSON(data []byte) (interfac mm := AlarmSuppressionAlarmTarget{} err = json.Unmarshal(data, &mm) return mm, err + case "COMPARTMENT": + mm := AlarmSuppressionCompartmentTarget{} + err = json.Unmarshal(data, &mm) + return mm, err default: common.Logf("Recieved unsupported enum value for AlarmSuppressionTarget: %s.", m.TargetType) return *m, nil @@ -84,15 +88,18 @@ type AlarmSuppressionTargetTargetTypeEnum string // Set of constants representing the allowable values for AlarmSuppressionTargetTargetTypeEnum const ( - AlarmSuppressionTargetTargetTypeAlarm AlarmSuppressionTargetTargetTypeEnum = "ALARM" + AlarmSuppressionTargetTargetTypeAlarm AlarmSuppressionTargetTargetTypeEnum = "ALARM" + AlarmSuppressionTargetTargetTypeCompartment AlarmSuppressionTargetTargetTypeEnum = "COMPARTMENT" ) var mappingAlarmSuppressionTargetTargetTypeEnum = map[string]AlarmSuppressionTargetTargetTypeEnum{ - "ALARM": AlarmSuppressionTargetTargetTypeAlarm, + "ALARM": AlarmSuppressionTargetTargetTypeAlarm, + "COMPARTMENT": AlarmSuppressionTargetTargetTypeCompartment, } var mappingAlarmSuppressionTargetTargetTypeEnumLowerCase = map[string]AlarmSuppressionTargetTargetTypeEnum{ - "alarm": AlarmSuppressionTargetTargetTypeAlarm, + "alarm": AlarmSuppressionTargetTargetTypeAlarm, + "compartment": AlarmSuppressionTargetTargetTypeCompartment, } // GetAlarmSuppressionTargetTargetTypeEnumValues Enumerates the set of values for AlarmSuppressionTargetTargetTypeEnum @@ -108,6 +115,7 @@ func GetAlarmSuppressionTargetTargetTypeEnumValues() []AlarmSuppressionTargetTar func GetAlarmSuppressionTargetTargetTypeEnumStringValues() []string { return []string{ "ALARM", + "COMPARTMENT", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_details.go index 18b17d22c2..b17f2a1fda 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_details.go @@ -44,7 +44,10 @@ type CreateAlarmDetails struct { // rule condition has been met. The query must specify a metric, statistic, interval, and trigger // rule (threshold or absence). Supported values for interval depend on the specified time range. More // interval values are supported for smaller time ranges. You can optionally - // specify dimensions and grouping functions. Supported grouping functions: `grouping()`, `groupBy()`. + // specify dimensions and grouping functions. + // Also, you can customize the + // absence detection period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/create-edit-alarm-query-absence-detection-period.htm). + // Supported grouping functions: `grouping()`, `groupBy()`. // For information about writing MQL expressions, see // Editing the MQL Expression for a Query (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/query-metric-mql.htm). // For details about MQL, see @@ -59,6 +62,12 @@ type CreateAlarmDetails struct { // ----- // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent() // ----- + // Example of absence alarm with custom absence detection period of 20 hours: + // ----- + // + // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent(20h) + // + // ----- Query *string `mandatory:"true" json:"query"` // The perceived type of response required when the alarm is in the "FIRING" state. @@ -106,7 +115,9 @@ type CreateAlarmDetails struct { // Example: `PT5M` PendingDuration *string `mandatory:"false" json:"pendingDuration"` - // The human-readable content of the delivered alarm notification. Oracle recommends providing guidance + // The human-readable content of the delivered alarm notification. + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // Oracle recommends providing guidance // to operators for resolving the alarm condition. Consider adding links to standard runbook // practices. Avoid entering confidential information. // Example: `High CPU usage alert. Follow runbook instructions for resolution.` @@ -140,6 +151,40 @@ type CreateAlarmDetails struct { // Usage of predefined tag keys. These predefined keys are scoped to namespaces. // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // A set of overrides that control evaluations of the alarm. + // Each override can specify values for query, severity, body, and pending duration. + // When an alarm contains overrides, the Monitoring service evaluates each override in order, beginning with the first override in the array (index position `0`), + // and then evaluates the alarm's base values (`ruleName` value of `BASE`). + Overrides []AlarmOverride `mandatory:"false" json:"overrides"` + + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"false" json:"ruleName"` + + // The version of the alarm notification to be delivered. Allowed value: `1.X` + // The value must start with a number (up to four digits), followed by a period and an uppercase X. + NotificationVersion *string `mandatory:"false" json:"notificationVersion"` + + // Customizable notification title (`title` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The notification title appears as the subject line in a formatted email message and as the title in a Slack message. + NotificationTitle *string `mandatory:"false" json:"notificationTitle"` + + // Customizable slack period to wait for metric ingestion before evaluating the alarm. + // Specify a string in ISO 8601 format (`PT10M` for ten minutes or `PT1H` + // for one hour). Minimum: PT3M. Maximum: PT2H. Default: PT3M. + // For more information about the slack period, see + // About the Internal Reset Period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#reset). + EvaluationSlackDuration *string `mandatory:"false" json:"evaluationSlackDuration"` + + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"false" json:"alarmSummary"` } func (m CreateAlarmDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_suppression_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_suppression_details.go index c03c9b4320..26d4d04ff3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_suppression_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/create_alarm_suppression_details.go @@ -19,23 +19,13 @@ import ( "strings" ) -// CreateAlarmSuppressionDetails The configuration details for creating a dimension-specific alarm suppression. +// CreateAlarmSuppressionDetails The configuration details for creating an alarm suppression. type CreateAlarmSuppressionDetails struct { AlarmSuppressionTarget AlarmSuppressionTarget `mandatory:"true" json:"alarmSuppressionTarget"` // A user-friendly name for the alarm suppression. It does not have to be unique, and it's changeable. Avoid entering confidential information. DisplayName *string `mandatory:"true" json:"displayName"` - // A filter to suppress only alarm state entries that include the set of specified dimension key-value pairs. - // If you specify {"availabilityDomain": "phx-ad-1"} - // and the alarm state entry corresponds to the set {"availabilityDomain": "phx-ad-1" and "resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}, - // then this alarm will be included for suppression. - // The value cannot be an empty object. - // Only a single value is allowed per key. No grouping of multiple values is allowed under the same key. - // Maximum characters (after serialization): 4000. This maximum satisfies typical use cases. - // The response for an exceeded maximum is `HTTP 400` with an "dimensions values are too long" message. - Dimensions map[string]string `mandatory:"true" json:"dimensions"` - // The start date and time for the suppression to take place, inclusive. Format defined by RFC3339. // Example: `2023-02-01T01:02:29.600Z` TimeSuppressFrom *common.SDKTime `mandatory:"true" json:"timeSuppressFrom"` @@ -44,6 +34,12 @@ type CreateAlarmSuppressionDetails struct { // Example: `2023-02-01T02:02:29.600Z` TimeSuppressUntil *common.SDKTime `mandatory:"true" json:"timeSuppressUntil"` + // The level of this alarm suppression. + // `ALARM` indicates a suppression of the entire alarm, regardless of dimension. + // `DIMENSION` indicates a suppression configured for specified dimensions. + // Defaut: `DIMENSION` + Level AlarmSuppressionLevelEnum `mandatory:"false" json:"level,omitempty"` + // Human-readable reason for this alarm suppression. // It does not have to be unique, and it's changeable. // Avoid entering confidential information. @@ -52,6 +48,16 @@ type CreateAlarmSuppressionDetails struct { // Example: `Planned outage due to change IT-1234.` Description *string `mandatory:"false" json:"description"` + // A filter to suppress only alarm state entries that include the set of specified dimension key-value pairs. + // If you specify {"availabilityDomain": "phx-ad-1"} + // and the alarm state entry corresponds to the set {"availabilityDomain": "phx-ad-1" and "resourceId": "ocid1.instance.region1.phx.exampleuniqueID"}, + // then this alarm will be included for suppression. + // This is required only when the value of level is `DIMENSION`. If required, the value cannot be an empty object. + // Only a single value is allowed per key. No grouping of multiple values is allowed under the same key. + // Maximum characters (after serialization): 4000. This maximum satisfies typical use cases. + // The response for an exceeded maximum is `HTTP 400` with an "dimensions values are too long" message. + Dimensions map[string]string `mandatory:"false" json:"dimensions"` + // Simple key-value pair that is applied without any predefined name, type or scope. Exists for cross-compatibility only. // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` @@ -59,6 +65,14 @@ type CreateAlarmSuppressionDetails struct { // Usage of predefined tag keys. These predefined keys are scoped to namespaces. // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // Array of all preconditions for alarm suppression. + // Example: `[{ + // conditionType: "RECURRENCE", + // suppressionRecurrence: "FRQ=DAILY;BYHOUR=10", + // suppressionDuration: "PT1H" + // }]` + SuppressionConditions []SuppressionCondition `mandatory:"false" json:"suppressionConditions"` } func (m CreateAlarmSuppressionDetails) String() string { @@ -71,6 +85,9 @@ func (m CreateAlarmSuppressionDetails) String() string { func (m CreateAlarmSuppressionDetails) ValidateEnumValue() (bool, error) { errMessage := []string{} + if _, ok := GetMappingAlarmSuppressionLevelEnum(string(m.Level)); !ok && m.Level != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Level: %s. Supported values are: %s.", m.Level, strings.Join(GetAlarmSuppressionLevelEnumStringValues(), ","))) + } if len(errMessage) > 0 { return true, fmt.Errorf(strings.Join(errMessage, "\n")) } @@ -80,12 +97,14 @@ func (m CreateAlarmSuppressionDetails) ValidateEnumValue() (bool, error) { // UnmarshalJSON unmarshals from json func (m *CreateAlarmSuppressionDetails) UnmarshalJSON(data []byte) (e error) { model := struct { + Level AlarmSuppressionLevelEnum `json:"level"` Description *string `json:"description"` + Dimensions map[string]string `json:"dimensions"` FreeformTags map[string]string `json:"freeformTags"` DefinedTags map[string]map[string]interface{} `json:"definedTags"` + SuppressionConditions []suppressioncondition `json:"suppressionConditions"` AlarmSuppressionTarget alarmsuppressiontarget `json:"alarmSuppressionTarget"` DisplayName *string `json:"displayName"` - Dimensions map[string]string `json:"dimensions"` TimeSuppressFrom *common.SDKTime `json:"timeSuppressFrom"` TimeSuppressUntil *common.SDKTime `json:"timeSuppressUntil"` }{} @@ -95,12 +114,28 @@ func (m *CreateAlarmSuppressionDetails) UnmarshalJSON(data []byte) (e error) { return } var nn interface{} + m.Level = model.Level + m.Description = model.Description + m.Dimensions = model.Dimensions + m.FreeformTags = model.FreeformTags m.DefinedTags = model.DefinedTags + m.SuppressionConditions = make([]SuppressionCondition, len(model.SuppressionConditions)) + for i, n := range model.SuppressionConditions { + nn, e = n.UnmarshalPolymorphicJSON(n.JsonData) + if e != nil { + return e + } + if nn != nil { + m.SuppressionConditions[i] = nn.(SuppressionCondition) + } else { + m.SuppressionConditions[i] = nil + } + } nn, e = model.AlarmSuppressionTarget.UnmarshalPolymorphicJSON(model.AlarmSuppressionTarget.JsonData) if e != nil { return @@ -113,8 +148,6 @@ func (m *CreateAlarmSuppressionDetails) UnmarshalJSON(data []byte) (e error) { m.DisplayName = model.DisplayName - m.Dimensions = model.Dimensions - m.TimeSuppressFrom = model.TimeSuppressFrom m.TimeSuppressUntil = model.TimeSuppressUntil diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/get_alarm_history_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/get_alarm_history_request_response.go index 881da2f43f..1386d75a8f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/get_alarm_history_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/get_alarm_history_request_response.go @@ -25,8 +25,9 @@ type GetAlarmHistoryRequest struct { // request, please provide the complete request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` - // The type of history entries to retrieve. State history (STATE_HISTORY) or state transition history (STATE_TRANSITION_HISTORY). - // If not specified, entries of both types are retrieved. + // The type of history entries to retrieve. + // State history (STATE_HISTORY), state transition history (STATE_TRANSITION_HISTORY), rule history (RULE_HISTORY) or rule transition history (RULE_TRANSITION_HISTORY). + // If not specified, entries of all types are retrieved. // Example: `STATE_HISTORY` AlarmHistorytype GetAlarmHistoryAlarmHistorytypeEnum `mandatory:"false" contributesTo:"query" name:"alarmHistorytype" omitEmpty:"true"` @@ -128,18 +129,24 @@ type GetAlarmHistoryAlarmHistorytypeEnum string // Set of constants representing the allowable values for GetAlarmHistoryAlarmHistorytypeEnum const ( - GetAlarmHistoryAlarmHistorytypeHistory GetAlarmHistoryAlarmHistorytypeEnum = "STATE_HISTORY" - GetAlarmHistoryAlarmHistorytypeTransitionHistory GetAlarmHistoryAlarmHistorytypeEnum = "STATE_TRANSITION_HISTORY" + GetAlarmHistoryAlarmHistorytypeStateHistory GetAlarmHistoryAlarmHistorytypeEnum = "STATE_HISTORY" + GetAlarmHistoryAlarmHistorytypeStateTransitionHistory GetAlarmHistoryAlarmHistorytypeEnum = "STATE_TRANSITION_HISTORY" + GetAlarmHistoryAlarmHistorytypeRuleHistory GetAlarmHistoryAlarmHistorytypeEnum = "RULE_HISTORY" + GetAlarmHistoryAlarmHistorytypeRuleTransitionHistory GetAlarmHistoryAlarmHistorytypeEnum = "RULE_TRANSITION_HISTORY" ) var mappingGetAlarmHistoryAlarmHistorytypeEnum = map[string]GetAlarmHistoryAlarmHistorytypeEnum{ - "STATE_HISTORY": GetAlarmHistoryAlarmHistorytypeHistory, - "STATE_TRANSITION_HISTORY": GetAlarmHistoryAlarmHistorytypeTransitionHistory, + "STATE_HISTORY": GetAlarmHistoryAlarmHistorytypeStateHistory, + "STATE_TRANSITION_HISTORY": GetAlarmHistoryAlarmHistorytypeStateTransitionHistory, + "RULE_HISTORY": GetAlarmHistoryAlarmHistorytypeRuleHistory, + "RULE_TRANSITION_HISTORY": GetAlarmHistoryAlarmHistorytypeRuleTransitionHistory, } var mappingGetAlarmHistoryAlarmHistorytypeEnumLowerCase = map[string]GetAlarmHistoryAlarmHistorytypeEnum{ - "state_history": GetAlarmHistoryAlarmHistorytypeHistory, - "state_transition_history": GetAlarmHistoryAlarmHistorytypeTransitionHistory, + "state_history": GetAlarmHistoryAlarmHistorytypeStateHistory, + "state_transition_history": GetAlarmHistoryAlarmHistorytypeStateTransitionHistory, + "rule_history": GetAlarmHistoryAlarmHistorytypeRuleHistory, + "rule_transition_history": GetAlarmHistoryAlarmHistorytypeRuleTransitionHistory, } // GetGetAlarmHistoryAlarmHistorytypeEnumValues Enumerates the set of values for GetAlarmHistoryAlarmHistorytypeEnum @@ -156,6 +163,8 @@ func GetGetAlarmHistoryAlarmHistorytypeEnumStringValues() []string { return []string{ "STATE_HISTORY", "STATE_TRANSITION_HISTORY", + "RULE_HISTORY", + "RULE_TRANSITION_HISTORY", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/list_alarm_suppressions_request_response.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/list_alarm_suppressions_request_response.go index dbda2b75ce..83a7543eda 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/list_alarm_suppressions_request_response.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/list_alarm_suppressions_request_response.go @@ -18,21 +18,52 @@ import ( // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/monitoring/ListAlarmSuppressions.go.html to see an example of how to use ListAlarmSuppressionsRequest. type ListAlarmSuppressionsRequest struct { - // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the alarm that is the target of the alarm suppression. - AlarmId *string `mandatory:"true" contributesTo:"query" name:"alarmId"` - // Customer part of the request identifier token. If you need to contact Oracle about a particular // request, please provide the complete request ID. OpcRequestId *string `mandatory:"false" contributesTo:"header" name:"opc-request-id"` + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the alarm that is the target of the alarm suppression. + AlarmId *string `mandatory:"false" contributesTo:"query" name:"alarmId"` + // A filter to return only resources that match the given display name exactly. - // Use this filter to list a alarm suppression by name. + // Use this filter to list an alarm suppression by name. // Alternatively, when you know the alarm suppression OCID, use the GetAlarmSuppression operation. DisplayName *string `mandatory:"false" contributesTo:"query" name:"displayName"` // A filter to return only resources that match the given lifecycle state exactly. When not specified, only resources in the ACTIVE lifecycle state are listed. LifecycleState AlarmSuppressionLifecycleStateEnum `mandatory:"false" contributesTo:"query" name:"lifecycleState" omitEmpty:"true"` + // The level of this alarm suppression. + // `ALARM` indicates a suppression of the entire alarm, regardless of dimension. + // `DIMENSION` indicates a suppression configured for specified dimensions. + Level AlarmSuppressionLevelEnum `mandatory:"false" contributesTo:"query" name:"level" omitEmpty:"true"` + + // The OCID (https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm) of the compartment for searching. + // Use the tenancy OCID to search in the root compartment. + // If targetType is not specified, searches all suppressions defined under the compartment. + // If targetType is `COMPARTMENT`, searches suppressions in the specified compartment only. + // Example: `ocid1.compartment.oc1..exampleuniqueID` + CompartmentId *string `mandatory:"false" contributesTo:"query" name:"compartmentId"` + + // When true, returns resources from all compartments and subcompartments. The parameter can + // only be set to true when compartmentId is the tenancy OCID (the tenancy is the root compartment). + // A true value requires the user to have tenancy-level permissions. If this requirement is not met, + // then the call is rejected. When false, returns resources from only the compartment specified in + // compartmentId. Default is false. + CompartmentIdInSubtree *bool `mandatory:"false" contributesTo:"query" name:"compartmentIdInSubtree"` + + // The target type to use when listing alarm suppressions. + // `ALARM` lists all suppression records for the specified alarm. + // `COMPARTMENT` lists all suppression records for the specified compartment or tenancy. + TargetType ListAlarmSuppressionsTargetTypeEnum `mandatory:"false" contributesTo:"query" name:"targetType" omitEmpty:"true"` + + // Setting this parameter to true requires the query to specify the alarm (`alarmId`). + // When true, lists all alarm suppressions that affect the specified alarm, + // including suppressions that target the corresponding compartment or tenancy. + // When false, lists only the alarm suppressions that target the specified alarm. + // Default is false. + IsAllSuppressions *bool `mandatory:"false" contributesTo:"query" name:"isAllSuppressions"` + // The field to use when sorting returned alarm suppressions. Only one sorting level is provided. // Example: `timeCreated` SortBy ListAlarmSuppressionsSortByEnum `mandatory:"false" contributesTo:"query" name:"sortBy" omitEmpty:"true"` @@ -92,6 +123,12 @@ func (request ListAlarmSuppressionsRequest) ValidateEnumValue() (bool, error) { if _, ok := GetMappingAlarmSuppressionLifecycleStateEnum(string(request.LifecycleState)); !ok && request.LifecycleState != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for LifecycleState: %s. Supported values are: %s.", request.LifecycleState, strings.Join(GetAlarmSuppressionLifecycleStateEnumStringValues(), ","))) } + if _, ok := GetMappingAlarmSuppressionLevelEnum(string(request.Level)); !ok && request.Level != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for Level: %s. Supported values are: %s.", request.Level, strings.Join(GetAlarmSuppressionLevelEnumStringValues(), ","))) + } + if _, ok := GetMappingListAlarmSuppressionsTargetTypeEnum(string(request.TargetType)); !ok && request.TargetType != "" { + errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for TargetType: %s. Supported values are: %s.", request.TargetType, strings.Join(GetListAlarmSuppressionsTargetTypeEnumStringValues(), ","))) + } if _, ok := GetMappingListAlarmSuppressionsSortByEnum(string(request.SortBy)); !ok && request.SortBy != "" { errMessage = append(errMessage, fmt.Sprintf("unsupported enum value for SortBy: %s. Supported values are: %s.", request.SortBy, strings.Join(GetListAlarmSuppressionsSortByEnumStringValues(), ","))) } @@ -137,6 +174,48 @@ func (response ListAlarmSuppressionsResponse) HTTPResponse() *http.Response { return response.RawResponse } +// ListAlarmSuppressionsTargetTypeEnum Enum with underlying type: string +type ListAlarmSuppressionsTargetTypeEnum string + +// Set of constants representing the allowable values for ListAlarmSuppressionsTargetTypeEnum +const ( + ListAlarmSuppressionsTargetTypeAlarm ListAlarmSuppressionsTargetTypeEnum = "ALARM" + ListAlarmSuppressionsTargetTypeCompartment ListAlarmSuppressionsTargetTypeEnum = "COMPARTMENT" +) + +var mappingListAlarmSuppressionsTargetTypeEnum = map[string]ListAlarmSuppressionsTargetTypeEnum{ + "ALARM": ListAlarmSuppressionsTargetTypeAlarm, + "COMPARTMENT": ListAlarmSuppressionsTargetTypeCompartment, +} + +var mappingListAlarmSuppressionsTargetTypeEnumLowerCase = map[string]ListAlarmSuppressionsTargetTypeEnum{ + "alarm": ListAlarmSuppressionsTargetTypeAlarm, + "compartment": ListAlarmSuppressionsTargetTypeCompartment, +} + +// GetListAlarmSuppressionsTargetTypeEnumValues Enumerates the set of values for ListAlarmSuppressionsTargetTypeEnum +func GetListAlarmSuppressionsTargetTypeEnumValues() []ListAlarmSuppressionsTargetTypeEnum { + values := make([]ListAlarmSuppressionsTargetTypeEnum, 0) + for _, v := range mappingListAlarmSuppressionsTargetTypeEnum { + values = append(values, v) + } + return values +} + +// GetListAlarmSuppressionsTargetTypeEnumStringValues Enumerates the set of values in String for ListAlarmSuppressionsTargetTypeEnum +func GetListAlarmSuppressionsTargetTypeEnumStringValues() []string { + return []string{ + "ALARM", + "COMPARTMENT", + } +} + +// GetMappingListAlarmSuppressionsTargetTypeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingListAlarmSuppressionsTargetTypeEnum(val string) (ListAlarmSuppressionsTargetTypeEnum, bool) { + enum, ok := mappingListAlarmSuppressionsTargetTypeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} + // ListAlarmSuppressionsSortByEnum Enum with underlying type: string type ListAlarmSuppressionsSortByEnum string diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/monitoring_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/monitoring_client.go index 908eec47a9..1b28044a0c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/monitoring_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/monitoring_client.go @@ -227,7 +227,10 @@ func (client MonitoringClient) createAlarm(ctx context.Context, request common.O return response, err } -// CreateAlarmSuppression Creates a dimension-specific suppression for an alarm. +// CreateAlarmSuppression Creates a new alarm suppression at the specified level (alarm-wide or dimension-specific). +// For more information, see +// Adding an Alarm-wide Suppression (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/add-alarm-suppression.htm) and +// Adding a Dimension-Specific Alarm Suppression (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/create-alarm-suppression.htm). // For important limits information, see // Limits on Monitoring (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#limits). // This call is subject to a Monitoring limit that applies to the total number of requests across all alarm operations. @@ -358,7 +361,9 @@ func (client MonitoringClient) deleteAlarm(ctx context.Context, request common.O return response, err } -// DeleteAlarmSuppression Deletes the specified alarm suppression. +// DeleteAlarmSuppression Deletes the specified alarm suppression. For more information, see +// Removing an Alarm-wide Suppression (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/remove-alarm-suppression.htm) and +// Removing a Dimension-Specific Alarm Suppression (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/delete-alarm-suppression.htm). // For important limits information, see // Limits on Monitoring (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#limits). // This call is subject to a Monitoring limit that applies to the total number of requests across all alarm operations. @@ -548,7 +553,8 @@ func (client MonitoringClient) getAlarmHistory(ctx context.Context, request comm return response, err } -// GetAlarmSuppression Gets the specified alarm suppression. +// GetAlarmSuppression Gets the specified alarm suppression. For more information, see +// Getting an Alarm-wide Suppression (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/get-alarm-suppression.htm). // For important limits information, see // Limits on Monitoring (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#limits). // This call is subject to a Monitoring limit that applies to the total number of requests across all alarm operations. @@ -610,8 +616,8 @@ func (client MonitoringClient) getAlarmSuppression(ctx context.Context, request return response, err } -// ListAlarmSuppressions Lists alarm suppressions for the specified alarm. -// Only dimension-level suppressions are listed. Alarm-level suppressions are not listed. +// ListAlarmSuppressions Lists alarm suppressions for the specified alarm. For more information, see +// Listing Alarm Suppressions (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/list-alarm-suppression.htm). // For important limits information, see // Limits on Monitoring (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#limits). // This call is subject to a Monitoring limit that applies to the total number of requests across all alarm operations. @@ -1077,7 +1083,8 @@ func (client MonitoringClient) retrieveDimensionStates(ctx context.Context, requ return response, err } -// SummarizeAlarmSuppressionHistory Returns history of suppressions for the specified alarm, including both dimension-specific and and alarm-wide suppressions. +// SummarizeAlarmSuppressionHistory Returns history of suppressions for the specified alarm, including both dimension-specific and and alarm-wide suppressions. For more information, see +// Getting Suppression History for an Alarm (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/summarize-alarm-suppression-history.htm). // For important limits information, see // Limits on Monitoring (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#limits). // This call is subject to a Monitoring limit that applies to the total number of requests across all alarm operations. diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/recurrence.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/recurrence.go new file mode 100644 index 0000000000..c5417b5e86 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/recurrence.go @@ -0,0 +1,65 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Monitoring API +// +// Use the Monitoring API to manage metric queries and alarms for assessing the health, capacity, and performance of your cloud resources. +// Endpoints vary by operation. For PostMetricData, use the `telemetry-ingestion` endpoints; for all other operations, use the `telemetry` endpoints. +// For more information, see +// the Monitoring documentation (https://docs.cloud.oracle.com/iaas/Content/Monitoring/home.htm). +// + +package monitoring + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// Recurrence Alarm suppression recurring schedule. Only one recurrence condition is supported within the list of preconditions for a suppression (`suppressionConditions`). +type Recurrence struct { + + // Frequency and start time of the recurring suppression. The format follows + // the iCalendar specification (RFC 5545, section 3.3.10) (https://datatracker.ietf.org/doc/html/rfc5545#section-3.3.10). + // Supported rule parts: + // * `FREQ`: Frequency of the recurring suppression: `WEEKLY` or `DAILY` only. + // * `BYDAY`: Comma separated days. Use with weekly suppressions only. Supported values: `MO`, `TU`, `WE`, `TH`, `FR`, `SA` ,`SU`. + // * `BYHOUR`, `BYMINUTE`, `BYSECOND`: Start time in UTC, after `timeSuppressFrom` value. Default is 00:00:00 UTC after `timeSuppressFrom`. + SuppressionRecurrence *string `mandatory:"true" json:"suppressionRecurrence"` + + // Duration of the recurring suppression. Specified as a string in ISO 8601 format. Minimum: `PT1M` (1 minute). Maximum: `PT24H` (24 hours). + SuppressionDuration *string `mandatory:"true" json:"suppressionDuration"` +} + +func (m Recurrence) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m Recurrence) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// MarshalJSON marshals to json representation +func (m Recurrence) MarshalJSON() (buff []byte, e error) { + type MarshalTypeRecurrence Recurrence + s := struct { + DiscriminatorParam string `json:"conditionType"` + MarshalTypeRecurrence + }{ + "RECURRENCE", + (MarshalTypeRecurrence)(m), + } + + return json.Marshal(&s) +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/suppression_condition.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/suppression_condition.go new file mode 100644 index 0000000000..2d9c28f884 --- /dev/null +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/suppression_condition.go @@ -0,0 +1,118 @@ +// Copyright (c) 2016, 2018, 2024, Oracle and/or its affiliates. All rights reserved. +// This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license. +// Code generated. DO NOT EDIT. + +// Monitoring API +// +// Use the Monitoring API to manage metric queries and alarms for assessing the health, capacity, and performance of your cloud resources. +// Endpoints vary by operation. For PostMetricData, use the `telemetry-ingestion` endpoints; for all other operations, use the `telemetry` endpoints. +// For more information, see +// the Monitoring documentation (https://docs.cloud.oracle.com/iaas/Content/Monitoring/home.htm). +// + +package monitoring + +import ( + "encoding/json" + "fmt" + "github.com/oracle/oci-go-sdk/v65/common" + "strings" +) + +// SuppressionCondition Precondition for an alarm suppression within the suppression date and time range (`timeSuppressFrom` to `timeSuppressUntil`). +type SuppressionCondition interface { +} + +type suppressioncondition struct { + JsonData []byte + ConditionType string `json:"conditionType"` +} + +// UnmarshalJSON unmarshals json +func (m *suppressioncondition) UnmarshalJSON(data []byte) error { + m.JsonData = data + type Unmarshalersuppressioncondition suppressioncondition + s := struct { + Model Unmarshalersuppressioncondition + }{} + err := json.Unmarshal(data, &s.Model) + if err != nil { + return err + } + m.ConditionType = s.Model.ConditionType + + return err +} + +// UnmarshalPolymorphicJSON unmarshals polymorphic json +func (m *suppressioncondition) UnmarshalPolymorphicJSON(data []byte) (interface{}, error) { + + if data == nil || string(data) == "null" { + return nil, nil + } + + var err error + switch m.ConditionType { + case "RECURRENCE": + mm := Recurrence{} + err = json.Unmarshal(data, &mm) + return mm, err + default: + common.Logf("Recieved unsupported enum value for SuppressionCondition: %s.", m.ConditionType) + return *m, nil + } +} + +func (m suppressioncondition) String() string { + return common.PointerString(m) +} + +// ValidateEnumValue returns an error when providing an unsupported enum value +// This function is being called during constructing API request process +// Not recommended for calling this function directly +func (m suppressioncondition) ValidateEnumValue() (bool, error) { + errMessage := []string{} + + if len(errMessage) > 0 { + return true, fmt.Errorf(strings.Join(errMessage, "\n")) + } + return false, nil +} + +// SuppressionConditionConditionTypeEnum Enum with underlying type: string +type SuppressionConditionConditionTypeEnum string + +// Set of constants representing the allowable values for SuppressionConditionConditionTypeEnum +const ( + SuppressionConditionConditionTypeRecurrence SuppressionConditionConditionTypeEnum = "RECURRENCE" +) + +var mappingSuppressionConditionConditionTypeEnum = map[string]SuppressionConditionConditionTypeEnum{ + "RECURRENCE": SuppressionConditionConditionTypeRecurrence, +} + +var mappingSuppressionConditionConditionTypeEnumLowerCase = map[string]SuppressionConditionConditionTypeEnum{ + "recurrence": SuppressionConditionConditionTypeRecurrence, +} + +// GetSuppressionConditionConditionTypeEnumValues Enumerates the set of values for SuppressionConditionConditionTypeEnum +func GetSuppressionConditionConditionTypeEnumValues() []SuppressionConditionConditionTypeEnum { + values := make([]SuppressionConditionConditionTypeEnum, 0) + for _, v := range mappingSuppressionConditionConditionTypeEnum { + values = append(values, v) + } + return values +} + +// GetSuppressionConditionConditionTypeEnumStringValues Enumerates the set of values in String for SuppressionConditionConditionTypeEnum +func GetSuppressionConditionConditionTypeEnumStringValues() []string { + return []string{ + "RECURRENCE", + } +} + +// GetMappingSuppressionConditionConditionTypeEnum performs case Insensitive comparison on enum value and return the desired enum +func GetMappingSuppressionConditionConditionTypeEnum(val string) (SuppressionConditionConditionTypeEnum, bool) { + enum, ok := mappingSuppressionConditionConditionTypeEnumLowerCase[strings.ToLower(val)] + return enum, ok +} diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/update_alarm_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/update_alarm_details.go index cb666e4c19..f390c3cfc3 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/update_alarm_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/monitoring/update_alarm_details.go @@ -58,7 +58,10 @@ type UpdateAlarmDetails struct { // rule condition has been met. The query must specify a metric, statistic, interval, and trigger // rule (threshold or absence). Supported values for interval depend on the specified time range. More // interval values are supported for smaller time ranges. You can optionally - // specify dimensions and grouping functions. Supported grouping functions: `grouping()`, `groupBy()`. + // specify dimensions and grouping functions. + // Also, you can customize the + // absence detection period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/create-edit-alarm-query-absence-detection-period.htm). + // Supported grouping functions: `grouping()`, `groupBy()`. // For information about writing MQL expressions, see // Editing the MQL Expression for a Query (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/query-metric-mql.htm). // For details about MQL, see @@ -73,6 +76,12 @@ type UpdateAlarmDetails struct { // ----- // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent() // ----- + // Example of absence alarm with custom absence detection period of 20 hours: + // ----- + // + // CpuUtilization[1m]{availabilityDomain="cumS:PHX-AD-1"}.absent(20h) + // + // ----- Query *string `mandatory:"false" json:"query"` // The time between calculated aggregation windows for the alarm. Supported value: `1m` @@ -95,7 +104,9 @@ type UpdateAlarmDetails struct { // Example: `CRITICAL` Severity AlarmSeverityEnum `mandatory:"false" json:"severity,omitempty"` - // The human-readable content of the delivered alarm notification. Oracle recommends providing guidance + // The human-readable content of the delivered alarm notification. + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // Oracle recommends providing guidance // to operators for resolving the alarm condition. Consider adding links to standard runbook // practices. Avoid entering confidential information. // Example: `High CPU usage alert. Follow runbook instructions for resolution.` @@ -139,6 +150,40 @@ type UpdateAlarmDetails struct { // Usage of predefined tag keys. These predefined keys are scoped to namespaces. // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // A set of overrides that control evaluations of the alarm. + // Each override can specify values for query, severity, body, and pending duration. + // When an alarm contains overrides, the Monitoring service evaluates each override in order, beginning with the first override in the array (index position `0`), + // and then evaluates the alarm's base values (`ruleName` value of `BASE`). + Overrides []AlarmOverride `mandatory:"false" json:"overrides"` + + // Identifier of the alarm's base values for alarm evaluation, for use when the alarm contains overrides. + // Default value is `BASE`. For information about alarm overrides, see AlarmOverride. + RuleName *string `mandatory:"false" json:"ruleName"` + + // The version of the alarm notification to be delivered. Allowed value: `1.X` + // The value must start with a number (up to four digits), followed by a period and an uppercase X. + NotificationVersion *string `mandatory:"false" json:"notificationVersion"` + + // Customizable notification title (`title` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The notification title appears as the subject line in a formatted email message and as the title in a Slack message. + NotificationTitle *string `mandatory:"false" json:"notificationTitle"` + + // Customizable slack period to wait for metric ingestion before evaluating the alarm. + // Specify a string in ISO 8601 format (`PT10M` for ten minutes or `PT1H` + // for one hour). Minimum: PT3M. Maximum: PT2H. Default: PT3M. + // For more information about the slack period, see + // About the Internal Reset Period (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Concepts/monitoringoverview.htm#reset). + EvaluationSlackDuration *string `mandatory:"false" json:"evaluationSlackDuration"` + + // Customizable alarm summary (`alarmSummary` alarm message parameter (https://docs.cloud.oracle.com/iaas/Content/Monitoring/alarm-message-format.htm)). + // Optionally include dynamic variables (https://docs.cloud.oracle.com/iaas/Content/Monitoring/Tasks/update-alarm-dynamic-variables.htm). + // The alarm summary appears within the body of the alarm message and in responses to + // ListAlarmsStatus + // GetAlarmHistory and + // RetrieveDimensionStates. + AlarmSummary *string `mandatory:"false" json:"alarmSummary"` } func (m UpdateAlarmDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set.go index 2ddf9c73c5..bdc8a7ae67 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set.go @@ -38,10 +38,17 @@ type BackendSet struct { // The value is true by default. IsPreserveSource *bool `mandatory:"false" json:"isPreserveSource"` + // If enabled, the network load balancer will continue to distribute traffic in the configured distribution in the event all backends are unhealthy. + // The value is false by default. + IsFailOpen *bool `mandatory:"false" json:"isFailOpen"` + + // If enabled existing connections will be forwarded to an alternative healthy backend as soon as current backend becomes unhealthy. + IsInstantFailoverEnabled *bool `mandatory:"false" json:"isInstantFailoverEnabled"` + // IP version associated with the backend set. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` - // Array of backends. + // An array of backends. Backends []Backend `mandatory:"false" json:"backends"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_details.go index 2005bee14c..dac452a982 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_details.go @@ -34,6 +34,13 @@ type BackendSetDetails struct { // The value is true by default. IsPreserveSource *bool `mandatory:"false" json:"isPreserveSource"` + // If enabled, the network load balancer will continue to distribute traffic in the configured distribution in the event all backends are unhealthy. + // The value is false by default. + IsFailOpen *bool `mandatory:"false" json:"isFailOpen"` + + // If enabled existing connections will be forwarded to an alternative healthy backend as soon as current backend becomes unhealthy. + IsInstantFailoverEnabled *bool `mandatory:"false" json:"isInstantFailoverEnabled"` + // An array of backends. Backends []Backend `mandatory:"false" json:"backends"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_summary.go index 89264c4af6..cb1886532a 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/backend_set_summary.go @@ -41,6 +41,13 @@ type BackendSetSummary struct { // The value is true by default. IsPreserveSource *bool `mandatory:"false" json:"isPreserveSource"` + // If enabled, the network load balancer will continue to distribute traffic in the configured distribution in the event all backends are unhealthy. + // The value is false by default. + IsFailOpen *bool `mandatory:"false" json:"isFailOpen"` + + // If enabled existing connections will be forwarded to an alternative healthy backend as soon as current backend becomes unhealthy. + IsInstantFailoverEnabled *bool `mandatory:"false" json:"isInstantFailoverEnabled"` + // IP version associated with the backend set. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_backend_set_details.go index a251884fda..11daa6a981 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_backend_set_details.go @@ -38,6 +38,13 @@ type CreateBackendSetDetails struct { // The value is true by default. IsPreserveSource *bool `mandatory:"false" json:"isPreserveSource"` + // If enabled, the network load balancer will continue to distribute traffic in the configured distribution in the event all backends are unhealthy. + // The value is false by default. + IsFailOpen *bool `mandatory:"false" json:"isFailOpen"` + + // If enabled existing connections will be forwarded to an alternative healthy backend as soon as current backend becomes unhealthy. + IsInstantFailoverEnabled *bool `mandatory:"false" json:"isInstantFailoverEnabled"` + // IP version associated with the backend set. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_listener_details.go index b9e0745c1e..b73698b96c 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_listener_details.go @@ -33,15 +33,29 @@ type CreateListenerDetails struct { Port *int `mandatory:"true" json:"port"` // The protocol on which the listener accepts connection requests. - // For public network load balancers, ANY protocol refers to TCP/UDP. + // For public network load balancers, ANY protocol refers to TCP/UDP with the wildcard port. // For private network load balancers, ANY protocol refers to TCP/UDP/ICMP (note that ICMP requires isPreserveSourceDestination to be set to true). - // To get a list of valid protocols, use the ListNetworkLoadBalancersProtocols - // operation. + // "ListNetworkLoadBalancersProtocols" API is deprecated and it will not return the updated values. Use the allowed values for the protocol instead. // Example: `TCP` Protocol ListenerProtocolsEnum `mandatory:"true" json:"protocol"` // IP version associated with the listener. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` + + // Property to enable/disable PPv2 feature for this listener. + IsPpv2Enabled *bool `mandatory:"false" json:"isPpv2Enabled"` + + // The duration for TCP idle timeout in seconds. + // Example: `300` + TcpIdleTimeout *int `mandatory:"false" json:"tcpIdleTimeout"` + + // The duration for UDP idle timeout in seconds. + // Example: `120` + UdpIdleTimeout *int `mandatory:"false" json:"udpIdleTimeout"` + + // The duration for L3IP idle timeout in seconds. + // Example: `200` + L3IpIdleTimeout *int `mandatory:"false" json:"l3IpIdleTimeout"` } func (m CreateListenerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_network_load_balancer_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_network_load_balancer_details.go index 5d1944bfaf..27818037c7 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_network_load_balancer_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/create_network_load_balancer_details.go @@ -38,6 +38,10 @@ type CreateNetworkLoadBalancerDetails struct { // enabled on the load balancer VNIC, and packets are sent to the backend with the entire IP header intact. IsPreserveSourceDestination *bool `mandatory:"false" json:"isPreserveSourceDestination"` + // This can only be enabled when NLB is working in transparent mode with source destination header preservation enabled. + // This removes the additional dependency from NLB backends(like Firewalls) to perform SNAT. + IsSymmetricHashEnabled *bool `mandatory:"false" json:"isSymmetricHashEnabled"` + // An array of reserved Ips. ReservedIps []ReservedIp `mandatory:"false" json:"reservedIps"` @@ -65,6 +69,19 @@ type CreateNetworkLoadBalancerDetails struct { // IP version associated with the NLB. NlbIpVersion NlbIpVersionEnum `mandatory:"false" json:"nlbIpVersion,omitempty"` + // IPv6 subnet prefix selection. If Ipv6 subnet prefix is passed, Nlb Ipv6 Address would be assign within the cidr block. NLB has to be dual or single stack ipv6 to support this. + SubnetIpv6Cidr *string `mandatory:"false" json:"subnetIpv6Cidr"` + + // Private IP address to be assigned to the network load balancer being created. + // This IP address has to be in the CIDR range of the subnet where network load balancer is being created + // Example: "10.0.0.1" + AssignedPrivateIpv4 *string `mandatory:"false" json:"assignedPrivateIpv4"` + + // IPv6 address to be assigned to the network load balancer being created. + // This IP address has to be part of one of the prefixes supported by the subnet. + // Example: "2607:9b80:9a0a:9a7e:abcd:ef01:2345:6789" + AssignedIpv6 *string `mandatory:"false" json:"assignedIpv6"` + // Listeners associated with the network load balancer. Listeners map[string]ListenerDetails `mandatory:"false" json:"listeners"` @@ -78,6 +95,11 @@ type CreateNetworkLoadBalancerDetails struct { // Defined tags for this resource. Each key is predefined and scoped to a namespace. // Example: `{"foo-namespace": {"bar-key": "value"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // ZPR tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. + // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). + // Example: `{"oracle-zpr": {"td": {"value": "42", "mode": "audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` } func (m CreateNetworkLoadBalancerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/hcs_infra_ip_version.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/hcs_infra_ip_version.go index 975dae6b26..615e1d44b6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/hcs_infra_ip_version.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/hcs_infra_ip_version.go @@ -20,16 +20,19 @@ type HcsInfraIpVersionEnum string const ( HcsInfraIpVersionIpv4 HcsInfraIpVersionEnum = "IPV4" HcsInfraIpVersionIpv4AndIpv6 HcsInfraIpVersionEnum = "IPV4_AND_IPV6" + HcsInfraIpVersionIpv6 HcsInfraIpVersionEnum = "IPV6" ) var mappingHcsInfraIpVersionEnum = map[string]HcsInfraIpVersionEnum{ "IPV4": HcsInfraIpVersionIpv4, "IPV4_AND_IPV6": HcsInfraIpVersionIpv4AndIpv6, + "IPV6": HcsInfraIpVersionIpv6, } var mappingHcsInfraIpVersionEnumLowerCase = map[string]HcsInfraIpVersionEnum{ "ipv4": HcsInfraIpVersionIpv4, "ipv4_and_ipv6": HcsInfraIpVersionIpv4AndIpv6, + "ipv6": HcsInfraIpVersionIpv6, } // GetHcsInfraIpVersionEnumValues Enumerates the set of values for HcsInfraIpVersionEnum @@ -46,6 +49,7 @@ func GetHcsInfraIpVersionEnumStringValues() []string { return []string{ "IPV4", "IPV4_AND_IPV6", + "IPV6", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_check_protocols.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_check_protocols.go index ce611ab45e..f89410881f 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_check_protocols.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_check_protocols.go @@ -22,6 +22,7 @@ const ( HealthCheckProtocolsHttps HealthCheckProtocolsEnum = "HTTPS" HealthCheckProtocolsTcp HealthCheckProtocolsEnum = "TCP" HealthCheckProtocolsUdp HealthCheckProtocolsEnum = "UDP" + HealthCheckProtocolsDns HealthCheckProtocolsEnum = "DNS" ) var mappingHealthCheckProtocolsEnum = map[string]HealthCheckProtocolsEnum{ @@ -29,6 +30,7 @@ var mappingHealthCheckProtocolsEnum = map[string]HealthCheckProtocolsEnum{ "HTTPS": HealthCheckProtocolsHttps, "TCP": HealthCheckProtocolsTcp, "UDP": HealthCheckProtocolsUdp, + "DNS": HealthCheckProtocolsDns, } var mappingHealthCheckProtocolsEnumLowerCase = map[string]HealthCheckProtocolsEnum{ @@ -36,6 +38,7 @@ var mappingHealthCheckProtocolsEnumLowerCase = map[string]HealthCheckProtocolsEn "https": HealthCheckProtocolsHttps, "tcp": HealthCheckProtocolsTcp, "udp": HealthCheckProtocolsUdp, + "dns": HealthCheckProtocolsDns, } // GetHealthCheckProtocolsEnumValues Enumerates the set of values for HealthCheckProtocolsEnum @@ -54,6 +57,7 @@ func GetHealthCheckProtocolsEnumStringValues() []string { "HTTPS", "TCP", "UDP", + "DNS", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker.go index 0d1d2e6b6b..307c0ad883 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker.go @@ -60,6 +60,8 @@ type HealthChecker struct { // Base64 encoded pattern to be validated as UDP or TCP health check probe response. ResponseData []byte `mandatory:"false" json:"responseData"` + + Dns *DnsHealthCheckerDetails `mandatory:"false" json:"dns"` } func (m HealthChecker) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker_details.go index 0bbb7313f4..bf9eb16f05 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/health_checker_details.go @@ -60,6 +60,8 @@ type HealthCheckerDetails struct { // Base64 encoded pattern to be validated as UDP or TCP health check probe response. ResponseData []byte `mandatory:"false" json:"responseData"` + + Dns *DnsHealthCheckerDetails `mandatory:"false" json:"dns"` } func (m HealthCheckerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener.go index 723e0cc34a..655a86a6ec 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener.go @@ -33,15 +33,29 @@ type Listener struct { Port *int `mandatory:"true" json:"port"` // The protocol on which the listener accepts connection requests. - // For public network load balancers, ANY protocol refers to TCP/UDP. + // For public network load balancers, ANY protocol refers to TCP/UDP with the wildcard port. // For private network load balancers, ANY protocol refers to TCP/UDP/ICMP (note that ICMP requires isPreserveSourceDestination to be set to true). - // To get a list of valid protocols, use the ListNetworkLoadBalancersProtocols - // operation. + // "ListNetworkLoadBalancersProtocols" API is deprecated and it will not return the updated values. Use the allowed values for the protocol instead. // Example: `TCP` Protocol ListenerProtocolsEnum `mandatory:"true" json:"protocol"` // IP version associated with the listener. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` + + // Property to enable/disable PPv2 feature for this listener. + IsPpv2Enabled *bool `mandatory:"false" json:"isPpv2Enabled"` + + // The duration for TCP idle timeout in seconds. + // Example: `300` + TcpIdleTimeout *int `mandatory:"false" json:"tcpIdleTimeout"` + + // The duration for UDP idle timeout in seconds. + // Example: `120` + UdpIdleTimeout *int `mandatory:"false" json:"udpIdleTimeout"` + + // The duration for L3IP idle timeout in seconds. + // Example: `200` + L3IpIdleTimeout *int `mandatory:"false" json:"l3IpIdleTimeout"` } func (m Listener) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_details.go index 28579a3fb3..3437ab6657 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_details.go @@ -33,15 +33,29 @@ type ListenerDetails struct { Port *int `mandatory:"true" json:"port"` // The protocol on which the listener accepts connection requests. - // For public network load balancers, ANY protocol refers to TCP/UDP. + // For public network load balancers, ANY protocol refers to TCP/UDP with the wildcard port. // For private network load balancers, ANY protocol refers to TCP/UDP/ICMP (note that ICMP requires isPreserveSourceDestination to be set to true). - // To get a list of valid protocols, use the ListNetworkLoadBalancersProtocols - // operation. + // "ListNetworkLoadBalancersProtocols" API is deprecated and it will not return the updated values. Use the allowed values for the protocol instead. // Example: `TCP` Protocol ListenerProtocolsEnum `mandatory:"true" json:"protocol"` // IP version associated with the listener. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` + + // Property to enable/disable PPv2 feature for this listener. + IsPpv2Enabled *bool `mandatory:"false" json:"isPpv2Enabled"` + + // The duration for TCP idle timeout in seconds. + // Example: `300` + TcpIdleTimeout *int `mandatory:"false" json:"tcpIdleTimeout"` + + // The duration for UDP idle timeout in seconds. + // Example: `120` + UdpIdleTimeout *int `mandatory:"false" json:"udpIdleTimeout"` + + // The duration for L3IP idle timeout in seconds. + // Example: `200` + L3IpIdleTimeout *int `mandatory:"false" json:"l3IpIdleTimeout"` } func (m ListenerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_protocols.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_protocols.go index 14afdbfea6..f77bb18e51 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_protocols.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_protocols.go @@ -22,6 +22,7 @@ const ( ListenerProtocolsTcp ListenerProtocolsEnum = "TCP" ListenerProtocolsUdp ListenerProtocolsEnum = "UDP" ListenerProtocolsTcpAndUdp ListenerProtocolsEnum = "TCP_AND_UDP" + ListenerProtocolsL3Ip ListenerProtocolsEnum = "L3IP" ) var mappingListenerProtocolsEnum = map[string]ListenerProtocolsEnum{ @@ -29,6 +30,7 @@ var mappingListenerProtocolsEnum = map[string]ListenerProtocolsEnum{ "TCP": ListenerProtocolsTcp, "UDP": ListenerProtocolsUdp, "TCP_AND_UDP": ListenerProtocolsTcpAndUdp, + "L3IP": ListenerProtocolsL3Ip, } var mappingListenerProtocolsEnumLowerCase = map[string]ListenerProtocolsEnum{ @@ -36,6 +38,7 @@ var mappingListenerProtocolsEnumLowerCase = map[string]ListenerProtocolsEnum{ "tcp": ListenerProtocolsTcp, "udp": ListenerProtocolsUdp, "tcp_and_udp": ListenerProtocolsTcpAndUdp, + "l3ip": ListenerProtocolsL3Ip, } // GetListenerProtocolsEnumValues Enumerates the set of values for ListenerProtocolsEnum @@ -54,6 +57,7 @@ func GetListenerProtocolsEnumStringValues() []string { "TCP", "UDP", "TCP_AND_UDP", + "L3IP", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_summary.go index fd393719e3..f50b9d26a9 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/listener_summary.go @@ -33,15 +33,29 @@ type ListenerSummary struct { Port *int `mandatory:"true" json:"port"` // The protocol on which the listener accepts connection requests. - // For public network load balancers, ANY protocol refers to TCP/UDP. + // For public network load balancers, ANY protocol refers to TCP/UDP with the wildcard port. // For private network load balancers, ANY protocol refers to TCP/UDP/ICMP (note that ICMP requires isPreserveSourceDestination to be set to true). - // To get a list of valid protocols, use the ListNetworkLoadBalancersProtocols - // operation. + // "ListNetworkLoadBalancersProtocols" API is deprecated and it will not return the updated values. Use the allowed values for the protocol instead. // Example: `TCP` Protocol ListenerProtocolsEnum `mandatory:"true" json:"protocol"` // IP version associated with the listener. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` + + // Property to enable/disable PPv2 feature for this listener. + IsPpv2Enabled *bool `mandatory:"false" json:"isPpv2Enabled"` + + // The duration for TCP idle timeout in seconds. + // Example: `300` + TcpIdleTimeout *int `mandatory:"false" json:"tcpIdleTimeout"` + + // The duration for UDP idle timeout in seconds. + // Example: `120` + UdpIdleTimeout *int `mandatory:"false" json:"udpIdleTimeout"` + + // The duration for L3IP idle timeout in seconds. + // Example: `200` + L3IpIdleTimeout *int `mandatory:"false" json:"l3IpIdleTimeout"` } func (m ListenerSummary) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer.go index 70a841daff..07170a3466 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer.go @@ -45,7 +45,7 @@ type NetworkLoadBalancer struct { // An array of IP addresses. IpAddresses []IpAddress `mandatory:"true" json:"ipAddresses"` - // The subnet in which the network load balancer is spawned OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)." + // The subnet in which the network load balancer is spawned OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm). SubnetId *string `mandatory:"true" json:"subnetId"` // A message describing the current state in more detail. @@ -74,6 +74,10 @@ type NetworkLoadBalancer struct { // Packets are sent to the backend set without any changes to the source and destination IP. IsPreserveSourceDestination *bool `mandatory:"false" json:"isPreserveSourceDestination"` + // This can only be enabled when NLB is working in transparent mode with source destination header preservation enabled. + // This removes the additional dependency from NLB backends(like Firewalls) to perform SNAT. + IsSymmetricHashEnabled *bool `mandatory:"false" json:"isSymmetricHashEnabled"` + // An array of network security groups OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) associated with the network load // balancer. // During the creation of the network load balancer, the service adds the new load balancer to the specified network security groups. @@ -95,6 +99,11 @@ type NetworkLoadBalancer struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // ZPR tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. + // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). + // Example: `{ "oracle-zpr": { "td": { "value": "42", "mode": "audit" } } }` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // Defined tags for this resource. Each key is predefined and scoped to a namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer_summary.go index 9d32732668..b8db09cd65 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancer_summary.go @@ -38,7 +38,7 @@ type NetworkLoadBalancerSummary struct { // An array of IP addresses. IpAddresses []IpAddress `mandatory:"true" json:"ipAddresses"` - // The subnet in which the network load balancer is spawned OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm)." + // The subnet in which the network load balancer is spawned OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm). SubnetId *string `mandatory:"true" json:"subnetId"` // A message describing the current state in more detail. @@ -67,6 +67,10 @@ type NetworkLoadBalancerSummary struct { // Packets are sent to the backend set without any changes to the source and destination IP. IsPreserveSourceDestination *bool `mandatory:"false" json:"isPreserveSourceDestination"` + // This can only be enabled when NLB is working in transparent mode with source destination header preservation enabled. + // This removes the additional dependency from NLB backends(like Firewalls) to perform SNAT. + IsSymmetricHashEnabled *bool `mandatory:"false" json:"isSymmetricHashEnabled"` + // An array of network security groups OCIDs (https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) associated with the network load // balancer. // During the creation of the network load balancer, the service adds the new load balancer to the specified network security groups. @@ -88,6 +92,11 @@ type NetworkLoadBalancerSummary struct { // Example: `{"Department": "Finance"}` FreeformTags map[string]string `mandatory:"false" json:"freeformTags"` + // ZPR tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. + // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). + // Example: `{ "oracle-zpr": { "td": { "value": "42", "mode": "audit" } } }` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` + // Defined tags for this resource. Each key is predefined and scoped to a namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancers_protocol_summary.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancers_protocol_summary.go index 7d16a10bcc..92dc5380a6 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancers_protocol_summary.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/network_load_balancers_protocol_summary.go @@ -22,6 +22,7 @@ const ( NetworkLoadBalancersProtocolSummaryTcp NetworkLoadBalancersProtocolSummaryEnum = "TCP" NetworkLoadBalancersProtocolSummaryUdp NetworkLoadBalancersProtocolSummaryEnum = "UDP" NetworkLoadBalancersProtocolSummaryTcpAndUdp NetworkLoadBalancersProtocolSummaryEnum = "TCP_AND_UDP" + NetworkLoadBalancersProtocolSummaryL3Ip NetworkLoadBalancersProtocolSummaryEnum = "L3IP" ) var mappingNetworkLoadBalancersProtocolSummaryEnum = map[string]NetworkLoadBalancersProtocolSummaryEnum{ @@ -29,6 +30,7 @@ var mappingNetworkLoadBalancersProtocolSummaryEnum = map[string]NetworkLoadBalan "TCP": NetworkLoadBalancersProtocolSummaryTcp, "UDP": NetworkLoadBalancersProtocolSummaryUdp, "TCP_AND_UDP": NetworkLoadBalancersProtocolSummaryTcpAndUdp, + "L3IP": NetworkLoadBalancersProtocolSummaryL3Ip, } var mappingNetworkLoadBalancersProtocolSummaryEnumLowerCase = map[string]NetworkLoadBalancersProtocolSummaryEnum{ @@ -36,6 +38,7 @@ var mappingNetworkLoadBalancersProtocolSummaryEnumLowerCase = map[string]Network "tcp": NetworkLoadBalancersProtocolSummaryTcp, "udp": NetworkLoadBalancersProtocolSummaryUdp, "tcp_and_udp": NetworkLoadBalancersProtocolSummaryTcpAndUdp, + "l3ip": NetworkLoadBalancersProtocolSummaryL3Ip, } // GetNetworkLoadBalancersProtocolSummaryEnumValues Enumerates the set of values for NetworkLoadBalancersProtocolSummaryEnum @@ -54,6 +57,7 @@ func GetNetworkLoadBalancersProtocolSummaryEnumStringValues() []string { "TCP", "UDP", "TCP_AND_UDP", + "L3IP", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/networkloadbalancer_client.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/networkloadbalancer_client.go index 1355ecf685..3e657977ea 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/networkloadbalancer_client.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/networkloadbalancer_client.go @@ -97,9 +97,10 @@ func (client *NetworkLoadBalancerClient) ConfigurationProvider() *common.Configu // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ChangeNetworkLoadBalancerCompartment.go.html to see an example of how to use ChangeNetworkLoadBalancerCompartment API. +// A default retry strategy applies to this operation ChangeNetworkLoadBalancerCompartment() func (client NetworkLoadBalancerClient) ChangeNetworkLoadBalancerCompartment(ctx context.Context, request ChangeNetworkLoadBalancerCompartmentRequest) (response ChangeNetworkLoadBalancerCompartmentResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -159,9 +160,10 @@ func (client NetworkLoadBalancerClient) changeNetworkLoadBalancerCompartment(ctx // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/CreateBackend.go.html to see an example of how to use CreateBackend API. +// A default retry strategy applies to this operation CreateBackend() func (client NetworkLoadBalancerClient) CreateBackend(ctx context.Context, request CreateBackendRequest) (response CreateBackendResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -221,9 +223,10 @@ func (client NetworkLoadBalancerClient) createBackend(ctx context.Context, reque // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/CreateBackendSet.go.html to see an example of how to use CreateBackendSet API. +// A default retry strategy applies to this operation CreateBackendSet() func (client NetworkLoadBalancerClient) CreateBackendSet(ctx context.Context, request CreateBackendSetRequest) (response CreateBackendSetResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -283,9 +286,10 @@ func (client NetworkLoadBalancerClient) createBackendSet(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/CreateListener.go.html to see an example of how to use CreateListener API. +// A default retry strategy applies to this operation CreateListener() func (client NetworkLoadBalancerClient) CreateListener(ctx context.Context, request CreateListenerRequest) (response CreateListenerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -345,9 +349,10 @@ func (client NetworkLoadBalancerClient) createListener(ctx context.Context, requ // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/CreateNetworkLoadBalancer.go.html to see an example of how to use CreateNetworkLoadBalancer API. +// A default retry strategy applies to this operation CreateNetworkLoadBalancer() func (client NetworkLoadBalancerClient) CreateNetworkLoadBalancer(ctx context.Context, request CreateNetworkLoadBalancerRequest) (response CreateNetworkLoadBalancerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -407,9 +412,10 @@ func (client NetworkLoadBalancerClient) createNetworkLoadBalancer(ctx context.Co // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/DeleteBackend.go.html to see an example of how to use DeleteBackend API. +// A default retry strategy applies to this operation DeleteBackend() func (client NetworkLoadBalancerClient) DeleteBackend(ctx context.Context, request DeleteBackendRequest) (response DeleteBackendResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -465,9 +471,10 @@ func (client NetworkLoadBalancerClient) deleteBackend(ctx context.Context, reque // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/DeleteBackendSet.go.html to see an example of how to use DeleteBackendSet API. +// A default retry strategy applies to this operation DeleteBackendSet() func (client NetworkLoadBalancerClient) DeleteBackendSet(ctx context.Context, request DeleteBackendSetRequest) (response DeleteBackendSetResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -522,9 +529,10 @@ func (client NetworkLoadBalancerClient) deleteBackendSet(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/DeleteListener.go.html to see an example of how to use DeleteListener API. +// A default retry strategy applies to this operation DeleteListener() func (client NetworkLoadBalancerClient) DeleteListener(ctx context.Context, request DeleteListenerRequest) (response DeleteListenerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -579,9 +587,10 @@ func (client NetworkLoadBalancerClient) deleteListener(ctx context.Context, requ // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/DeleteNetworkLoadBalancer.go.html to see an example of how to use DeleteNetworkLoadBalancer API. +// A default retry strategy applies to this operation DeleteNetworkLoadBalancer() func (client NetworkLoadBalancerClient) DeleteNetworkLoadBalancer(ctx context.Context, request DeleteNetworkLoadBalancerRequest) (response DeleteNetworkLoadBalancerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -636,9 +645,10 @@ func (client NetworkLoadBalancerClient) deleteNetworkLoadBalancer(ctx context.Co // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetBackend.go.html to see an example of how to use GetBackend API. +// A default retry strategy applies to this operation GetBackend() func (client NetworkLoadBalancerClient) GetBackend(ctx context.Context, request GetBackendRequest) (response GetBackendResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -693,9 +703,10 @@ func (client NetworkLoadBalancerClient) getBackend(ctx context.Context, request // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetBackendHealth.go.html to see an example of how to use GetBackendHealth API. +// A default retry strategy applies to this operation GetBackendHealth() func (client NetworkLoadBalancerClient) GetBackendHealth(ctx context.Context, request GetBackendHealthRequest) (response GetBackendHealthResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -750,9 +761,10 @@ func (client NetworkLoadBalancerClient) getBackendHealth(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetBackendSet.go.html to see an example of how to use GetBackendSet API. +// A default retry strategy applies to this operation GetBackendSet() func (client NetworkLoadBalancerClient) GetBackendSet(ctx context.Context, request GetBackendSetRequest) (response GetBackendSetResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -807,9 +819,10 @@ func (client NetworkLoadBalancerClient) getBackendSet(ctx context.Context, reque // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetBackendSetHealth.go.html to see an example of how to use GetBackendSetHealth API. +// A default retry strategy applies to this operation GetBackendSetHealth() func (client NetworkLoadBalancerClient) GetBackendSetHealth(ctx context.Context, request GetBackendSetHealthRequest) (response GetBackendSetHealthResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -864,9 +877,10 @@ func (client NetworkLoadBalancerClient) getBackendSetHealth(ctx context.Context, // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetHealthChecker.go.html to see an example of how to use GetHealthChecker API. +// A default retry strategy applies to this operation GetHealthChecker() func (client NetworkLoadBalancerClient) GetHealthChecker(ctx context.Context, request GetHealthCheckerRequest) (response GetHealthCheckerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -926,9 +940,10 @@ func (client NetworkLoadBalancerClient) getHealthChecker(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetListener.go.html to see an example of how to use GetListener API. +// A default retry strategy applies to this operation GetListener() func (client NetworkLoadBalancerClient) GetListener(ctx context.Context, request GetListenerRequest) (response GetListenerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -983,9 +998,10 @@ func (client NetworkLoadBalancerClient) getListener(ctx context.Context, request // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetNetworkLoadBalancer.go.html to see an example of how to use GetNetworkLoadBalancer API. +// A default retry strategy applies to this operation GetNetworkLoadBalancer() func (client NetworkLoadBalancerClient) GetNetworkLoadBalancer(ctx context.Context, request GetNetworkLoadBalancerRequest) (response GetNetworkLoadBalancerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1040,9 +1056,10 @@ func (client NetworkLoadBalancerClient) getNetworkLoadBalancer(ctx context.Conte // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetNetworkLoadBalancerHealth.go.html to see an example of how to use GetNetworkLoadBalancerHealth API. +// A default retry strategy applies to this operation GetNetworkLoadBalancerHealth() func (client NetworkLoadBalancerClient) GetNetworkLoadBalancerHealth(ctx context.Context, request GetNetworkLoadBalancerHealthRequest) (response GetNetworkLoadBalancerHealthResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1097,9 +1114,10 @@ func (client NetworkLoadBalancerClient) getNetworkLoadBalancerHealth(ctx context // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/GetWorkRequest.go.html to see an example of how to use GetWorkRequest API. +// A default retry strategy applies to this operation GetWorkRequest() func (client NetworkLoadBalancerClient) GetWorkRequest(ctx context.Context, request GetWorkRequestRequest) (response GetWorkRequestResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1154,9 +1172,10 @@ func (client NetworkLoadBalancerClient) getWorkRequest(ctx context.Context, requ // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListBackendSets.go.html to see an example of how to use ListBackendSets API. +// A default retry strategy applies to this operation ListBackendSets() func (client NetworkLoadBalancerClient) ListBackendSets(ctx context.Context, request ListBackendSetsRequest) (response ListBackendSetsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1211,9 +1230,10 @@ func (client NetworkLoadBalancerClient) listBackendSets(ctx context.Context, req // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListBackends.go.html to see an example of how to use ListBackends API. +// A default retry strategy applies to this operation ListBackends() func (client NetworkLoadBalancerClient) ListBackends(ctx context.Context, request ListBackendsRequest) (response ListBackendsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1268,9 +1288,10 @@ func (client NetworkLoadBalancerClient) listBackends(ctx context.Context, reques // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListListeners.go.html to see an example of how to use ListListeners API. +// A default retry strategy applies to this operation ListListeners() func (client NetworkLoadBalancerClient) ListListeners(ctx context.Context, request ListListenersRequest) (response ListListenersResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1325,9 +1346,10 @@ func (client NetworkLoadBalancerClient) listListeners(ctx context.Context, reque // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListNetworkLoadBalancerHealths.go.html to see an example of how to use ListNetworkLoadBalancerHealths API. +// A default retry strategy applies to this operation ListNetworkLoadBalancerHealths() func (client NetworkLoadBalancerClient) ListNetworkLoadBalancerHealths(ctx context.Context, request ListNetworkLoadBalancerHealthsRequest) (response ListNetworkLoadBalancerHealthsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1382,9 +1404,10 @@ func (client NetworkLoadBalancerClient) listNetworkLoadBalancerHealths(ctx conte // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListNetworkLoadBalancers.go.html to see an example of how to use ListNetworkLoadBalancers API. +// A default retry strategy applies to this operation ListNetworkLoadBalancers() func (client NetworkLoadBalancerClient) ListNetworkLoadBalancers(ctx context.Context, request ListNetworkLoadBalancersRequest) (response ListNetworkLoadBalancersResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1439,9 +1462,10 @@ func (client NetworkLoadBalancerClient) listNetworkLoadBalancers(ctx context.Con // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListNetworkLoadBalancersPolicies.go.html to see an example of how to use ListNetworkLoadBalancersPolicies API. +// A default retry strategy applies to this operation ListNetworkLoadBalancersPolicies() func (client NetworkLoadBalancerClient) ListNetworkLoadBalancersPolicies(ctx context.Context, request ListNetworkLoadBalancersPoliciesRequest) (response ListNetworkLoadBalancersPoliciesResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1497,9 +1521,10 @@ func (client NetworkLoadBalancerClient) listNetworkLoadBalancersPolicies(ctx con // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListNetworkLoadBalancersProtocols.go.html to see an example of how to use ListNetworkLoadBalancersProtocols API. +// A default retry strategy applies to this operation ListNetworkLoadBalancersProtocols() func (client NetworkLoadBalancerClient) ListNetworkLoadBalancersProtocols(ctx context.Context, request ListNetworkLoadBalancersProtocolsRequest) (response ListNetworkLoadBalancersProtocolsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1554,9 +1579,10 @@ func (client NetworkLoadBalancerClient) listNetworkLoadBalancersProtocols(ctx co // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListWorkRequestErrors.go.html to see an example of how to use ListWorkRequestErrors API. +// A default retry strategy applies to this operation ListWorkRequestErrors() func (client NetworkLoadBalancerClient) ListWorkRequestErrors(ctx context.Context, request ListWorkRequestErrorsRequest) (response ListWorkRequestErrorsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1611,9 +1637,10 @@ func (client NetworkLoadBalancerClient) listWorkRequestErrors(ctx context.Contex // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListWorkRequestLogs.go.html to see an example of how to use ListWorkRequestLogs API. +// A default retry strategy applies to this operation ListWorkRequestLogs() func (client NetworkLoadBalancerClient) ListWorkRequestLogs(ctx context.Context, request ListWorkRequestLogsRequest) (response ListWorkRequestLogsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1668,9 +1695,10 @@ func (client NetworkLoadBalancerClient) listWorkRequestLogs(ctx context.Context, // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/ListWorkRequests.go.html to see an example of how to use ListWorkRequests API. +// A default retry strategy applies to this operation ListWorkRequests() func (client NetworkLoadBalancerClient) ListWorkRequests(ctx context.Context, request ListWorkRequestsRequest) (response ListWorkRequestsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1725,9 +1753,10 @@ func (client NetworkLoadBalancerClient) listWorkRequests(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateBackend.go.html to see an example of how to use UpdateBackend API. +// A default retry strategy applies to this operation UpdateBackend() func (client NetworkLoadBalancerClient) UpdateBackend(ctx context.Context, request UpdateBackendRequest) (response UpdateBackendResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1787,9 +1816,10 @@ func (client NetworkLoadBalancerClient) updateBackend(ctx context.Context, reque // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateBackendSet.go.html to see an example of how to use UpdateBackendSet API. +// A default retry strategy applies to this operation UpdateBackendSet() func (client NetworkLoadBalancerClient) UpdateBackendSet(ctx context.Context, request UpdateBackendSetRequest) (response UpdateBackendSetResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1849,9 +1879,10 @@ func (client NetworkLoadBalancerClient) updateBackendSet(ctx context.Context, re // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateHealthChecker.go.html to see an example of how to use UpdateHealthChecker API. +// A default retry strategy applies to this operation UpdateHealthChecker() func (client NetworkLoadBalancerClient) UpdateHealthChecker(ctx context.Context, request UpdateHealthCheckerRequest) (response UpdateHealthCheckerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1911,9 +1942,10 @@ func (client NetworkLoadBalancerClient) updateHealthChecker(ctx context.Context, // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateListener.go.html to see an example of how to use UpdateListener API. +// A default retry strategy applies to this operation UpdateListener() func (client NetworkLoadBalancerClient) UpdateListener(ctx context.Context, request UpdateListenerRequest) (response UpdateListenerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -1973,9 +2005,10 @@ func (client NetworkLoadBalancerClient) updateListener(ctx context.Context, requ // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateNetworkLoadBalancer.go.html to see an example of how to use UpdateNetworkLoadBalancer API. +// A default retry strategy applies to this operation UpdateNetworkLoadBalancer() func (client NetworkLoadBalancerClient) UpdateNetworkLoadBalancer(ctx context.Context, request UpdateNetworkLoadBalancerRequest) (response UpdateNetworkLoadBalancerResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } @@ -2030,9 +2063,10 @@ func (client NetworkLoadBalancerClient) updateNetworkLoadBalancer(ctx context.Co // # See also // // Click https://docs.cloud.oracle.com/en-us/iaas/tools/go-sdk-examples/latest/networkloadbalancer/UpdateNetworkSecurityGroups.go.html to see an example of how to use UpdateNetworkSecurityGroups API. +// A default retry strategy applies to this operation UpdateNetworkSecurityGroups() func (client NetworkLoadBalancerClient) UpdateNetworkSecurityGroups(ctx context.Context, request UpdateNetworkSecurityGroupsRequest) (response UpdateNetworkSecurityGroupsResponse, err error) { var ociResponse common.OCIResponse - policy := common.NoRetryPolicy() + policy := common.DefaultRetryPolicy() if client.RetryPolicy() != nil { policy = *client.RetryPolicy() } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/nlb_ip_version.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/nlb_ip_version.go index b19edf9662..ef17a299b1 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/nlb_ip_version.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/nlb_ip_version.go @@ -20,16 +20,19 @@ type NlbIpVersionEnum string const ( NlbIpVersionIpv4 NlbIpVersionEnum = "IPV4" NlbIpVersionIpv4AndIpv6 NlbIpVersionEnum = "IPV4_AND_IPV6" + NlbIpVersionIpv6 NlbIpVersionEnum = "IPV6" ) var mappingNlbIpVersionEnum = map[string]NlbIpVersionEnum{ "IPV4": NlbIpVersionIpv4, "IPV4_AND_IPV6": NlbIpVersionIpv4AndIpv6, + "IPV6": NlbIpVersionIpv6, } var mappingNlbIpVersionEnumLowerCase = map[string]NlbIpVersionEnum{ "ipv4": NlbIpVersionIpv4, "ipv4_and_ipv6": NlbIpVersionIpv4AndIpv6, + "ipv6": NlbIpVersionIpv6, } // GetNlbIpVersionEnumValues Enumerates the set of values for NlbIpVersionEnum @@ -46,6 +49,7 @@ func GetNlbIpVersionEnumStringValues() []string { return []string{ "IPV4", "IPV4_AND_IPV6", + "IPV6", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/operation_type.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/operation_type.go index b1e9ef46f6..7f28e45daa 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/operation_type.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/operation_type.go @@ -35,6 +35,7 @@ const ( OperationTypeChangeCompartment OperationTypeEnum = "CHANGE_COMPARTMENT" OperationTypeAttachNlbToPod OperationTypeEnum = "ATTACH_NLB_TO_POD" OperationTypeDetachNlbFromPod OperationTypeEnum = "DETACH_NLB_FROM_POD" + OperationTypeLiveMigration OperationTypeEnum = "LIVE_MIGRATION" ) var mappingOperationTypeEnum = map[string]OperationTypeEnum{ @@ -55,6 +56,7 @@ var mappingOperationTypeEnum = map[string]OperationTypeEnum{ "CHANGE_COMPARTMENT": OperationTypeChangeCompartment, "ATTACH_NLB_TO_POD": OperationTypeAttachNlbToPod, "DETACH_NLB_FROM_POD": OperationTypeDetachNlbFromPod, + "LIVE_MIGRATION": OperationTypeLiveMigration, } var mappingOperationTypeEnumLowerCase = map[string]OperationTypeEnum{ @@ -75,6 +77,7 @@ var mappingOperationTypeEnumLowerCase = map[string]OperationTypeEnum{ "change_compartment": OperationTypeChangeCompartment, "attach_nlb_to_pod": OperationTypeAttachNlbToPod, "detach_nlb_from_pod": OperationTypeDetachNlbFromPod, + "live_migration": OperationTypeLiveMigration, } // GetOperationTypeEnumValues Enumerates the set of values for OperationTypeEnum @@ -106,6 +109,7 @@ func GetOperationTypeEnumStringValues() []string { "CHANGE_COMPARTMENT", "ATTACH_NLB_TO_POD", "DETACH_NLB_FROM_POD", + "LIVE_MIGRATION", } } diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_backend_set_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_backend_set_details.go index 9a0385715b..ae52878708 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_backend_set_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_backend_set_details.go @@ -31,6 +31,13 @@ type UpdateBackendSetDetails struct { // The value is true by default. IsPreserveSource *bool `mandatory:"false" json:"isPreserveSource"` + // If enabled, the network load balancer will continue to distribute traffic in the configured distribution in the event all backends are unhealthy. + // The value is false by default. + IsFailOpen *bool `mandatory:"false" json:"isFailOpen"` + + // If enabled existing connections will be forwarded to an alternative healthy backend as soon as current backend becomes unhealthy. + IsInstantFailoverEnabled *bool `mandatory:"false" json:"isInstantFailoverEnabled"` + // The IP version associated with the backend set. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_health_checker_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_health_checker_details.go index a728abe6ea..7c2e780513 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_health_checker_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_health_checker_details.go @@ -58,6 +58,8 @@ type UpdateHealthCheckerDetails struct { // Base64 encoded pattern to be validated as UDP or TCP health check probe response. ResponseData []byte `mandatory:"false" json:"responseData"` + + Dns *DnsHealthCheckerDetails `mandatory:"false" json:"dns"` } func (m UpdateHealthCheckerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_listener_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_listener_details.go index e77f7c478b..fdc59ed7db 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_listener_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_listener_details.go @@ -29,15 +29,29 @@ type UpdateListenerDetails struct { Port *int `mandatory:"false" json:"port"` // The protocol on which the listener accepts connection requests. - // For public network load balancers, ANY protocol refers to TCP/UDP. + // For public network load balancers, ANY protocol refers to TCP/UDP with the wildcard port. // For private network load balancers, ANY protocol refers to TCP/UDP/ICMP (note that ICMP requires isPreserveSourceDestination to be set to true). - // To get a list of valid protocols, use the ListNetworkLoadBalancersProtocols - // operation. + // "ListNetworkLoadBalancersProtocols" API is deprecated and it will not return the updated values. Use the allowed values for the protocol instead. // Example: `TCP` Protocol ListenerProtocolsEnum `mandatory:"false" json:"protocol,omitempty"` // IP version associated with the listener. IpVersion IpVersionEnum `mandatory:"false" json:"ipVersion,omitempty"` + + // Property to enable/disable PPv2 feature for this listener. + IsPpv2Enabled *bool `mandatory:"false" json:"isPpv2Enabled"` + + // The duration for TCP idle timeout in seconds. + // Example: `300` + TcpIdleTimeout *int `mandatory:"false" json:"tcpIdleTimeout"` + + // The duration for UDP idle timeout in seconds. + // Example: `120` + UdpIdleTimeout *int `mandatory:"false" json:"udpIdleTimeout"` + + // The duration for L3IP idle timeout in seconds. + // Example: `200` + L3IpIdleTimeout *int `mandatory:"false" json:"l3IpIdleTimeout"` } func (m UpdateListenerDetails) String() string { diff --git a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_network_load_balancer_details.go b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_network_load_balancer_details.go index ecd63537d9..7031782437 100644 --- a/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_network_load_balancer_details.go +++ b/vendor/github.com/oracle/oci-go-sdk/v65/networkloadbalancer/update_network_load_balancer_details.go @@ -28,9 +28,21 @@ type UpdateNetworkLoadBalancerDetails struct { // enabled on the load balancer VNIC, and packets are sent to the backend with the entire IP header intact. IsPreserveSourceDestination *bool `mandatory:"false" json:"isPreserveSourceDestination"` + // This can only be enabled when NLB is working in transparent mode with source destination header preservation enabled. + // This removes the additional dependency from NLB backends(like Firewalls) to perform SNAT. + IsSymmetricHashEnabled *bool `mandatory:"false" json:"isSymmetricHashEnabled"` + // IP version associated with the NLB. NlbIpVersion NlbIpVersionEnum `mandatory:"false" json:"nlbIpVersion,omitempty"` + // IPv6 subnet prefix selection. If Ipv6 subnet prefix is passed, Nlb Ipv6 Address would be assign within the cidr block. NLB has to be dual or single stack ipv6 to support this. + SubnetIpv6Cidr *string `mandatory:"false" json:"subnetIpv6Cidr"` + + // IPv6 address to be assigned to the network load balancer being created. + // This IP address has to be part of one of the prefixes supported by the subnet. + // Example: "2607:9b80:9a0a:9a7e:abcd:ef01:2345:6789" + AssignedIpv6 *string `mandatory:"false" json:"assignedIpv6"` + // Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Department": "Finance"}` @@ -40,6 +52,11 @@ type UpdateNetworkLoadBalancerDetails struct { // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). // Example: `{"Operations": {"CostCenter": "42"}}` DefinedTags map[string]map[string]interface{} `mandatory:"false" json:"definedTags"` + + // ZPR tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. + // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm). + // Example: `{"oracle-zpr": {"td": {"value": "42", "mode": "audit"}}}` + SecurityAttributes map[string]map[string]interface{} `mandatory:"false" json:"securityAttributes"` } func (m UpdateNetworkLoadBalancerDetails) String() string { diff --git a/vendor/github.com/pmezard/go-difflib/LICENSE b/vendor/github.com/pmezard/go-difflib/LICENSE new file mode 100644 index 0000000000..c67dad612a --- /dev/null +++ b/vendor/github.com/pmezard/go-difflib/LICENSE @@ -0,0 +1,27 @@ +Copyright (c) 2013, Patrick Mezard +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + Redistributions in binary form must reproduce the above copyright +notice, this list of conditions and the following disclaimer in the +documentation and/or other materials provided with the distribution. + The names of its contributors may not be used to endorse or promote +products derived from this software without specific prior written +permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/pmezard/go-difflib/difflib/difflib.go b/vendor/github.com/pmezard/go-difflib/difflib/difflib.go new file mode 100644 index 0000000000..003e99fadb --- /dev/null +++ b/vendor/github.com/pmezard/go-difflib/difflib/difflib.go @@ -0,0 +1,772 @@ +// Package difflib is a partial port of Python difflib module. +// +// It provides tools to compare sequences of strings and generate textual diffs. +// +// The following class and functions have been ported: +// +// - SequenceMatcher +// +// - unified_diff +// +// - context_diff +// +// Getting unified diffs was the main goal of the port. Keep in mind this code +// is mostly suitable to output text differences in a human friendly way, there +// are no guarantees generated diffs are consumable by patch(1). +package difflib + +import ( + "bufio" + "bytes" + "fmt" + "io" + "strings" +) + +func min(a, b int) int { + if a < b { + return a + } + return b +} + +func max(a, b int) int { + if a > b { + return a + } + return b +} + +func calculateRatio(matches, length int) float64 { + if length > 0 { + return 2.0 * float64(matches) / float64(length) + } + return 1.0 +} + +type Match struct { + A int + B int + Size int +} + +type OpCode struct { + Tag byte + I1 int + I2 int + J1 int + J2 int +} + +// SequenceMatcher compares sequence of strings. The basic +// algorithm predates, and is a little fancier than, an algorithm +// published in the late 1980's by Ratcliff and Obershelp under the +// hyperbolic name "gestalt pattern matching". The basic idea is to find +// the longest contiguous matching subsequence that contains no "junk" +// elements (R-O doesn't address junk). The same idea is then applied +// recursively to the pieces of the sequences to the left and to the right +// of the matching subsequence. This does not yield minimal edit +// sequences, but does tend to yield matches that "look right" to people. +// +// SequenceMatcher tries to compute a "human-friendly diff" between two +// sequences. Unlike e.g. UNIX(tm) diff, the fundamental notion is the +// longest *contiguous* & junk-free matching subsequence. That's what +// catches peoples' eyes. The Windows(tm) windiff has another interesting +// notion, pairing up elements that appear uniquely in each sequence. +// That, and the method here, appear to yield more intuitive difference +// reports than does diff. This method appears to be the least vulnerable +// to synching up on blocks of "junk lines", though (like blank lines in +// ordinary text files, or maybe "

" lines in HTML files). That may be +// because this is the only method of the 3 that has a *concept* of +// "junk" . +// +// Timing: Basic R-O is cubic time worst case and quadratic time expected +// case. SequenceMatcher is quadratic time for the worst case and has +// expected-case behavior dependent in a complicated way on how many +// elements the sequences have in common; best case time is linear. +type SequenceMatcher struct { + a []string + b []string + b2j map[string][]int + IsJunk func(string) bool + autoJunk bool + bJunk map[string]struct{} + matchingBlocks []Match + fullBCount map[string]int + bPopular map[string]struct{} + opCodes []OpCode +} + +func NewMatcher(a, b []string) *SequenceMatcher { + m := SequenceMatcher{autoJunk: true} + m.SetSeqs(a, b) + return &m +} + +func NewMatcherWithJunk(a, b []string, autoJunk bool, + isJunk func(string) bool) *SequenceMatcher { + + m := SequenceMatcher{IsJunk: isJunk, autoJunk: autoJunk} + m.SetSeqs(a, b) + return &m +} + +// Set two sequences to be compared. +func (m *SequenceMatcher) SetSeqs(a, b []string) { + m.SetSeq1(a) + m.SetSeq2(b) +} + +// Set the first sequence to be compared. The second sequence to be compared is +// not changed. +// +// SequenceMatcher computes and caches detailed information about the second +// sequence, so if you want to compare one sequence S against many sequences, +// use .SetSeq2(s) once and call .SetSeq1(x) repeatedly for each of the other +// sequences. +// +// See also SetSeqs() and SetSeq2(). +func (m *SequenceMatcher) SetSeq1(a []string) { + if &a == &m.a { + return + } + m.a = a + m.matchingBlocks = nil + m.opCodes = nil +} + +// Set the second sequence to be compared. The first sequence to be compared is +// not changed. +func (m *SequenceMatcher) SetSeq2(b []string) { + if &b == &m.b { + return + } + m.b = b + m.matchingBlocks = nil + m.opCodes = nil + m.fullBCount = nil + m.chainB() +} + +func (m *SequenceMatcher) chainB() { + // Populate line -> index mapping + b2j := map[string][]int{} + for i, s := range m.b { + indices := b2j[s] + indices = append(indices, i) + b2j[s] = indices + } + + // Purge junk elements + m.bJunk = map[string]struct{}{} + if m.IsJunk != nil { + junk := m.bJunk + for s, _ := range b2j { + if m.IsJunk(s) { + junk[s] = struct{}{} + } + } + for s, _ := range junk { + delete(b2j, s) + } + } + + // Purge remaining popular elements + popular := map[string]struct{}{} + n := len(m.b) + if m.autoJunk && n >= 200 { + ntest := n/100 + 1 + for s, indices := range b2j { + if len(indices) > ntest { + popular[s] = struct{}{} + } + } + for s, _ := range popular { + delete(b2j, s) + } + } + m.bPopular = popular + m.b2j = b2j +} + +func (m *SequenceMatcher) isBJunk(s string) bool { + _, ok := m.bJunk[s] + return ok +} + +// Find longest matching block in a[alo:ahi] and b[blo:bhi]. +// +// If IsJunk is not defined: +// +// Return (i,j,k) such that a[i:i+k] is equal to b[j:j+k], where +// alo <= i <= i+k <= ahi +// blo <= j <= j+k <= bhi +// and for all (i',j',k') meeting those conditions, +// k >= k' +// i <= i' +// and if i == i', j <= j' +// +// In other words, of all maximal matching blocks, return one that +// starts earliest in a, and of all those maximal matching blocks that +// start earliest in a, return the one that starts earliest in b. +// +// If IsJunk is defined, first the longest matching block is +// determined as above, but with the additional restriction that no +// junk element appears in the block. Then that block is extended as +// far as possible by matching (only) junk elements on both sides. So +// the resulting block never matches on junk except as identical junk +// happens to be adjacent to an "interesting" match. +// +// If no blocks match, return (alo, blo, 0). +func (m *SequenceMatcher) findLongestMatch(alo, ahi, blo, bhi int) Match { + // CAUTION: stripping common prefix or suffix would be incorrect. + // E.g., + // ab + // acab + // Longest matching block is "ab", but if common prefix is + // stripped, it's "a" (tied with "b"). UNIX(tm) diff does so + // strip, so ends up claiming that ab is changed to acab by + // inserting "ca" in the middle. That's minimal but unintuitive: + // "it's obvious" that someone inserted "ac" at the front. + // Windiff ends up at the same place as diff, but by pairing up + // the unique 'b's and then matching the first two 'a's. + besti, bestj, bestsize := alo, blo, 0 + + // find longest junk-free match + // during an iteration of the loop, j2len[j] = length of longest + // junk-free match ending with a[i-1] and b[j] + j2len := map[int]int{} + for i := alo; i != ahi; i++ { + // look at all instances of a[i] in b; note that because + // b2j has no junk keys, the loop is skipped if a[i] is junk + newj2len := map[int]int{} + for _, j := range m.b2j[m.a[i]] { + // a[i] matches b[j] + if j < blo { + continue + } + if j >= bhi { + break + } + k := j2len[j-1] + 1 + newj2len[j] = k + if k > bestsize { + besti, bestj, bestsize = i-k+1, j-k+1, k + } + } + j2len = newj2len + } + + // Extend the best by non-junk elements on each end. In particular, + // "popular" non-junk elements aren't in b2j, which greatly speeds + // the inner loop above, but also means "the best" match so far + // doesn't contain any junk *or* popular non-junk elements. + for besti > alo && bestj > blo && !m.isBJunk(m.b[bestj-1]) && + m.a[besti-1] == m.b[bestj-1] { + besti, bestj, bestsize = besti-1, bestj-1, bestsize+1 + } + for besti+bestsize < ahi && bestj+bestsize < bhi && + !m.isBJunk(m.b[bestj+bestsize]) && + m.a[besti+bestsize] == m.b[bestj+bestsize] { + bestsize += 1 + } + + // Now that we have a wholly interesting match (albeit possibly + // empty!), we may as well suck up the matching junk on each + // side of it too. Can't think of a good reason not to, and it + // saves post-processing the (possibly considerable) expense of + // figuring out what to do with it. In the case of an empty + // interesting match, this is clearly the right thing to do, + // because no other kind of match is possible in the regions. + for besti > alo && bestj > blo && m.isBJunk(m.b[bestj-1]) && + m.a[besti-1] == m.b[bestj-1] { + besti, bestj, bestsize = besti-1, bestj-1, bestsize+1 + } + for besti+bestsize < ahi && bestj+bestsize < bhi && + m.isBJunk(m.b[bestj+bestsize]) && + m.a[besti+bestsize] == m.b[bestj+bestsize] { + bestsize += 1 + } + + return Match{A: besti, B: bestj, Size: bestsize} +} + +// Return list of triples describing matching subsequences. +// +// Each triple is of the form (i, j, n), and means that +// a[i:i+n] == b[j:j+n]. The triples are monotonically increasing in +// i and in j. It's also guaranteed that if (i, j, n) and (i', j', n') are +// adjacent triples in the list, and the second is not the last triple in the +// list, then i+n != i' or j+n != j'. IOW, adjacent triples never describe +// adjacent equal blocks. +// +// The last triple is a dummy, (len(a), len(b), 0), and is the only +// triple with n==0. +func (m *SequenceMatcher) GetMatchingBlocks() []Match { + if m.matchingBlocks != nil { + return m.matchingBlocks + } + + var matchBlocks func(alo, ahi, blo, bhi int, matched []Match) []Match + matchBlocks = func(alo, ahi, blo, bhi int, matched []Match) []Match { + match := m.findLongestMatch(alo, ahi, blo, bhi) + i, j, k := match.A, match.B, match.Size + if match.Size > 0 { + if alo < i && blo < j { + matched = matchBlocks(alo, i, blo, j, matched) + } + matched = append(matched, match) + if i+k < ahi && j+k < bhi { + matched = matchBlocks(i+k, ahi, j+k, bhi, matched) + } + } + return matched + } + matched := matchBlocks(0, len(m.a), 0, len(m.b), nil) + + // It's possible that we have adjacent equal blocks in the + // matching_blocks list now. + nonAdjacent := []Match{} + i1, j1, k1 := 0, 0, 0 + for _, b := range matched { + // Is this block adjacent to i1, j1, k1? + i2, j2, k2 := b.A, b.B, b.Size + if i1+k1 == i2 && j1+k1 == j2 { + // Yes, so collapse them -- this just increases the length of + // the first block by the length of the second, and the first + // block so lengthened remains the block to compare against. + k1 += k2 + } else { + // Not adjacent. Remember the first block (k1==0 means it's + // the dummy we started with), and make the second block the + // new block to compare against. + if k1 > 0 { + nonAdjacent = append(nonAdjacent, Match{i1, j1, k1}) + } + i1, j1, k1 = i2, j2, k2 + } + } + if k1 > 0 { + nonAdjacent = append(nonAdjacent, Match{i1, j1, k1}) + } + + nonAdjacent = append(nonAdjacent, Match{len(m.a), len(m.b), 0}) + m.matchingBlocks = nonAdjacent + return m.matchingBlocks +} + +// Return list of 5-tuples describing how to turn a into b. +// +// Each tuple is of the form (tag, i1, i2, j1, j2). The first tuple +// has i1 == j1 == 0, and remaining tuples have i1 == the i2 from the +// tuple preceding it, and likewise for j1 == the previous j2. +// +// The tags are characters, with these meanings: +// +// 'r' (replace): a[i1:i2] should be replaced by b[j1:j2] +// +// 'd' (delete): a[i1:i2] should be deleted, j1==j2 in this case. +// +// 'i' (insert): b[j1:j2] should be inserted at a[i1:i1], i1==i2 in this case. +// +// 'e' (equal): a[i1:i2] == b[j1:j2] +func (m *SequenceMatcher) GetOpCodes() []OpCode { + if m.opCodes != nil { + return m.opCodes + } + i, j := 0, 0 + matching := m.GetMatchingBlocks() + opCodes := make([]OpCode, 0, len(matching)) + for _, m := range matching { + // invariant: we've pumped out correct diffs to change + // a[:i] into b[:j], and the next matching block is + // a[ai:ai+size] == b[bj:bj+size]. So we need to pump + // out a diff to change a[i:ai] into b[j:bj], pump out + // the matching block, and move (i,j) beyond the match + ai, bj, size := m.A, m.B, m.Size + tag := byte(0) + if i < ai && j < bj { + tag = 'r' + } else if i < ai { + tag = 'd' + } else if j < bj { + tag = 'i' + } + if tag > 0 { + opCodes = append(opCodes, OpCode{tag, i, ai, j, bj}) + } + i, j = ai+size, bj+size + // the list of matching blocks is terminated by a + // sentinel with size 0 + if size > 0 { + opCodes = append(opCodes, OpCode{'e', ai, i, bj, j}) + } + } + m.opCodes = opCodes + return m.opCodes +} + +// Isolate change clusters by eliminating ranges with no changes. +// +// Return a generator of groups with up to n lines of context. +// Each group is in the same format as returned by GetOpCodes(). +func (m *SequenceMatcher) GetGroupedOpCodes(n int) [][]OpCode { + if n < 0 { + n = 3 + } + codes := m.GetOpCodes() + if len(codes) == 0 { + codes = []OpCode{OpCode{'e', 0, 1, 0, 1}} + } + // Fixup leading and trailing groups if they show no changes. + if codes[0].Tag == 'e' { + c := codes[0] + i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2 + codes[0] = OpCode{c.Tag, max(i1, i2-n), i2, max(j1, j2-n), j2} + } + if codes[len(codes)-1].Tag == 'e' { + c := codes[len(codes)-1] + i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2 + codes[len(codes)-1] = OpCode{c.Tag, i1, min(i2, i1+n), j1, min(j2, j1+n)} + } + nn := n + n + groups := [][]OpCode{} + group := []OpCode{} + for _, c := range codes { + i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2 + // End the current group and start a new one whenever + // there is a large range with no changes. + if c.Tag == 'e' && i2-i1 > nn { + group = append(group, OpCode{c.Tag, i1, min(i2, i1+n), + j1, min(j2, j1+n)}) + groups = append(groups, group) + group = []OpCode{} + i1, j1 = max(i1, i2-n), max(j1, j2-n) + } + group = append(group, OpCode{c.Tag, i1, i2, j1, j2}) + } + if len(group) > 0 && !(len(group) == 1 && group[0].Tag == 'e') { + groups = append(groups, group) + } + return groups +} + +// Return a measure of the sequences' similarity (float in [0,1]). +// +// Where T is the total number of elements in both sequences, and +// M is the number of matches, this is 2.0*M / T. +// Note that this is 1 if the sequences are identical, and 0 if +// they have nothing in common. +// +// .Ratio() is expensive to compute if you haven't already computed +// .GetMatchingBlocks() or .GetOpCodes(), in which case you may +// want to try .QuickRatio() or .RealQuickRation() first to get an +// upper bound. +func (m *SequenceMatcher) Ratio() float64 { + matches := 0 + for _, m := range m.GetMatchingBlocks() { + matches += m.Size + } + return calculateRatio(matches, len(m.a)+len(m.b)) +} + +// Return an upper bound on ratio() relatively quickly. +// +// This isn't defined beyond that it is an upper bound on .Ratio(), and +// is faster to compute. +func (m *SequenceMatcher) QuickRatio() float64 { + // viewing a and b as multisets, set matches to the cardinality + // of their intersection; this counts the number of matches + // without regard to order, so is clearly an upper bound + if m.fullBCount == nil { + m.fullBCount = map[string]int{} + for _, s := range m.b { + m.fullBCount[s] = m.fullBCount[s] + 1 + } + } + + // avail[x] is the number of times x appears in 'b' less the + // number of times we've seen it in 'a' so far ... kinda + avail := map[string]int{} + matches := 0 + for _, s := range m.a { + n, ok := avail[s] + if !ok { + n = m.fullBCount[s] + } + avail[s] = n - 1 + if n > 0 { + matches += 1 + } + } + return calculateRatio(matches, len(m.a)+len(m.b)) +} + +// Return an upper bound on ratio() very quickly. +// +// This isn't defined beyond that it is an upper bound on .Ratio(), and +// is faster to compute than either .Ratio() or .QuickRatio(). +func (m *SequenceMatcher) RealQuickRatio() float64 { + la, lb := len(m.a), len(m.b) + return calculateRatio(min(la, lb), la+lb) +} + +// Convert range to the "ed" format +func formatRangeUnified(start, stop int) string { + // Per the diff spec at http://www.unix.org/single_unix_specification/ + beginning := start + 1 // lines start numbering with one + length := stop - start + if length == 1 { + return fmt.Sprintf("%d", beginning) + } + if length == 0 { + beginning -= 1 // empty ranges begin at line just before the range + } + return fmt.Sprintf("%d,%d", beginning, length) +} + +// Unified diff parameters +type UnifiedDiff struct { + A []string // First sequence lines + FromFile string // First file name + FromDate string // First file time + B []string // Second sequence lines + ToFile string // Second file name + ToDate string // Second file time + Eol string // Headers end of line, defaults to LF + Context int // Number of context lines +} + +// Compare two sequences of lines; generate the delta as a unified diff. +// +// Unified diffs are a compact way of showing line changes and a few +// lines of context. The number of context lines is set by 'n' which +// defaults to three. +// +// By default, the diff control lines (those with ---, +++, or @@) are +// created with a trailing newline. This is helpful so that inputs +// created from file.readlines() result in diffs that are suitable for +// file.writelines() since both the inputs and outputs have trailing +// newlines. +// +// For inputs that do not have trailing newlines, set the lineterm +// argument to "" so that the output will be uniformly newline free. +// +// The unidiff format normally has a header for filenames and modification +// times. Any or all of these may be specified using strings for +// 'fromfile', 'tofile', 'fromfiledate', and 'tofiledate'. +// The modification times are normally expressed in the ISO 8601 format. +func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error { + buf := bufio.NewWriter(writer) + defer buf.Flush() + wf := func(format string, args ...interface{}) error { + _, err := buf.WriteString(fmt.Sprintf(format, args...)) + return err + } + ws := func(s string) error { + _, err := buf.WriteString(s) + return err + } + + if len(diff.Eol) == 0 { + diff.Eol = "\n" + } + + started := false + m := NewMatcher(diff.A, diff.B) + for _, g := range m.GetGroupedOpCodes(diff.Context) { + if !started { + started = true + fromDate := "" + if len(diff.FromDate) > 0 { + fromDate = "\t" + diff.FromDate + } + toDate := "" + if len(diff.ToDate) > 0 { + toDate = "\t" + diff.ToDate + } + if diff.FromFile != "" || diff.ToFile != "" { + err := wf("--- %s%s%s", diff.FromFile, fromDate, diff.Eol) + if err != nil { + return err + } + err = wf("+++ %s%s%s", diff.ToFile, toDate, diff.Eol) + if err != nil { + return err + } + } + } + first, last := g[0], g[len(g)-1] + range1 := formatRangeUnified(first.I1, last.I2) + range2 := formatRangeUnified(first.J1, last.J2) + if err := wf("@@ -%s +%s @@%s", range1, range2, diff.Eol); err != nil { + return err + } + for _, c := range g { + i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2 + if c.Tag == 'e' { + for _, line := range diff.A[i1:i2] { + if err := ws(" " + line); err != nil { + return err + } + } + continue + } + if c.Tag == 'r' || c.Tag == 'd' { + for _, line := range diff.A[i1:i2] { + if err := ws("-" + line); err != nil { + return err + } + } + } + if c.Tag == 'r' || c.Tag == 'i' { + for _, line := range diff.B[j1:j2] { + if err := ws("+" + line); err != nil { + return err + } + } + } + } + } + return nil +} + +// Like WriteUnifiedDiff but returns the diff a string. +func GetUnifiedDiffString(diff UnifiedDiff) (string, error) { + w := &bytes.Buffer{} + err := WriteUnifiedDiff(w, diff) + return string(w.Bytes()), err +} + +// Convert range to the "ed" format. +func formatRangeContext(start, stop int) string { + // Per the diff spec at http://www.unix.org/single_unix_specification/ + beginning := start + 1 // lines start numbering with one + length := stop - start + if length == 0 { + beginning -= 1 // empty ranges begin at line just before the range + } + if length <= 1 { + return fmt.Sprintf("%d", beginning) + } + return fmt.Sprintf("%d,%d", beginning, beginning+length-1) +} + +type ContextDiff UnifiedDiff + +// Compare two sequences of lines; generate the delta as a context diff. +// +// Context diffs are a compact way of showing line changes and a few +// lines of context. The number of context lines is set by diff.Context +// which defaults to three. +// +// By default, the diff control lines (those with *** or ---) are +// created with a trailing newline. +// +// For inputs that do not have trailing newlines, set the diff.Eol +// argument to "" so that the output will be uniformly newline free. +// +// The context diff format normally has a header for filenames and +// modification times. Any or all of these may be specified using +// strings for diff.FromFile, diff.ToFile, diff.FromDate, diff.ToDate. +// The modification times are normally expressed in the ISO 8601 format. +// If not specified, the strings default to blanks. +func WriteContextDiff(writer io.Writer, diff ContextDiff) error { + buf := bufio.NewWriter(writer) + defer buf.Flush() + var diffErr error + wf := func(format string, args ...interface{}) { + _, err := buf.WriteString(fmt.Sprintf(format, args...)) + if diffErr == nil && err != nil { + diffErr = err + } + } + ws := func(s string) { + _, err := buf.WriteString(s) + if diffErr == nil && err != nil { + diffErr = err + } + } + + if len(diff.Eol) == 0 { + diff.Eol = "\n" + } + + prefix := map[byte]string{ + 'i': "+ ", + 'd': "- ", + 'r': "! ", + 'e': " ", + } + + started := false + m := NewMatcher(diff.A, diff.B) + for _, g := range m.GetGroupedOpCodes(diff.Context) { + if !started { + started = true + fromDate := "" + if len(diff.FromDate) > 0 { + fromDate = "\t" + diff.FromDate + } + toDate := "" + if len(diff.ToDate) > 0 { + toDate = "\t" + diff.ToDate + } + if diff.FromFile != "" || diff.ToFile != "" { + wf("*** %s%s%s", diff.FromFile, fromDate, diff.Eol) + wf("--- %s%s%s", diff.ToFile, toDate, diff.Eol) + } + } + + first, last := g[0], g[len(g)-1] + ws("***************" + diff.Eol) + + range1 := formatRangeContext(first.I1, last.I2) + wf("*** %s ****%s", range1, diff.Eol) + for _, c := range g { + if c.Tag == 'r' || c.Tag == 'd' { + for _, cc := range g { + if cc.Tag == 'i' { + continue + } + for _, line := range diff.A[cc.I1:cc.I2] { + ws(prefix[cc.Tag] + line) + } + } + break + } + } + + range2 := formatRangeContext(first.J1, last.J2) + wf("--- %s ----%s", range2, diff.Eol) + for _, c := range g { + if c.Tag == 'r' || c.Tag == 'i' { + for _, cc := range g { + if cc.Tag == 'd' { + continue + } + for _, line := range diff.B[cc.J1:cc.J2] { + ws(prefix[cc.Tag] + line) + } + } + break + } + } + } + return diffErr +} + +// Like WriteContextDiff but returns the diff a string. +func GetContextDiffString(diff ContextDiff) (string, error) { + w := &bytes.Buffer{} + err := WriteContextDiff(w, diff) + return string(w.Bytes()), err +} + +// Split a string on "\n" while preserving them. The output can be used +// as input for UnifiedDiff and ContextDiff structures. +func SplitLines(s string) []string { + lines := strings.SplitAfter(s, "\n") + lines[len(lines)-1] += "\n" + return lines +} diff --git a/vendor/github.com/stretchr/testify/LICENSE b/vendor/github.com/stretchr/testify/LICENSE new file mode 100644 index 0000000000..4b0421cf9e --- /dev/null +++ b/vendor/github.com/stretchr/testify/LICENSE @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) 2012-2020 Mat Ryer, Tyler Bunnell and contributors. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare.go b/vendor/github.com/stretchr/testify/assert/assertion_compare.go new file mode 100644 index 0000000000..4d4b4aad6f --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_compare.go @@ -0,0 +1,480 @@ +package assert + +import ( + "bytes" + "fmt" + "reflect" + "time" +) + +type CompareType int + +const ( + compareLess CompareType = iota - 1 + compareEqual + compareGreater +) + +var ( + intType = reflect.TypeOf(int(1)) + int8Type = reflect.TypeOf(int8(1)) + int16Type = reflect.TypeOf(int16(1)) + int32Type = reflect.TypeOf(int32(1)) + int64Type = reflect.TypeOf(int64(1)) + + uintType = reflect.TypeOf(uint(1)) + uint8Type = reflect.TypeOf(uint8(1)) + uint16Type = reflect.TypeOf(uint16(1)) + uint32Type = reflect.TypeOf(uint32(1)) + uint64Type = reflect.TypeOf(uint64(1)) + + uintptrType = reflect.TypeOf(uintptr(1)) + + float32Type = reflect.TypeOf(float32(1)) + float64Type = reflect.TypeOf(float64(1)) + + stringType = reflect.TypeOf("") + + timeType = reflect.TypeOf(time.Time{}) + bytesType = reflect.TypeOf([]byte{}) +) + +func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) { + obj1Value := reflect.ValueOf(obj1) + obj2Value := reflect.ValueOf(obj2) + + // throughout this switch we try and avoid calling .Convert() if possible, + // as this has a pretty big performance impact + switch kind { + case reflect.Int: + { + intobj1, ok := obj1.(int) + if !ok { + intobj1 = obj1Value.Convert(intType).Interface().(int) + } + intobj2, ok := obj2.(int) + if !ok { + intobj2 = obj2Value.Convert(intType).Interface().(int) + } + if intobj1 > intobj2 { + return compareGreater, true + } + if intobj1 == intobj2 { + return compareEqual, true + } + if intobj1 < intobj2 { + return compareLess, true + } + } + case reflect.Int8: + { + int8obj1, ok := obj1.(int8) + if !ok { + int8obj1 = obj1Value.Convert(int8Type).Interface().(int8) + } + int8obj2, ok := obj2.(int8) + if !ok { + int8obj2 = obj2Value.Convert(int8Type).Interface().(int8) + } + if int8obj1 > int8obj2 { + return compareGreater, true + } + if int8obj1 == int8obj2 { + return compareEqual, true + } + if int8obj1 < int8obj2 { + return compareLess, true + } + } + case reflect.Int16: + { + int16obj1, ok := obj1.(int16) + if !ok { + int16obj1 = obj1Value.Convert(int16Type).Interface().(int16) + } + int16obj2, ok := obj2.(int16) + if !ok { + int16obj2 = obj2Value.Convert(int16Type).Interface().(int16) + } + if int16obj1 > int16obj2 { + return compareGreater, true + } + if int16obj1 == int16obj2 { + return compareEqual, true + } + if int16obj1 < int16obj2 { + return compareLess, true + } + } + case reflect.Int32: + { + int32obj1, ok := obj1.(int32) + if !ok { + int32obj1 = obj1Value.Convert(int32Type).Interface().(int32) + } + int32obj2, ok := obj2.(int32) + if !ok { + int32obj2 = obj2Value.Convert(int32Type).Interface().(int32) + } + if int32obj1 > int32obj2 { + return compareGreater, true + } + if int32obj1 == int32obj2 { + return compareEqual, true + } + if int32obj1 < int32obj2 { + return compareLess, true + } + } + case reflect.Int64: + { + int64obj1, ok := obj1.(int64) + if !ok { + int64obj1 = obj1Value.Convert(int64Type).Interface().(int64) + } + int64obj2, ok := obj2.(int64) + if !ok { + int64obj2 = obj2Value.Convert(int64Type).Interface().(int64) + } + if int64obj1 > int64obj2 { + return compareGreater, true + } + if int64obj1 == int64obj2 { + return compareEqual, true + } + if int64obj1 < int64obj2 { + return compareLess, true + } + } + case reflect.Uint: + { + uintobj1, ok := obj1.(uint) + if !ok { + uintobj1 = obj1Value.Convert(uintType).Interface().(uint) + } + uintobj2, ok := obj2.(uint) + if !ok { + uintobj2 = obj2Value.Convert(uintType).Interface().(uint) + } + if uintobj1 > uintobj2 { + return compareGreater, true + } + if uintobj1 == uintobj2 { + return compareEqual, true + } + if uintobj1 < uintobj2 { + return compareLess, true + } + } + case reflect.Uint8: + { + uint8obj1, ok := obj1.(uint8) + if !ok { + uint8obj1 = obj1Value.Convert(uint8Type).Interface().(uint8) + } + uint8obj2, ok := obj2.(uint8) + if !ok { + uint8obj2 = obj2Value.Convert(uint8Type).Interface().(uint8) + } + if uint8obj1 > uint8obj2 { + return compareGreater, true + } + if uint8obj1 == uint8obj2 { + return compareEqual, true + } + if uint8obj1 < uint8obj2 { + return compareLess, true + } + } + case reflect.Uint16: + { + uint16obj1, ok := obj1.(uint16) + if !ok { + uint16obj1 = obj1Value.Convert(uint16Type).Interface().(uint16) + } + uint16obj2, ok := obj2.(uint16) + if !ok { + uint16obj2 = obj2Value.Convert(uint16Type).Interface().(uint16) + } + if uint16obj1 > uint16obj2 { + return compareGreater, true + } + if uint16obj1 == uint16obj2 { + return compareEqual, true + } + if uint16obj1 < uint16obj2 { + return compareLess, true + } + } + case reflect.Uint32: + { + uint32obj1, ok := obj1.(uint32) + if !ok { + uint32obj1 = obj1Value.Convert(uint32Type).Interface().(uint32) + } + uint32obj2, ok := obj2.(uint32) + if !ok { + uint32obj2 = obj2Value.Convert(uint32Type).Interface().(uint32) + } + if uint32obj1 > uint32obj2 { + return compareGreater, true + } + if uint32obj1 == uint32obj2 { + return compareEqual, true + } + if uint32obj1 < uint32obj2 { + return compareLess, true + } + } + case reflect.Uint64: + { + uint64obj1, ok := obj1.(uint64) + if !ok { + uint64obj1 = obj1Value.Convert(uint64Type).Interface().(uint64) + } + uint64obj2, ok := obj2.(uint64) + if !ok { + uint64obj2 = obj2Value.Convert(uint64Type).Interface().(uint64) + } + if uint64obj1 > uint64obj2 { + return compareGreater, true + } + if uint64obj1 == uint64obj2 { + return compareEqual, true + } + if uint64obj1 < uint64obj2 { + return compareLess, true + } + } + case reflect.Float32: + { + float32obj1, ok := obj1.(float32) + if !ok { + float32obj1 = obj1Value.Convert(float32Type).Interface().(float32) + } + float32obj2, ok := obj2.(float32) + if !ok { + float32obj2 = obj2Value.Convert(float32Type).Interface().(float32) + } + if float32obj1 > float32obj2 { + return compareGreater, true + } + if float32obj1 == float32obj2 { + return compareEqual, true + } + if float32obj1 < float32obj2 { + return compareLess, true + } + } + case reflect.Float64: + { + float64obj1, ok := obj1.(float64) + if !ok { + float64obj1 = obj1Value.Convert(float64Type).Interface().(float64) + } + float64obj2, ok := obj2.(float64) + if !ok { + float64obj2 = obj2Value.Convert(float64Type).Interface().(float64) + } + if float64obj1 > float64obj2 { + return compareGreater, true + } + if float64obj1 == float64obj2 { + return compareEqual, true + } + if float64obj1 < float64obj2 { + return compareLess, true + } + } + case reflect.String: + { + stringobj1, ok := obj1.(string) + if !ok { + stringobj1 = obj1Value.Convert(stringType).Interface().(string) + } + stringobj2, ok := obj2.(string) + if !ok { + stringobj2 = obj2Value.Convert(stringType).Interface().(string) + } + if stringobj1 > stringobj2 { + return compareGreater, true + } + if stringobj1 == stringobj2 { + return compareEqual, true + } + if stringobj1 < stringobj2 { + return compareLess, true + } + } + // Check for known struct types we can check for compare results. + case reflect.Struct: + { + // All structs enter here. We're not interested in most types. + if !obj1Value.CanConvert(timeType) { + break + } + + // time.Time can be compared! + timeObj1, ok := obj1.(time.Time) + if !ok { + timeObj1 = obj1Value.Convert(timeType).Interface().(time.Time) + } + + timeObj2, ok := obj2.(time.Time) + if !ok { + timeObj2 = obj2Value.Convert(timeType).Interface().(time.Time) + } + + return compare(timeObj1.UnixNano(), timeObj2.UnixNano(), reflect.Int64) + } + case reflect.Slice: + { + // We only care about the []byte type. + if !obj1Value.CanConvert(bytesType) { + break + } + + // []byte can be compared! + bytesObj1, ok := obj1.([]byte) + if !ok { + bytesObj1 = obj1Value.Convert(bytesType).Interface().([]byte) + + } + bytesObj2, ok := obj2.([]byte) + if !ok { + bytesObj2 = obj2Value.Convert(bytesType).Interface().([]byte) + } + + return CompareType(bytes.Compare(bytesObj1, bytesObj2)), true + } + case reflect.Uintptr: + { + uintptrObj1, ok := obj1.(uintptr) + if !ok { + uintptrObj1 = obj1Value.Convert(uintptrType).Interface().(uintptr) + } + uintptrObj2, ok := obj2.(uintptr) + if !ok { + uintptrObj2 = obj2Value.Convert(uintptrType).Interface().(uintptr) + } + if uintptrObj1 > uintptrObj2 { + return compareGreater, true + } + if uintptrObj1 == uintptrObj2 { + return compareEqual, true + } + if uintptrObj1 < uintptrObj2 { + return compareLess, true + } + } + } + + return compareEqual, false +} + +// Greater asserts that the first element is greater than the second +// +// assert.Greater(t, 2, 1) +// assert.Greater(t, float64(2), float64(1)) +// assert.Greater(t, "b", "a") +func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...) +} + +// GreaterOrEqual asserts that the first element is greater than or equal to the second +// +// assert.GreaterOrEqual(t, 2, 1) +// assert.GreaterOrEqual(t, 2, 2) +// assert.GreaterOrEqual(t, "b", "a") +// assert.GreaterOrEqual(t, "b", "b") +func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareGreater, compareEqual}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...) +} + +// Less asserts that the first element is less than the second +// +// assert.Less(t, 1, 2) +// assert.Less(t, float64(1), float64(2)) +// assert.Less(t, "a", "b") +func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...) +} + +// LessOrEqual asserts that the first element is less than or equal to the second +// +// assert.LessOrEqual(t, 1, 2) +// assert.LessOrEqual(t, 2, 2) +// assert.LessOrEqual(t, "a", "b") +// assert.LessOrEqual(t, "b", "b") +func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...) +} + +// Positive asserts that the specified element is positive +// +// assert.Positive(t, 1) +// assert.Positive(t, 1.23) +func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + zero := reflect.Zero(reflect.TypeOf(e)) + return compareTwoValues(t, e, zero.Interface(), []CompareType{compareGreater}, "\"%v\" is not positive", msgAndArgs...) +} + +// Negative asserts that the specified element is negative +// +// assert.Negative(t, -1) +// assert.Negative(t, -1.23) +func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + zero := reflect.Zero(reflect.TypeOf(e)) + return compareTwoValues(t, e, zero.Interface(), []CompareType{compareLess}, "\"%v\" is not negative", msgAndArgs...) +} + +func compareTwoValues(t TestingT, e1 interface{}, e2 interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + e1Kind := reflect.ValueOf(e1).Kind() + e2Kind := reflect.ValueOf(e2).Kind() + if e1Kind != e2Kind { + return Fail(t, "Elements should be the same type", msgAndArgs...) + } + + compareResult, isComparable := compare(e1, e2, e1Kind) + if !isComparable { + return Fail(t, fmt.Sprintf("Can not compare type \"%s\"", reflect.TypeOf(e1)), msgAndArgs...) + } + + if !containsValue(allowedComparesResults, compareResult) { + return Fail(t, fmt.Sprintf(failMessage, e1, e2), msgAndArgs...) + } + + return true +} + +func containsValue(values []CompareType, value CompareType) bool { + for _, v := range values { + if v == value { + return true + } + } + + return false +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go b/vendor/github.com/stretchr/testify/assert/assertion_format.go new file mode 100644 index 0000000000..3ddab109ad --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_format.go @@ -0,0 +1,815 @@ +// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT. + +package assert + +import ( + http "net/http" + url "net/url" + time "time" +) + +// Conditionf uses a Comparison to assert a complex condition. +func Conditionf(t TestingT, comp Comparison, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Condition(t, comp, append([]interface{}{msg}, args...)...) +} + +// Containsf asserts that the specified string, list(array, slice...) or map contains the +// specified substring or element. +// +// assert.Containsf(t, "Hello World", "World", "error message %s", "formatted") +// assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted") +// assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted") +func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Contains(t, s, contains, append([]interface{}{msg}, args...)...) +} + +// DirExistsf checks whether a directory exists in the given path. It also fails +// if the path is a file rather a directory or there is an error checking whether it exists. +func DirExistsf(t TestingT, path string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return DirExists(t, path, append([]interface{}{msg}, args...)...) +} + +// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified +// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements, +// the number of appearances of each of them in both lists should match. +// +// assert.ElementsMatchf(t, [1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted") +func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return ElementsMatch(t, listA, listB, append([]interface{}{msg}, args...)...) +} + +// Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// assert.Emptyf(t, obj, "error message %s", "formatted") +func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Empty(t, object, append([]interface{}{msg}, args...)...) +} + +// Equalf asserts that two objects are equal. +// +// assert.Equalf(t, 123, 123, "error message %s", "formatted") +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). Function equality +// cannot be determined and will always fail. +func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Equal(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// EqualErrorf asserts that a function returned an error (i.e. not `nil`) +// and that it is equal to the provided error. +// +// actualObj, err := SomeFunction() +// assert.EqualErrorf(t, err, expectedErrorString, "error message %s", "formatted") +func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EqualError(t, theError, errString, append([]interface{}{msg}, args...)...) +} + +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EqualExportedValues(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// EqualValuesf asserts that two objects are equal or convertible to the same types +// and equal. +// +// assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted") +func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EqualValues(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// Errorf asserts that a function returned an error (i.e. not `nil`). +// +// actualObj, err := SomeFunction() +// if assert.Errorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } +func Errorf(t TestingT, err error, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Error(t, err, append([]interface{}{msg}, args...)...) +} + +// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value. +// This is a wrapper for errors.As. +func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return ErrorAs(t, err, target, append([]interface{}{msg}, args...)...) +} + +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") +func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return ErrorContains(t, theError, contains, append([]interface{}{msg}, args...)...) +} + +// ErrorIsf asserts that at least one of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return ErrorIs(t, err, target, append([]interface{}{msg}, args...)...) +} + +// Eventuallyf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. +// +// assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Eventually(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...) +} + +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithTf(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EventuallyWithT(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...) +} + +// Exactlyf asserts that two objects are equal in value and type. +// +// assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted") +func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Exactly(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// Failf reports a failure through +func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, failureMessage, append([]interface{}{msg}, args...)...) +} + +// FailNowf fails test +func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return FailNow(t, failureMessage, append([]interface{}{msg}, args...)...) +} + +// Falsef asserts that the specified value is false. +// +// assert.Falsef(t, myBool, "error message %s", "formatted") +func Falsef(t TestingT, value bool, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return False(t, value, append([]interface{}{msg}, args...)...) +} + +// FileExistsf checks whether a file exists in the given path. It also fails if +// the path points to a directory or there is an error when trying to check the file. +func FileExistsf(t TestingT, path string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return FileExists(t, path, append([]interface{}{msg}, args...)...) +} + +// Greaterf asserts that the first element is greater than the second +// +// assert.Greaterf(t, 2, 1, "error message %s", "formatted") +// assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted") +// assert.Greaterf(t, "b", "a", "error message %s", "formatted") +func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Greater(t, e1, e2, append([]interface{}{msg}, args...)...) +} + +// GreaterOrEqualf asserts that the first element is greater than or equal to the second +// +// assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted") +func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return GreaterOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...) +} + +// HTTPBodyContainsf asserts that a specified handler returns a +// body that contains a string. +// +// assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPBodyContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...) +} + +// HTTPBodyNotContainsf asserts that a specified handler returns a +// body that does not contain a string. +// +// assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPBodyNotContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...) +} + +// HTTPErrorf asserts that a specified handler returns an error status code. +// +// assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPError(t, handler, method, url, values, append([]interface{}{msg}, args...)...) +} + +// HTTPRedirectf asserts that a specified handler returns a redirect status code. +// +// assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPRedirect(t, handler, method, url, values, append([]interface{}{msg}, args...)...) +} + +// HTTPStatusCodef asserts that a specified handler returns a specified status code. +// +// assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPStatusCode(t, handler, method, url, values, statuscode, append([]interface{}{msg}, args...)...) +} + +// HTTPSuccessf asserts that a specified handler returns a success status code. +// +// assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return HTTPSuccess(t, handler, method, url, values, append([]interface{}{msg}, args...)...) +} + +// Implementsf asserts that an object is implemented by the specified interface. +// +// assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Implements(t, interfaceObject, object, append([]interface{}{msg}, args...)...) +} + +// InDeltaf asserts that the two numerals are within delta of each other. +// +// assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return InDelta(t, expected, actual, delta, append([]interface{}{msg}, args...)...) +} + +// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys. +func InDeltaMapValuesf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return InDeltaMapValues(t, expected, actual, delta, append([]interface{}{msg}, args...)...) +} + +// InDeltaSlicef is the same as InDelta, except it compares two slices. +func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return InDeltaSlice(t, expected, actual, delta, append([]interface{}{msg}, args...)...) +} + +// InEpsilonf asserts that expected and actual have a relative error less than epsilon +func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return InEpsilon(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...) +} + +// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices. +func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return InEpsilonSlice(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...) +} + +// IsDecreasingf asserts that the collection is decreasing +// +// assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return IsDecreasing(t, object, append([]interface{}{msg}, args...)...) +} + +// IsIncreasingf asserts that the collection is increasing +// +// assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return IsIncreasing(t, object, append([]interface{}{msg}, args...)...) +} + +// IsNonDecreasingf asserts that the collection is not decreasing +// +// assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return IsNonDecreasing(t, object, append([]interface{}{msg}, args...)...) +} + +// IsNonIncreasingf asserts that the collection is not increasing +// +// assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return IsNonIncreasing(t, object, append([]interface{}{msg}, args...)...) +} + +// IsTypef asserts that the specified objects are of the same type. +func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return IsType(t, expectedType, object, append([]interface{}{msg}, args...)...) +} + +// JSONEqf asserts that two JSON strings are equivalent. +// +// assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return JSONEq(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// Lenf asserts that the specified object has specific length. +// Lenf also fails if the object has a type that len() not accept. +// +// assert.Lenf(t, mySlice, 3, "error message %s", "formatted") +func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Len(t, object, length, append([]interface{}{msg}, args...)...) +} + +// Lessf asserts that the first element is less than the second +// +// assert.Lessf(t, 1, 2, "error message %s", "formatted") +// assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted") +// assert.Lessf(t, "a", "b", "error message %s", "formatted") +func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Less(t, e1, e2, append([]interface{}{msg}, args...)...) +} + +// LessOrEqualf asserts that the first element is less than or equal to the second +// +// assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted") +// assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted") +func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return LessOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...) +} + +// Negativef asserts that the specified element is negative +// +// assert.Negativef(t, -1, "error message %s", "formatted") +// assert.Negativef(t, -1.23, "error message %s", "formatted") +func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Negative(t, e, append([]interface{}{msg}, args...)...) +} + +// Neverf asserts that the given condition doesn't satisfy in waitFor time, +// periodically checking the target function each tick. +// +// assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Never(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...) +} + +// Nilf asserts that the specified object is nil. +// +// assert.Nilf(t, err, "error message %s", "formatted") +func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Nil(t, object, append([]interface{}{msg}, args...)...) +} + +// NoDirExistsf checks whether a directory does not exist in the given path. +// It fails if the path points to an existing _directory_ only. +func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NoDirExists(t, path, append([]interface{}{msg}, args...)...) +} + +// NoErrorf asserts that a function returned no error (i.e. `nil`). +// +// actualObj, err := SomeFunction() +// if assert.NoErrorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } +func NoErrorf(t TestingT, err error, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NoError(t, err, append([]interface{}{msg}, args...)...) +} + +// NoFileExistsf checks whether a file does not exist in a given path. It fails +// if the path points to an existing _file_ only. +func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NoFileExists(t, path, append([]interface{}{msg}, args...)...) +} + +// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the +// specified substring or element. +// +// assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted") +func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotContains(t, s, contains, append([]interface{}{msg}, args...)...) +} + +// NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// if assert.NotEmptyf(t, obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } +func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotEmpty(t, object, append([]interface{}{msg}, args...)...) +} + +// NotEqualf asserts that the specified values are NOT equal. +// +// assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted") +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). +func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotEqual(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// NotEqualValuesf asserts that two objects are not equal even when converted to the same type +// +// assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted") +func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotEqualValues(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// NotErrorIsf asserts that at none of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotErrorIs(t, err, target, append([]interface{}{msg}, args...)...) +} + +// NotImplementsf asserts that an object does not implement the specified interface. +// +// assert.NotImplementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +func NotImplementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotImplements(t, interfaceObject, object, append([]interface{}{msg}, args...)...) +} + +// NotNilf asserts that the specified object is not nil. +// +// assert.NotNilf(t, err, "error message %s", "formatted") +func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotNil(t, object, append([]interface{}{msg}, args...)...) +} + +// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. +// +// assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted") +func NotPanicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotPanics(t, f, append([]interface{}{msg}, args...)...) +} + +// NotRegexpf asserts that a specified regexp does not match a string. +// +// assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted") +func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotRegexp(t, rx, str, append([]interface{}{msg}, args...)...) +} + +// NotSamef asserts that two pointers do not reference the same object. +// +// assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted") +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotSame(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// NotSubsetf asserts that the specified list(array, slice...) or map does NOT +// contain all elements given in the specified subset list(array, slice...) or +// map. +// +// assert.NotSubsetf(t, [1, 3, 4], [1, 2], "error message %s", "formatted") +// assert.NotSubsetf(t, {"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted") +func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotSubset(t, list, subset, append([]interface{}{msg}, args...)...) +} + +// NotZerof asserts that i is not the zero value for its type. +func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return NotZero(t, i, append([]interface{}{msg}, args...)...) +} + +// Panicsf asserts that the code inside the specified PanicTestFunc panics. +// +// assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted") +func Panicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Panics(t, f, append([]interface{}{msg}, args...)...) +} + +// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc +// panics, and that the recovered panic value is an error that satisfies the +// EqualError comparison. +// +// assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +func PanicsWithErrorf(t TestingT, errString string, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return PanicsWithError(t, errString, f, append([]interface{}{msg}, args...)...) +} + +// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that +// the recovered panic value equals the expected panic value. +// +// assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +func PanicsWithValuef(t TestingT, expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return PanicsWithValue(t, expected, f, append([]interface{}{msg}, args...)...) +} + +// Positivef asserts that the specified element is positive +// +// assert.Positivef(t, 1, "error message %s", "formatted") +// assert.Positivef(t, 1.23, "error message %s", "formatted") +func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Positive(t, e, append([]interface{}{msg}, args...)...) +} + +// Regexpf asserts that a specified regexp matches a string. +// +// assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted") +func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Regexp(t, rx, str, append([]interface{}{msg}, args...)...) +} + +// Samef asserts that two pointers reference the same object. +// +// assert.Samef(t, ptr1, ptr2, "error message %s", "formatted") +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func Samef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Same(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// Subsetf asserts that the specified list(array, slice...) or map contains all +// elements given in the specified subset list(array, slice...) or map. +// +// assert.Subsetf(t, [1, 2, 3], [1, 2], "error message %s", "formatted") +// assert.Subsetf(t, {"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted") +func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Subset(t, list, subset, append([]interface{}{msg}, args...)...) +} + +// Truef asserts that the specified value is true. +// +// assert.Truef(t, myBool, "error message %s", "formatted") +func Truef(t TestingT, value bool, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return True(t, value, append([]interface{}{msg}, args...)...) +} + +// WithinDurationf asserts that the two times are within duration delta of each other. +// +// assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return WithinDuration(t, expected, actual, delta, append([]interface{}{msg}, args...)...) +} + +// WithinRangef asserts that a time is within a time range (inclusive). +// +// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return WithinRange(t, actual, start, end, append([]interface{}{msg}, args...)...) +} + +// YAMLEqf asserts that two YAML strings are equivalent. +func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return YAMLEq(t, expected, actual, append([]interface{}{msg}, args...)...) +} + +// Zerof asserts that i is the zero value for its type. +func Zerof(t TestingT, i interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Zero(t, i, append([]interface{}{msg}, args...)...) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl b/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl new file mode 100644 index 0000000000..d2bb0b8177 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl @@ -0,0 +1,5 @@ +{{.CommentFormat}} +func {{.DocInfo.Name}}f(t TestingT, {{.ParamsFormat}}) bool { + if h, ok := t.(tHelper); ok { h.Helper() } + return {{.DocInfo.Name}}(t, {{.ForwardedParamsFormat}}) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go b/vendor/github.com/stretchr/testify/assert/assertion_forward.go new file mode 100644 index 0000000000..a84e09bd40 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_forward.go @@ -0,0 +1,1621 @@ +// Code generated with github.com/stretchr/testify/_codegen; DO NOT EDIT. + +package assert + +import ( + http "net/http" + url "net/url" + time "time" +) + +// Condition uses a Comparison to assert a complex condition. +func (a *Assertions) Condition(comp Comparison, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Condition(a.t, comp, msgAndArgs...) +} + +// Conditionf uses a Comparison to assert a complex condition. +func (a *Assertions) Conditionf(comp Comparison, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Conditionf(a.t, comp, msg, args...) +} + +// Contains asserts that the specified string, list(array, slice...) or map contains the +// specified substring or element. +// +// a.Contains("Hello World", "World") +// a.Contains(["Hello", "World"], "World") +// a.Contains({"Hello": "World"}, "Hello") +func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Contains(a.t, s, contains, msgAndArgs...) +} + +// Containsf asserts that the specified string, list(array, slice...) or map contains the +// specified substring or element. +// +// a.Containsf("Hello World", "World", "error message %s", "formatted") +// a.Containsf(["Hello", "World"], "World", "error message %s", "formatted") +// a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted") +func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Containsf(a.t, s, contains, msg, args...) +} + +// DirExists checks whether a directory exists in the given path. It also fails +// if the path is a file rather a directory or there is an error checking whether it exists. +func (a *Assertions) DirExists(path string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return DirExists(a.t, path, msgAndArgs...) +} + +// DirExistsf checks whether a directory exists in the given path. It also fails +// if the path is a file rather a directory or there is an error checking whether it exists. +func (a *Assertions) DirExistsf(path string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return DirExistsf(a.t, path, msg, args...) +} + +// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified +// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements, +// the number of appearances of each of them in both lists should match. +// +// a.ElementsMatch([1, 3, 2, 3], [1, 3, 3, 2]) +func (a *Assertions) ElementsMatch(listA interface{}, listB interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ElementsMatch(a.t, listA, listB, msgAndArgs...) +} + +// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified +// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements, +// the number of appearances of each of them in both lists should match. +// +// a.ElementsMatchf([1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted") +func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ElementsMatchf(a.t, listA, listB, msg, args...) +} + +// Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// a.Empty(obj) +func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Empty(a.t, object, msgAndArgs...) +} + +// Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// a.Emptyf(obj, "error message %s", "formatted") +func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Emptyf(a.t, object, msg, args...) +} + +// Equal asserts that two objects are equal. +// +// a.Equal(123, 123) +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). Function equality +// cannot be determined and will always fail. +func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Equal(a.t, expected, actual, msgAndArgs...) +} + +// EqualError asserts that a function returned an error (i.e. not `nil`) +// and that it is equal to the provided error. +// +// actualObj, err := SomeFunction() +// a.EqualError(err, expectedErrorString) +func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualError(a.t, theError, errString, msgAndArgs...) +} + +// EqualErrorf asserts that a function returned an error (i.e. not `nil`) +// and that it is equal to the provided error. +// +// actualObj, err := SomeFunction() +// a.EqualErrorf(err, expectedErrorString, "error message %s", "formatted") +func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualErrorf(a.t, theError, errString, msg, args...) +} + +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValues(S{1, 2}, S{1, 3}) => true +// a.EqualExportedValues(S{1, 2}, S{2, 3}) => false +func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualExportedValues(a.t, expected, actual, msgAndArgs...) +} + +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualExportedValuesf(a.t, expected, actual, msg, args...) +} + +// EqualValues asserts that two objects are equal or convertible to the same types +// and equal. +// +// a.EqualValues(uint32(123), int32(123)) +func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualValues(a.t, expected, actual, msgAndArgs...) +} + +// EqualValuesf asserts that two objects are equal or convertible to the same types +// and equal. +// +// a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted") +func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualValuesf(a.t, expected, actual, msg, args...) +} + +// Equalf asserts that two objects are equal. +// +// a.Equalf(123, 123, "error message %s", "formatted") +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). Function equality +// cannot be determined and will always fail. +func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Equalf(a.t, expected, actual, msg, args...) +} + +// Error asserts that a function returned an error (i.e. not `nil`). +// +// actualObj, err := SomeFunction() +// if a.Error(err) { +// assert.Equal(t, expectedError, err) +// } +func (a *Assertions) Error(err error, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Error(a.t, err, msgAndArgs...) +} + +// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value. +// This is a wrapper for errors.As. +func (a *Assertions) ErrorAs(err error, target interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorAs(a.t, err, target, msgAndArgs...) +} + +// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value. +// This is a wrapper for errors.As. +func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorAsf(a.t, err, target, msg, args...) +} + +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContains(err, expectedErrorSubString) +func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorContains(a.t, theError, contains, msgAndArgs...) +} + +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") +func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorContainsf(a.t, theError, contains, msg, args...) +} + +// ErrorIs asserts that at least one of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorIs(a.t, err, target, msgAndArgs...) +} + +// ErrorIsf asserts that at least one of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorIsf(a.t, err, target, msg, args...) +} + +// Errorf asserts that a function returned an error (i.e. not `nil`). +// +// actualObj, err := SomeFunction() +// if a.Errorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } +func (a *Assertions) Errorf(err error, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Errorf(a.t, err, msg, args...) +} + +// Eventually asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. +// +// a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond) +func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Eventually(a.t, condition, waitFor, tick, msgAndArgs...) +} + +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithT(func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithT(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...) +} + +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithTf(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...) +} + +// Eventuallyf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. +// +// a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Eventuallyf(a.t, condition, waitFor, tick, msg, args...) +} + +// Exactly asserts that two objects are equal in value and type. +// +// a.Exactly(int32(123), int64(123)) +func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Exactly(a.t, expected, actual, msgAndArgs...) +} + +// Exactlyf asserts that two objects are equal in value and type. +// +// a.Exactlyf(int32(123), int64(123), "error message %s", "formatted") +func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Exactlyf(a.t, expected, actual, msg, args...) +} + +// Fail reports a failure through +func (a *Assertions) Fail(failureMessage string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Fail(a.t, failureMessage, msgAndArgs...) +} + +// FailNow fails test +func (a *Assertions) FailNow(failureMessage string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return FailNow(a.t, failureMessage, msgAndArgs...) +} + +// FailNowf fails test +func (a *Assertions) FailNowf(failureMessage string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return FailNowf(a.t, failureMessage, msg, args...) +} + +// Failf reports a failure through +func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Failf(a.t, failureMessage, msg, args...) +} + +// False asserts that the specified value is false. +// +// a.False(myBool) +func (a *Assertions) False(value bool, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return False(a.t, value, msgAndArgs...) +} + +// Falsef asserts that the specified value is false. +// +// a.Falsef(myBool, "error message %s", "formatted") +func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Falsef(a.t, value, msg, args...) +} + +// FileExists checks whether a file exists in the given path. It also fails if +// the path points to a directory or there is an error when trying to check the file. +func (a *Assertions) FileExists(path string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return FileExists(a.t, path, msgAndArgs...) +} + +// FileExistsf checks whether a file exists in the given path. It also fails if +// the path points to a directory or there is an error when trying to check the file. +func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return FileExistsf(a.t, path, msg, args...) +} + +// Greater asserts that the first element is greater than the second +// +// a.Greater(2, 1) +// a.Greater(float64(2), float64(1)) +// a.Greater("b", "a") +func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Greater(a.t, e1, e2, msgAndArgs...) +} + +// GreaterOrEqual asserts that the first element is greater than or equal to the second +// +// a.GreaterOrEqual(2, 1) +// a.GreaterOrEqual(2, 2) +// a.GreaterOrEqual("b", "a") +// a.GreaterOrEqual("b", "b") +func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return GreaterOrEqual(a.t, e1, e2, msgAndArgs...) +} + +// GreaterOrEqualf asserts that the first element is greater than or equal to the second +// +// a.GreaterOrEqualf(2, 1, "error message %s", "formatted") +// a.GreaterOrEqualf(2, 2, "error message %s", "formatted") +// a.GreaterOrEqualf("b", "a", "error message %s", "formatted") +// a.GreaterOrEqualf("b", "b", "error message %s", "formatted") +func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return GreaterOrEqualf(a.t, e1, e2, msg, args...) +} + +// Greaterf asserts that the first element is greater than the second +// +// a.Greaterf(2, 1, "error message %s", "formatted") +// a.Greaterf(float64(2), float64(1), "error message %s", "formatted") +// a.Greaterf("b", "a", "error message %s", "formatted") +func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Greaterf(a.t, e1, e2, msg, args...) +} + +// HTTPBodyContains asserts that a specified handler returns a +// body that contains a string. +// +// a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPBodyContains(a.t, handler, method, url, values, str, msgAndArgs...) +} + +// HTTPBodyContainsf asserts that a specified handler returns a +// body that contains a string. +// +// a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPBodyContainsf(a.t, handler, method, url, values, str, msg, args...) +} + +// HTTPBodyNotContains asserts that a specified handler returns a +// body that does not contain a string. +// +// a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPBodyNotContains(a.t, handler, method, url, values, str, msgAndArgs...) +} + +// HTTPBodyNotContainsf asserts that a specified handler returns a +// body that does not contain a string. +// +// a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPBodyNotContainsf(a.t, handler, method, url, values, str, msg, args...) +} + +// HTTPError asserts that a specified handler returns an error status code. +// +// a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPError(a.t, handler, method, url, values, msgAndArgs...) +} + +// HTTPErrorf asserts that a specified handler returns an error status code. +// +// a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPErrorf(a.t, handler, method, url, values, msg, args...) +} + +// HTTPRedirect asserts that a specified handler returns a redirect status code. +// +// a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPRedirect(a.t, handler, method, url, values, msgAndArgs...) +} + +// HTTPRedirectf asserts that a specified handler returns a redirect status code. +// +// a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPRedirectf(a.t, handler, method, url, values, msg, args...) +} + +// HTTPStatusCode asserts that a specified handler returns a specified status code. +// +// a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501) +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPStatusCode(a.t, handler, method, url, values, statuscode, msgAndArgs...) +} + +// HTTPStatusCodef asserts that a specified handler returns a specified status code. +// +// a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPStatusCodef(a.t, handler, method, url, values, statuscode, msg, args...) +} + +// HTTPSuccess asserts that a specified handler returns a success status code. +// +// a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil) +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPSuccess(a.t, handler, method, url, values, msgAndArgs...) +} + +// HTTPSuccessf asserts that a specified handler returns a success status code. +// +// a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// +// Returns whether the assertion was successful (true) or not (false). +func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return HTTPSuccessf(a.t, handler, method, url, values, msg, args...) +} + +// Implements asserts that an object is implemented by the specified interface. +// +// a.Implements((*MyInterface)(nil), new(MyObject)) +func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Implements(a.t, interfaceObject, object, msgAndArgs...) +} + +// Implementsf asserts that an object is implemented by the specified interface. +// +// a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Implementsf(a.t, interfaceObject, object, msg, args...) +} + +// InDelta asserts that the two numerals are within delta of each other. +// +// a.InDelta(math.Pi, 22/7.0, 0.01) +func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDelta(a.t, expected, actual, delta, msgAndArgs...) +} + +// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys. +func (a *Assertions) InDeltaMapValues(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDeltaMapValues(a.t, expected, actual, delta, msgAndArgs...) +} + +// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys. +func (a *Assertions) InDeltaMapValuesf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDeltaMapValuesf(a.t, expected, actual, delta, msg, args...) +} + +// InDeltaSlice is the same as InDelta, except it compares two slices. +func (a *Assertions) InDeltaSlice(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDeltaSlice(a.t, expected, actual, delta, msgAndArgs...) +} + +// InDeltaSlicef is the same as InDelta, except it compares two slices. +func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDeltaSlicef(a.t, expected, actual, delta, msg, args...) +} + +// InDeltaf asserts that the two numerals are within delta of each other. +// +// a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InDeltaf(a.t, expected, actual, delta, msg, args...) +} + +// InEpsilon asserts that expected and actual have a relative error less than epsilon +func (a *Assertions) InEpsilon(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InEpsilon(a.t, expected, actual, epsilon, msgAndArgs...) +} + +// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices. +func (a *Assertions) InEpsilonSlice(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InEpsilonSlice(a.t, expected, actual, epsilon, msgAndArgs...) +} + +// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices. +func (a *Assertions) InEpsilonSlicef(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InEpsilonSlicef(a.t, expected, actual, epsilon, msg, args...) +} + +// InEpsilonf asserts that expected and actual have a relative error less than epsilon +func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return InEpsilonf(a.t, expected, actual, epsilon, msg, args...) +} + +// IsDecreasing asserts that the collection is decreasing +// +// a.IsDecreasing([]int{2, 1, 0}) +// a.IsDecreasing([]float{2, 1}) +// a.IsDecreasing([]string{"b", "a"}) +func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsDecreasing(a.t, object, msgAndArgs...) +} + +// IsDecreasingf asserts that the collection is decreasing +// +// a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted") +// a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted") +func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsDecreasingf(a.t, object, msg, args...) +} + +// IsIncreasing asserts that the collection is increasing +// +// a.IsIncreasing([]int{1, 2, 3}) +// a.IsIncreasing([]float{1, 2}) +// a.IsIncreasing([]string{"a", "b"}) +func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsIncreasing(a.t, object, msgAndArgs...) +} + +// IsIncreasingf asserts that the collection is increasing +// +// a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted") +// a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted") +func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsIncreasingf(a.t, object, msg, args...) +} + +// IsNonDecreasing asserts that the collection is not decreasing +// +// a.IsNonDecreasing([]int{1, 1, 2}) +// a.IsNonDecreasing([]float{1, 2}) +// a.IsNonDecreasing([]string{"a", "b"}) +func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsNonDecreasing(a.t, object, msgAndArgs...) +} + +// IsNonDecreasingf asserts that the collection is not decreasing +// +// a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted") +func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsNonDecreasingf(a.t, object, msg, args...) +} + +// IsNonIncreasing asserts that the collection is not increasing +// +// a.IsNonIncreasing([]int{2, 1, 1}) +// a.IsNonIncreasing([]float{2, 1}) +// a.IsNonIncreasing([]string{"b", "a"}) +func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsNonIncreasing(a.t, object, msgAndArgs...) +} + +// IsNonIncreasingf asserts that the collection is not increasing +// +// a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted") +func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsNonIncreasingf(a.t, object, msg, args...) +} + +// IsType asserts that the specified objects are of the same type. +func (a *Assertions) IsType(expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsType(a.t, expectedType, object, msgAndArgs...) +} + +// IsTypef asserts that the specified objects are of the same type. +func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return IsTypef(a.t, expectedType, object, msg, args...) +} + +// JSONEq asserts that two JSON strings are equivalent. +// +// a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return JSONEq(a.t, expected, actual, msgAndArgs...) +} + +// JSONEqf asserts that two JSON strings are equivalent. +// +// a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return JSONEqf(a.t, expected, actual, msg, args...) +} + +// Len asserts that the specified object has specific length. +// Len also fails if the object has a type that len() not accept. +// +// a.Len(mySlice, 3) +func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Len(a.t, object, length, msgAndArgs...) +} + +// Lenf asserts that the specified object has specific length. +// Lenf also fails if the object has a type that len() not accept. +// +// a.Lenf(mySlice, 3, "error message %s", "formatted") +func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Lenf(a.t, object, length, msg, args...) +} + +// Less asserts that the first element is less than the second +// +// a.Less(1, 2) +// a.Less(float64(1), float64(2)) +// a.Less("a", "b") +func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Less(a.t, e1, e2, msgAndArgs...) +} + +// LessOrEqual asserts that the first element is less than or equal to the second +// +// a.LessOrEqual(1, 2) +// a.LessOrEqual(2, 2) +// a.LessOrEqual("a", "b") +// a.LessOrEqual("b", "b") +func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return LessOrEqual(a.t, e1, e2, msgAndArgs...) +} + +// LessOrEqualf asserts that the first element is less than or equal to the second +// +// a.LessOrEqualf(1, 2, "error message %s", "formatted") +// a.LessOrEqualf(2, 2, "error message %s", "formatted") +// a.LessOrEqualf("a", "b", "error message %s", "formatted") +// a.LessOrEqualf("b", "b", "error message %s", "formatted") +func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return LessOrEqualf(a.t, e1, e2, msg, args...) +} + +// Lessf asserts that the first element is less than the second +// +// a.Lessf(1, 2, "error message %s", "formatted") +// a.Lessf(float64(1), float64(2), "error message %s", "formatted") +// a.Lessf("a", "b", "error message %s", "formatted") +func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Lessf(a.t, e1, e2, msg, args...) +} + +// Negative asserts that the specified element is negative +// +// a.Negative(-1) +// a.Negative(-1.23) +func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Negative(a.t, e, msgAndArgs...) +} + +// Negativef asserts that the specified element is negative +// +// a.Negativef(-1, "error message %s", "formatted") +// a.Negativef(-1.23, "error message %s", "formatted") +func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Negativef(a.t, e, msg, args...) +} + +// Never asserts that the given condition doesn't satisfy in waitFor time, +// periodically checking the target function each tick. +// +// a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond) +func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Never(a.t, condition, waitFor, tick, msgAndArgs...) +} + +// Neverf asserts that the given condition doesn't satisfy in waitFor time, +// periodically checking the target function each tick. +// +// a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Neverf(a.t, condition, waitFor, tick, msg, args...) +} + +// Nil asserts that the specified object is nil. +// +// a.Nil(err) +func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Nil(a.t, object, msgAndArgs...) +} + +// Nilf asserts that the specified object is nil. +// +// a.Nilf(err, "error message %s", "formatted") +func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Nilf(a.t, object, msg, args...) +} + +// NoDirExists checks whether a directory does not exist in the given path. +// It fails if the path points to an existing _directory_ only. +func (a *Assertions) NoDirExists(path string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoDirExists(a.t, path, msgAndArgs...) +} + +// NoDirExistsf checks whether a directory does not exist in the given path. +// It fails if the path points to an existing _directory_ only. +func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoDirExistsf(a.t, path, msg, args...) +} + +// NoError asserts that a function returned no error (i.e. `nil`). +// +// actualObj, err := SomeFunction() +// if a.NoError(err) { +// assert.Equal(t, expectedObj, actualObj) +// } +func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoError(a.t, err, msgAndArgs...) +} + +// NoErrorf asserts that a function returned no error (i.e. `nil`). +// +// actualObj, err := SomeFunction() +// if a.NoErrorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } +func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoErrorf(a.t, err, msg, args...) +} + +// NoFileExists checks whether a file does not exist in a given path. It fails +// if the path points to an existing _file_ only. +func (a *Assertions) NoFileExists(path string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoFileExists(a.t, path, msgAndArgs...) +} + +// NoFileExistsf checks whether a file does not exist in a given path. It fails +// if the path points to an existing _file_ only. +func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NoFileExistsf(a.t, path, msg, args...) +} + +// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the +// specified substring or element. +// +// a.NotContains("Hello World", "Earth") +// a.NotContains(["Hello", "World"], "Earth") +// a.NotContains({"Hello": "World"}, "Earth") +func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotContains(a.t, s, contains, msgAndArgs...) +} + +// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the +// specified substring or element. +// +// a.NotContainsf("Hello World", "Earth", "error message %s", "formatted") +// a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted") +// a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted") +func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotContainsf(a.t, s, contains, msg, args...) +} + +// NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// if a.NotEmpty(obj) { +// assert.Equal(t, "two", obj[1]) +// } +func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEmpty(a.t, object, msgAndArgs...) +} + +// NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// if a.NotEmptyf(obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } +func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEmptyf(a.t, object, msg, args...) +} + +// NotEqual asserts that the specified values are NOT equal. +// +// a.NotEqual(obj1, obj2) +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). +func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEqual(a.t, expected, actual, msgAndArgs...) +} + +// NotEqualValues asserts that two objects are not equal even when converted to the same type +// +// a.NotEqualValues(obj1, obj2) +func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEqualValues(a.t, expected, actual, msgAndArgs...) +} + +// NotEqualValuesf asserts that two objects are not equal even when converted to the same type +// +// a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted") +func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEqualValuesf(a.t, expected, actual, msg, args...) +} + +// NotEqualf asserts that the specified values are NOT equal. +// +// a.NotEqualf(obj1, obj2, "error message %s", "formatted") +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). +func (a *Assertions) NotEqualf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotEqualf(a.t, expected, actual, msg, args...) +} + +// NotErrorIs asserts that at none of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func (a *Assertions) NotErrorIs(err error, target error, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotErrorIs(a.t, err, target, msgAndArgs...) +} + +// NotErrorIsf asserts that at none of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotErrorIsf(a.t, err, target, msg, args...) +} + +// NotImplements asserts that an object does not implement the specified interface. +// +// a.NotImplements((*MyInterface)(nil), new(MyObject)) +func (a *Assertions) NotImplements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotImplements(a.t, interfaceObject, object, msgAndArgs...) +} + +// NotImplementsf asserts that an object does not implement the specified interface. +// +// a.NotImplementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +func (a *Assertions) NotImplementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotImplementsf(a.t, interfaceObject, object, msg, args...) +} + +// NotNil asserts that the specified object is not nil. +// +// a.NotNil(err) +func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotNil(a.t, object, msgAndArgs...) +} + +// NotNilf asserts that the specified object is not nil. +// +// a.NotNilf(err, "error message %s", "formatted") +func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotNilf(a.t, object, msg, args...) +} + +// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. +// +// a.NotPanics(func(){ RemainCalm() }) +func (a *Assertions) NotPanics(f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotPanics(a.t, f, msgAndArgs...) +} + +// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. +// +// a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted") +func (a *Assertions) NotPanicsf(f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotPanicsf(a.t, f, msg, args...) +} + +// NotRegexp asserts that a specified regexp does not match a string. +// +// a.NotRegexp(regexp.MustCompile("starts"), "it's starting") +// a.NotRegexp("^start", "it's not starting") +func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotRegexp(a.t, rx, str, msgAndArgs...) +} + +// NotRegexpf asserts that a specified regexp does not match a string. +// +// a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted") +func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotRegexpf(a.t, rx, str, msg, args...) +} + +// NotSame asserts that two pointers do not reference the same object. +// +// a.NotSame(ptr1, ptr2) +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotSame(a.t, expected, actual, msgAndArgs...) +} + +// NotSamef asserts that two pointers do not reference the same object. +// +// a.NotSamef(ptr1, ptr2, "error message %s", "formatted") +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotSamef(a.t, expected, actual, msg, args...) +} + +// NotSubset asserts that the specified list(array, slice...) or map does NOT +// contain all elements given in the specified subset list(array, slice...) or +// map. +// +// a.NotSubset([1, 3, 4], [1, 2]) +// a.NotSubset({"x": 1, "y": 2}, {"z": 3}) +func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotSubset(a.t, list, subset, msgAndArgs...) +} + +// NotSubsetf asserts that the specified list(array, slice...) or map does NOT +// contain all elements given in the specified subset list(array, slice...) or +// map. +// +// a.NotSubsetf([1, 3, 4], [1, 2], "error message %s", "formatted") +// a.NotSubsetf({"x": 1, "y": 2}, {"z": 3}, "error message %s", "formatted") +func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotSubsetf(a.t, list, subset, msg, args...) +} + +// NotZero asserts that i is not the zero value for its type. +func (a *Assertions) NotZero(i interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotZero(a.t, i, msgAndArgs...) +} + +// NotZerof asserts that i is not the zero value for its type. +func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return NotZerof(a.t, i, msg, args...) +} + +// Panics asserts that the code inside the specified PanicTestFunc panics. +// +// a.Panics(func(){ GoCrazy() }) +func (a *Assertions) Panics(f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Panics(a.t, f, msgAndArgs...) +} + +// PanicsWithError asserts that the code inside the specified PanicTestFunc +// panics, and that the recovered panic value is an error that satisfies the +// EqualError comparison. +// +// a.PanicsWithError("crazy error", func(){ GoCrazy() }) +func (a *Assertions) PanicsWithError(errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return PanicsWithError(a.t, errString, f, msgAndArgs...) +} + +// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc +// panics, and that the recovered panic value is an error that satisfies the +// EqualError comparison. +// +// a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +func (a *Assertions) PanicsWithErrorf(errString string, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return PanicsWithErrorf(a.t, errString, f, msg, args...) +} + +// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that +// the recovered panic value equals the expected panic value. +// +// a.PanicsWithValue("crazy error", func(){ GoCrazy() }) +func (a *Assertions) PanicsWithValue(expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return PanicsWithValue(a.t, expected, f, msgAndArgs...) +} + +// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that +// the recovered panic value equals the expected panic value. +// +// a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +func (a *Assertions) PanicsWithValuef(expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return PanicsWithValuef(a.t, expected, f, msg, args...) +} + +// Panicsf asserts that the code inside the specified PanicTestFunc panics. +// +// a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted") +func (a *Assertions) Panicsf(f PanicTestFunc, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Panicsf(a.t, f, msg, args...) +} + +// Positive asserts that the specified element is positive +// +// a.Positive(1) +// a.Positive(1.23) +func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Positive(a.t, e, msgAndArgs...) +} + +// Positivef asserts that the specified element is positive +// +// a.Positivef(1, "error message %s", "formatted") +// a.Positivef(1.23, "error message %s", "formatted") +func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Positivef(a.t, e, msg, args...) +} + +// Regexp asserts that a specified regexp matches a string. +// +// a.Regexp(regexp.MustCompile("start"), "it's starting") +// a.Regexp("start...$", "it's not starting") +func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Regexp(a.t, rx, str, msgAndArgs...) +} + +// Regexpf asserts that a specified regexp matches a string. +// +// a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// a.Regexpf("start...$", "it's not starting", "error message %s", "formatted") +func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Regexpf(a.t, rx, str, msg, args...) +} + +// Same asserts that two pointers reference the same object. +// +// a.Same(ptr1, ptr2) +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Same(a.t, expected, actual, msgAndArgs...) +} + +// Samef asserts that two pointers reference the same object. +// +// a.Samef(ptr1, ptr2, "error message %s", "formatted") +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Samef(a.t, expected, actual, msg, args...) +} + +// Subset asserts that the specified list(array, slice...) or map contains all +// elements given in the specified subset list(array, slice...) or map. +// +// a.Subset([1, 2, 3], [1, 2]) +// a.Subset({"x": 1, "y": 2}, {"x": 1}) +func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Subset(a.t, list, subset, msgAndArgs...) +} + +// Subsetf asserts that the specified list(array, slice...) or map contains all +// elements given in the specified subset list(array, slice...) or map. +// +// a.Subsetf([1, 2, 3], [1, 2], "error message %s", "formatted") +// a.Subsetf({"x": 1, "y": 2}, {"x": 1}, "error message %s", "formatted") +func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Subsetf(a.t, list, subset, msg, args...) +} + +// True asserts that the specified value is true. +// +// a.True(myBool) +func (a *Assertions) True(value bool, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return True(a.t, value, msgAndArgs...) +} + +// Truef asserts that the specified value is true. +// +// a.Truef(myBool, "error message %s", "formatted") +func (a *Assertions) Truef(value bool, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Truef(a.t, value, msg, args...) +} + +// WithinDuration asserts that the two times are within duration delta of each other. +// +// a.WithinDuration(time.Now(), time.Now(), 10*time.Second) +func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinDuration(a.t, expected, actual, delta, msgAndArgs...) +} + +// WithinDurationf asserts that the two times are within duration delta of each other. +// +// a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinDurationf(a.t, expected, actual, delta, msg, args...) +} + +// WithinRange asserts that a time is within a time range (inclusive). +// +// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinRange(a.t, actual, start, end, msgAndArgs...) +} + +// WithinRangef asserts that a time is within a time range (inclusive). +// +// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinRangef(a.t, actual, start, end, msg, args...) +} + +// YAMLEq asserts that two YAML strings are equivalent. +func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return YAMLEq(a.t, expected, actual, msgAndArgs...) +} + +// YAMLEqf asserts that two YAML strings are equivalent. +func (a *Assertions) YAMLEqf(expected string, actual string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return YAMLEqf(a.t, expected, actual, msg, args...) +} + +// Zero asserts that i is the zero value for its type. +func (a *Assertions) Zero(i interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Zero(a.t, i, msgAndArgs...) +} + +// Zerof asserts that i is the zero value for its type. +func (a *Assertions) Zerof(i interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return Zerof(a.t, i, msg, args...) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl b/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl new file mode 100644 index 0000000000..188bb9e174 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl @@ -0,0 +1,5 @@ +{{.CommentWithoutT "a"}} +func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) bool { + if h, ok := a.t.(tHelper); ok { h.Helper() } + return {{.DocInfo.Name}}(a.t, {{.ForwardedParams}}) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_order.go b/vendor/github.com/stretchr/testify/assert/assertion_order.go new file mode 100644 index 0000000000..00df62a059 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_order.go @@ -0,0 +1,81 @@ +package assert + +import ( + "fmt" + "reflect" +) + +// isOrdered checks that collection contains orderable elements. +func isOrdered(t TestingT, object interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool { + objKind := reflect.TypeOf(object).Kind() + if objKind != reflect.Slice && objKind != reflect.Array { + return false + } + + objValue := reflect.ValueOf(object) + objLen := objValue.Len() + + if objLen <= 1 { + return true + } + + value := objValue.Index(0) + valueInterface := value.Interface() + firstValueKind := value.Kind() + + for i := 1; i < objLen; i++ { + prevValue := value + prevValueInterface := valueInterface + + value = objValue.Index(i) + valueInterface = value.Interface() + + compareResult, isComparable := compare(prevValueInterface, valueInterface, firstValueKind) + + if !isComparable { + return Fail(t, fmt.Sprintf("Can not compare type \"%s\" and \"%s\"", reflect.TypeOf(value), reflect.TypeOf(prevValue)), msgAndArgs...) + } + + if !containsValue(allowedComparesResults, compareResult) { + return Fail(t, fmt.Sprintf(failMessage, prevValue, value), msgAndArgs...) + } + } + + return true +} + +// IsIncreasing asserts that the collection is increasing +// +// assert.IsIncreasing(t, []int{1, 2, 3}) +// assert.IsIncreasing(t, []float{1, 2}) +// assert.IsIncreasing(t, []string{"a", "b"}) +func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...) +} + +// IsNonIncreasing asserts that the collection is not increasing +// +// assert.IsNonIncreasing(t, []int{2, 1, 1}) +// assert.IsNonIncreasing(t, []float{2, 1}) +// assert.IsNonIncreasing(t, []string{"b", "a"}) +func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...) +} + +// IsDecreasing asserts that the collection is decreasing +// +// assert.IsDecreasing(t, []int{2, 1, 0}) +// assert.IsDecreasing(t, []float{2, 1}) +// assert.IsDecreasing(t, []string{"b", "a"}) +func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...) +} + +// IsNonDecreasing asserts that the collection is not decreasing +// +// assert.IsNonDecreasing(t, []int{1, 1, 2}) +// assert.IsNonDecreasing(t, []float{1, 2}) +// assert.IsNonDecreasing(t, []string{"a", "b"}) +func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go new file mode 100644 index 0000000000..0b7570f21c --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertions.go @@ -0,0 +1,2105 @@ +package assert + +import ( + "bufio" + "bytes" + "encoding/json" + "errors" + "fmt" + "math" + "os" + "reflect" + "regexp" + "runtime" + "runtime/debug" + "strings" + "time" + "unicode" + "unicode/utf8" + + "github.com/davecgh/go-spew/spew" + "github.com/pmezard/go-difflib/difflib" + "gopkg.in/yaml.v3" +) + +//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_format.go.tmpl" + +// TestingT is an interface wrapper around *testing.T +type TestingT interface { + Errorf(format string, args ...interface{}) +} + +// ComparisonAssertionFunc is a common function prototype when comparing two values. Can be useful +// for table driven tests. +type ComparisonAssertionFunc func(TestingT, interface{}, interface{}, ...interface{}) bool + +// ValueAssertionFunc is a common function prototype when validating a single value. Can be useful +// for table driven tests. +type ValueAssertionFunc func(TestingT, interface{}, ...interface{}) bool + +// BoolAssertionFunc is a common function prototype when validating a bool value. Can be useful +// for table driven tests. +type BoolAssertionFunc func(TestingT, bool, ...interface{}) bool + +// ErrorAssertionFunc is a common function prototype when validating an error value. Can be useful +// for table driven tests. +type ErrorAssertionFunc func(TestingT, error, ...interface{}) bool + +// Comparison is a custom function that returns true on success and false on failure +type Comparison func() (success bool) + +/* + Helper functions +*/ + +// ObjectsAreEqual determines if two objects are considered equal. +// +// This function does no assertion of any kind. +func ObjectsAreEqual(expected, actual interface{}) bool { + if expected == nil || actual == nil { + return expected == actual + } + + exp, ok := expected.([]byte) + if !ok { + return reflect.DeepEqual(expected, actual) + } + + act, ok := actual.([]byte) + if !ok { + return false + } + if exp == nil || act == nil { + return exp == nil && act == nil + } + return bytes.Equal(exp, act) +} + +// copyExportedFields iterates downward through nested data structures and creates a copy +// that only contains the exported struct fields. +func copyExportedFields(expected interface{}) interface{} { + if isNil(expected) { + return expected + } + + expectedType := reflect.TypeOf(expected) + expectedKind := expectedType.Kind() + expectedValue := reflect.ValueOf(expected) + + switch expectedKind { + case reflect.Struct: + result := reflect.New(expectedType).Elem() + for i := 0; i < expectedType.NumField(); i++ { + field := expectedType.Field(i) + isExported := field.IsExported() + if isExported { + fieldValue := expectedValue.Field(i) + if isNil(fieldValue) || isNil(fieldValue.Interface()) { + continue + } + newValue := copyExportedFields(fieldValue.Interface()) + result.Field(i).Set(reflect.ValueOf(newValue)) + } + } + return result.Interface() + + case reflect.Ptr: + result := reflect.New(expectedType.Elem()) + unexportedRemoved := copyExportedFields(expectedValue.Elem().Interface()) + result.Elem().Set(reflect.ValueOf(unexportedRemoved)) + return result.Interface() + + case reflect.Array, reflect.Slice: + var result reflect.Value + if expectedKind == reflect.Array { + result = reflect.New(reflect.ArrayOf(expectedValue.Len(), expectedType.Elem())).Elem() + } else { + result = reflect.MakeSlice(expectedType, expectedValue.Len(), expectedValue.Len()) + } + for i := 0; i < expectedValue.Len(); i++ { + index := expectedValue.Index(i) + if isNil(index) { + continue + } + unexportedRemoved := copyExportedFields(index.Interface()) + result.Index(i).Set(reflect.ValueOf(unexportedRemoved)) + } + return result.Interface() + + case reflect.Map: + result := reflect.MakeMap(expectedType) + for _, k := range expectedValue.MapKeys() { + index := expectedValue.MapIndex(k) + unexportedRemoved := copyExportedFields(index.Interface()) + result.SetMapIndex(k, reflect.ValueOf(unexportedRemoved)) + } + return result.Interface() + + default: + return expected + } +} + +// ObjectsExportedFieldsAreEqual determines if the exported (public) fields of two objects are +// considered equal. This comparison of only exported fields is applied recursively to nested data +// structures. +// +// This function does no assertion of any kind. +// +// Deprecated: Use [EqualExportedValues] instead. +func ObjectsExportedFieldsAreEqual(expected, actual interface{}) bool { + expectedCleaned := copyExportedFields(expected) + actualCleaned := copyExportedFields(actual) + return ObjectsAreEqualValues(expectedCleaned, actualCleaned) +} + +// ObjectsAreEqualValues gets whether two objects are equal, or if their +// values are equal. +func ObjectsAreEqualValues(expected, actual interface{}) bool { + if ObjectsAreEqual(expected, actual) { + return true + } + + expectedValue := reflect.ValueOf(expected) + actualValue := reflect.ValueOf(actual) + if !expectedValue.IsValid() || !actualValue.IsValid() { + return false + } + + expectedType := expectedValue.Type() + actualType := actualValue.Type() + if !expectedType.ConvertibleTo(actualType) { + return false + } + + if !isNumericType(expectedType) || !isNumericType(actualType) { + // Attempt comparison after type conversion + return reflect.DeepEqual( + expectedValue.Convert(actualType).Interface(), actual, + ) + } + + // If BOTH values are numeric, there are chances of false positives due + // to overflow or underflow. So, we need to make sure to always convert + // the smaller type to a larger type before comparing. + if expectedType.Size() >= actualType.Size() { + return actualValue.Convert(expectedType).Interface() == expected + } + + return expectedValue.Convert(actualType).Interface() == actual +} + +// isNumericType returns true if the type is one of: +// int, int8, int16, int32, int64, uint, uint8, uint16, uint32, uint64, +// float32, float64, complex64, complex128 +func isNumericType(t reflect.Type) bool { + return t.Kind() >= reflect.Int && t.Kind() <= reflect.Complex128 +} + +/* CallerInfo is necessary because the assert functions use the testing object +internally, causing it to print the file:line of the assert method, rather than where +the problem actually occurred in calling code.*/ + +// CallerInfo returns an array of strings containing the file and line number +// of each stack frame leading from the current test to the assert call that +// failed. +func CallerInfo() []string { + + var pc uintptr + var ok bool + var file string + var line int + var name string + + callers := []string{} + for i := 0; ; i++ { + pc, file, line, ok = runtime.Caller(i) + if !ok { + // The breaks below failed to terminate the loop, and we ran off the + // end of the call stack. + break + } + + // This is a huge edge case, but it will panic if this is the case, see #180 + if file == "" { + break + } + + f := runtime.FuncForPC(pc) + if f == nil { + break + } + name = f.Name() + + // testing.tRunner is the standard library function that calls + // tests. Subtests are called directly by tRunner, without going through + // the Test/Benchmark/Example function that contains the t.Run calls, so + // with subtests we should break when we hit tRunner, without adding it + // to the list of callers. + if name == "testing.tRunner" { + break + } + + parts := strings.Split(file, "/") + if len(parts) > 1 { + filename := parts[len(parts)-1] + dir := parts[len(parts)-2] + if (dir != "assert" && dir != "mock" && dir != "require") || filename == "mock_test.go" { + callers = append(callers, fmt.Sprintf("%s:%d", file, line)) + } + } + + // Drop the package + segments := strings.Split(name, ".") + name = segments[len(segments)-1] + if isTest(name, "Test") || + isTest(name, "Benchmark") || + isTest(name, "Example") { + break + } + } + + return callers +} + +// Stolen from the `go test` tool. +// isTest tells whether name looks like a test (or benchmark, according to prefix). +// It is a Test (say) if there is a character after Test that is not a lower-case letter. +// We don't want TesticularCancer. +func isTest(name, prefix string) bool { + if !strings.HasPrefix(name, prefix) { + return false + } + if len(name) == len(prefix) { // "Test" is ok + return true + } + r, _ := utf8.DecodeRuneInString(name[len(prefix):]) + return !unicode.IsLower(r) +} + +func messageFromMsgAndArgs(msgAndArgs ...interface{}) string { + if len(msgAndArgs) == 0 || msgAndArgs == nil { + return "" + } + if len(msgAndArgs) == 1 { + msg := msgAndArgs[0] + if msgAsStr, ok := msg.(string); ok { + return msgAsStr + } + return fmt.Sprintf("%+v", msg) + } + if len(msgAndArgs) > 1 { + return fmt.Sprintf(msgAndArgs[0].(string), msgAndArgs[1:]...) + } + return "" +} + +// Aligns the provided message so that all lines after the first line start at the same location as the first line. +// Assumes that the first line starts at the correct location (after carriage return, tab, label, spacer and tab). +// The longestLabelLen parameter specifies the length of the longest label in the output (required because this is the +// basis on which the alignment occurs). +func indentMessageLines(message string, longestLabelLen int) string { + outBuf := new(bytes.Buffer) + + for i, scanner := 0, bufio.NewScanner(strings.NewReader(message)); scanner.Scan(); i++ { + // no need to align first line because it starts at the correct location (after the label) + if i != 0 { + // append alignLen+1 spaces to align with "{{longestLabel}}:" before adding tab + outBuf.WriteString("\n\t" + strings.Repeat(" ", longestLabelLen+1) + "\t") + } + outBuf.WriteString(scanner.Text()) + } + + return outBuf.String() +} + +type failNower interface { + FailNow() +} + +// FailNow fails test +func FailNow(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + Fail(t, failureMessage, msgAndArgs...) + + // We cannot extend TestingT with FailNow() and + // maintain backwards compatibility, so we fallback + // to panicking when FailNow is not available in + // TestingT. + // See issue #263 + + if t, ok := t.(failNower); ok { + t.FailNow() + } else { + panic("test failed and t is missing `FailNow()`") + } + return false +} + +// Fail reports a failure through +func Fail(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + content := []labeledContent{ + {"Error Trace", strings.Join(CallerInfo(), "\n\t\t\t")}, + {"Error", failureMessage}, + } + + // Add test name if the Go version supports it + if n, ok := t.(interface { + Name() string + }); ok { + content = append(content, labeledContent{"Test", n.Name()}) + } + + message := messageFromMsgAndArgs(msgAndArgs...) + if len(message) > 0 { + content = append(content, labeledContent{"Messages", message}) + } + + t.Errorf("\n%s", ""+labeledOutput(content...)) + + return false +} + +type labeledContent struct { + label string + content string +} + +// labeledOutput returns a string consisting of the provided labeledContent. Each labeled output is appended in the following manner: +// +// \t{{label}}:{{align_spaces}}\t{{content}}\n +// +// The initial carriage return is required to undo/erase any padding added by testing.T.Errorf. The "\t{{label}}:" is for the label. +// If a label is shorter than the longest label provided, padding spaces are added to make all the labels match in length. Once this +// alignment is achieved, "\t{{content}}\n" is added for the output. +// +// If the content of the labeledOutput contains line breaks, the subsequent lines are aligned so that they start at the same location as the first line. +func labeledOutput(content ...labeledContent) string { + longestLabel := 0 + for _, v := range content { + if len(v.label) > longestLabel { + longestLabel = len(v.label) + } + } + var output string + for _, v := range content { + output += "\t" + v.label + ":" + strings.Repeat(" ", longestLabel-len(v.label)) + "\t" + indentMessageLines(v.content, longestLabel) + "\n" + } + return output +} + +// Implements asserts that an object is implemented by the specified interface. +// +// assert.Implements(t, (*MyInterface)(nil), new(MyObject)) +func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + interfaceType := reflect.TypeOf(interfaceObject).Elem() + + if object == nil { + return Fail(t, fmt.Sprintf("Cannot check if nil implements %v", interfaceType), msgAndArgs...) + } + if !reflect.TypeOf(object).Implements(interfaceType) { + return Fail(t, fmt.Sprintf("%T must implement %v", object, interfaceType), msgAndArgs...) + } + + return true +} + +// NotImplements asserts that an object does not implement the specified interface. +// +// assert.NotImplements(t, (*MyInterface)(nil), new(MyObject)) +func NotImplements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + interfaceType := reflect.TypeOf(interfaceObject).Elem() + + if object == nil { + return Fail(t, fmt.Sprintf("Cannot check if nil does not implement %v", interfaceType), msgAndArgs...) + } + if reflect.TypeOf(object).Implements(interfaceType) { + return Fail(t, fmt.Sprintf("%T implements %v", object, interfaceType), msgAndArgs...) + } + + return true +} + +// IsType asserts that the specified objects are of the same type. +func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if !ObjectsAreEqual(reflect.TypeOf(object), reflect.TypeOf(expectedType)) { + return Fail(t, fmt.Sprintf("Object expected to be of type %v, but was %v", reflect.TypeOf(expectedType), reflect.TypeOf(object)), msgAndArgs...) + } + + return true +} + +// Equal asserts that two objects are equal. +// +// assert.Equal(t, 123, 123) +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). Function equality +// cannot be determined and will always fail. +func Equal(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if err := validateEqualArgs(expected, actual); err != nil { + return Fail(t, fmt.Sprintf("Invalid operation: %#v == %#v (%s)", + expected, actual, err), msgAndArgs...) + } + + if !ObjectsAreEqual(expected, actual) { + diff := diff(expected, actual) + expected, actual = formatUnequalValues(expected, actual) + return Fail(t, fmt.Sprintf("Not equal: \n"+ + "expected: %s\n"+ + "actual : %s%s", expected, actual, diff), msgAndArgs...) + } + + return true + +} + +// validateEqualArgs checks whether provided arguments can be safely used in the +// Equal/NotEqual functions. +func validateEqualArgs(expected, actual interface{}) error { + if expected == nil && actual == nil { + return nil + } + + if isFunction(expected) || isFunction(actual) { + return errors.New("cannot take func type as argument") + } + return nil +} + +// Same asserts that two pointers reference the same object. +// +// assert.Same(t, ptr1, ptr2) +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func Same(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if !samePointers(expected, actual) { + return Fail(t, fmt.Sprintf("Not same: \n"+ + "expected: %p %#v\n"+ + "actual : %p %#v", expected, expected, actual, actual), msgAndArgs...) + } + + return true +} + +// NotSame asserts that two pointers do not reference the same object. +// +// assert.NotSame(t, ptr1, ptr2) +// +// Both arguments must be pointer variables. Pointer variable sameness is +// determined based on the equality of both type and value. +func NotSame(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if samePointers(expected, actual) { + return Fail(t, fmt.Sprintf( + "Expected and actual point to the same object: %p %#v", + expected, expected), msgAndArgs...) + } + return true +} + +// samePointers compares two generic interface objects and returns whether +// they point to the same object +func samePointers(first, second interface{}) bool { + firstPtr, secondPtr := reflect.ValueOf(first), reflect.ValueOf(second) + if firstPtr.Kind() != reflect.Ptr || secondPtr.Kind() != reflect.Ptr { + return false + } + + firstType, secondType := reflect.TypeOf(first), reflect.TypeOf(second) + if firstType != secondType { + return false + } + + // compare pointer addresses + return first == second +} + +// formatUnequalValues takes two values of arbitrary types and returns string +// representations appropriate to be presented to the user. +// +// If the values are not of like type, the returned strings will be prefixed +// with the type name, and the value will be enclosed in parentheses similar +// to a type conversion in the Go grammar. +func formatUnequalValues(expected, actual interface{}) (e string, a string) { + if reflect.TypeOf(expected) != reflect.TypeOf(actual) { + return fmt.Sprintf("%T(%s)", expected, truncatingFormat(expected)), + fmt.Sprintf("%T(%s)", actual, truncatingFormat(actual)) + } + switch expected.(type) { + case time.Duration: + return fmt.Sprintf("%v", expected), fmt.Sprintf("%v", actual) + } + return truncatingFormat(expected), truncatingFormat(actual) +} + +// truncatingFormat formats the data and truncates it if it's too long. +// +// This helps keep formatted error messages lines from exceeding the +// bufio.MaxScanTokenSize max line length that the go testing framework imposes. +func truncatingFormat(data interface{}) string { + value := fmt.Sprintf("%#v", data) + max := bufio.MaxScanTokenSize - 100 // Give us some space the type info too if needed. + if len(value) > max { + value = value[0:max] + "<... truncated>" + } + return value +} + +// EqualValues asserts that two objects are equal or convertible to the same types +// and equal. +// +// assert.EqualValues(t, uint32(123), int32(123)) +func EqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if !ObjectsAreEqualValues(expected, actual) { + diff := diff(expected, actual) + expected, actual = formatUnequalValues(expected, actual) + return Fail(t, fmt.Sprintf("Not equal: \n"+ + "expected: %s\n"+ + "actual : %s%s", expected, actual, diff), msgAndArgs...) + } + + return true + +} + +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true +// assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false +func EqualExportedValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + aType := reflect.TypeOf(expected) + bType := reflect.TypeOf(actual) + + if aType != bType { + return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...) + } + + if aType.Kind() == reflect.Ptr { + aType = aType.Elem() + } + if bType.Kind() == reflect.Ptr { + bType = bType.Elem() + } + + if aType.Kind() != reflect.Struct { + return Fail(t, fmt.Sprintf("Types expected to both be struct or pointer to struct \n\t%v != %v", aType.Kind(), reflect.Struct), msgAndArgs...) + } + + if bType.Kind() != reflect.Struct { + return Fail(t, fmt.Sprintf("Types expected to both be struct or pointer to struct \n\t%v != %v", bType.Kind(), reflect.Struct), msgAndArgs...) + } + + expected = copyExportedFields(expected) + actual = copyExportedFields(actual) + + if !ObjectsAreEqualValues(expected, actual) { + diff := diff(expected, actual) + expected, actual = formatUnequalValues(expected, actual) + return Fail(t, fmt.Sprintf("Not equal (comparing only exported fields): \n"+ + "expected: %s\n"+ + "actual : %s%s", expected, actual, diff), msgAndArgs...) + } + + return true +} + +// Exactly asserts that two objects are equal in value and type. +// +// assert.Exactly(t, int32(123), int64(123)) +func Exactly(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + aType := reflect.TypeOf(expected) + bType := reflect.TypeOf(actual) + + if aType != bType { + return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...) + } + + return Equal(t, expected, actual, msgAndArgs...) + +} + +// NotNil asserts that the specified object is not nil. +// +// assert.NotNil(t, err) +func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + if !isNil(object) { + return true + } + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, "Expected value not to be nil.", msgAndArgs...) +} + +// isNil checks if a specified object is nil or not, without Failing. +func isNil(object interface{}) bool { + if object == nil { + return true + } + + value := reflect.ValueOf(object) + switch value.Kind() { + case + reflect.Chan, reflect.Func, + reflect.Interface, reflect.Map, + reflect.Ptr, reflect.Slice, reflect.UnsafePointer: + + return value.IsNil() + } + + return false +} + +// Nil asserts that the specified object is nil. +// +// assert.Nil(t, err) +func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + if isNil(object) { + return true + } + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, fmt.Sprintf("Expected nil, but got: %#v", object), msgAndArgs...) +} + +// isEmpty gets whether the specified object is considered empty or not. +func isEmpty(object interface{}) bool { + + // get nil case out of the way + if object == nil { + return true + } + + objValue := reflect.ValueOf(object) + + switch objValue.Kind() { + // collection types are empty when they have no element + case reflect.Chan, reflect.Map, reflect.Slice: + return objValue.Len() == 0 + // pointers are empty if nil or if the value they point to is empty + case reflect.Ptr: + if objValue.IsNil() { + return true + } + deref := objValue.Elem().Interface() + return isEmpty(deref) + // for all other types, compare against the zero value + // array types are empty when they match their zero-initialized state + default: + zero := reflect.Zero(objValue.Type()) + return reflect.DeepEqual(object, zero.Interface()) + } +} + +// Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// assert.Empty(t, obj) +func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + pass := isEmpty(object) + if !pass { + if h, ok := t.(tHelper); ok { + h.Helper() + } + Fail(t, fmt.Sprintf("Should be empty, but was %v", object), msgAndArgs...) + } + + return pass + +} + +// NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either +// a slice or a channel with len == 0. +// +// if assert.NotEmpty(t, obj) { +// assert.Equal(t, "two", obj[1]) +// } +func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { + pass := !isEmpty(object) + if !pass { + if h, ok := t.(tHelper); ok { + h.Helper() + } + Fail(t, fmt.Sprintf("Should NOT be empty, but was %v", object), msgAndArgs...) + } + + return pass + +} + +// getLen tries to get the length of an object. +// It returns (0, false) if impossible. +func getLen(x interface{}) (length int, ok bool) { + v := reflect.ValueOf(x) + defer func() { + ok = recover() == nil + }() + return v.Len(), true +} + +// Len asserts that the specified object has specific length. +// Len also fails if the object has a type that len() not accept. +// +// assert.Len(t, mySlice, 3) +func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + l, ok := getLen(object) + if !ok { + return Fail(t, fmt.Sprintf("\"%v\" could not be applied builtin len()", object), msgAndArgs...) + } + + if l != length { + return Fail(t, fmt.Sprintf("\"%v\" should have %d item(s), but has %d", object, length, l), msgAndArgs...) + } + return true +} + +// True asserts that the specified value is true. +// +// assert.True(t, myBool) +func True(t TestingT, value bool, msgAndArgs ...interface{}) bool { + if !value { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, "Should be true", msgAndArgs...) + } + + return true + +} + +// False asserts that the specified value is false. +// +// assert.False(t, myBool) +func False(t TestingT, value bool, msgAndArgs ...interface{}) bool { + if value { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, "Should be false", msgAndArgs...) + } + + return true + +} + +// NotEqual asserts that the specified values are NOT equal. +// +// assert.NotEqual(t, obj1, obj2) +// +// Pointer variable equality is determined based on the equality of the +// referenced values (as opposed to the memory addresses). +func NotEqual(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if err := validateEqualArgs(expected, actual); err != nil { + return Fail(t, fmt.Sprintf("Invalid operation: %#v != %#v (%s)", + expected, actual, err), msgAndArgs...) + } + + if ObjectsAreEqual(expected, actual) { + return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...) + } + + return true + +} + +// NotEqualValues asserts that two objects are not equal even when converted to the same type +// +// assert.NotEqualValues(t, obj1, obj2) +func NotEqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if ObjectsAreEqualValues(expected, actual) { + return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...) + } + + return true +} + +// containsElement try loop over the list check if the list includes the element. +// return (false, false) if impossible. +// return (true, false) if element was not found. +// return (true, true) if element was found. +func containsElement(list interface{}, element interface{}) (ok, found bool) { + + listValue := reflect.ValueOf(list) + listType := reflect.TypeOf(list) + if listType == nil { + return false, false + } + listKind := listType.Kind() + defer func() { + if e := recover(); e != nil { + ok = false + found = false + } + }() + + if listKind == reflect.String { + elementValue := reflect.ValueOf(element) + return true, strings.Contains(listValue.String(), elementValue.String()) + } + + if listKind == reflect.Map { + mapKeys := listValue.MapKeys() + for i := 0; i < len(mapKeys); i++ { + if ObjectsAreEqual(mapKeys[i].Interface(), element) { + return true, true + } + } + return true, false + } + + for i := 0; i < listValue.Len(); i++ { + if ObjectsAreEqual(listValue.Index(i).Interface(), element) { + return true, true + } + } + return true, false + +} + +// Contains asserts that the specified string, list(array, slice...) or map contains the +// specified substring or element. +// +// assert.Contains(t, "Hello World", "World") +// assert.Contains(t, ["Hello", "World"], "World") +// assert.Contains(t, {"Hello": "World"}, "Hello") +func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + ok, found := containsElement(s, contains) + if !ok { + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...) + } + if !found { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", s, contains), msgAndArgs...) + } + + return true + +} + +// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the +// specified substring or element. +// +// assert.NotContains(t, "Hello World", "Earth") +// assert.NotContains(t, ["Hello", "World"], "Earth") +// assert.NotContains(t, {"Hello": "World"}, "Earth") +func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + ok, found := containsElement(s, contains) + if !ok { + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...) + } + if found { + return Fail(t, fmt.Sprintf("%#v should not contain %#v", s, contains), msgAndArgs...) + } + + return true + +} + +// Subset asserts that the specified list(array, slice...) or map contains all +// elements given in the specified subset list(array, slice...) or map. +// +// assert.Subset(t, [1, 2, 3], [1, 2]) +// assert.Subset(t, {"x": 1, "y": 2}, {"x": 1}) +func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if subset == nil { + return true // we consider nil to be equal to the nil set + } + + listKind := reflect.TypeOf(list).Kind() + if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { + return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) + } + + subsetKind := reflect.TypeOf(subset).Kind() + if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { + return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) + } + + if subsetKind == reflect.Map && listKind == reflect.Map { + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) + + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) + + if !av.IsValid() { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) + } + } + + return true + } + + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() + ok, found := containsElement(list, element) + if !ok { + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", list), msgAndArgs...) + } + if !found { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, element), msgAndArgs...) + } + } + + return true +} + +// NotSubset asserts that the specified list(array, slice...) or map does NOT +// contain all elements given in the specified subset list(array, slice...) or +// map. +// +// assert.NotSubset(t, [1, 3, 4], [1, 2]) +// assert.NotSubset(t, {"x": 1, "y": 2}, {"z": 3}) +func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if subset == nil { + return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...) + } + + listKind := reflect.TypeOf(list).Kind() + if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { + return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) + } + + subsetKind := reflect.TypeOf(subset).Kind() + if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { + return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) + } + + if subsetKind == reflect.Map && listKind == reflect.Map { + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) + + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) + + if !av.IsValid() { + return true + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { + return true + } + } + + return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...) + } + + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() + ok, found := containsElement(list, element) + if !ok { + return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) + } + if !found { + return true + } + } + + return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...) +} + +// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified +// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements, +// the number of appearances of each of them in both lists should match. +// +// assert.ElementsMatch(t, [1, 3, 2, 3], [1, 3, 3, 2]) +func ElementsMatch(t TestingT, listA, listB interface{}, msgAndArgs ...interface{}) (ok bool) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if isEmpty(listA) && isEmpty(listB) { + return true + } + + if !isList(t, listA, msgAndArgs...) || !isList(t, listB, msgAndArgs...) { + return false + } + + extraA, extraB := diffLists(listA, listB) + + if len(extraA) == 0 && len(extraB) == 0 { + return true + } + + return Fail(t, formatListDiff(listA, listB, extraA, extraB), msgAndArgs...) +} + +// isList checks that the provided value is array or slice. +func isList(t TestingT, list interface{}, msgAndArgs ...interface{}) (ok bool) { + kind := reflect.TypeOf(list).Kind() + if kind != reflect.Array && kind != reflect.Slice { + return Fail(t, fmt.Sprintf("%q has an unsupported type %s, expecting array or slice", list, kind), + msgAndArgs...) + } + return true +} + +// diffLists diffs two arrays/slices and returns slices of elements that are only in A and only in B. +// If some element is present multiple times, each instance is counted separately (e.g. if something is 2x in A and +// 5x in B, it will be 0x in extraA and 3x in extraB). The order of items in both lists is ignored. +func diffLists(listA, listB interface{}) (extraA, extraB []interface{}) { + aValue := reflect.ValueOf(listA) + bValue := reflect.ValueOf(listB) + + aLen := aValue.Len() + bLen := bValue.Len() + + // Mark indexes in bValue that we already used + visited := make([]bool, bLen) + for i := 0; i < aLen; i++ { + element := aValue.Index(i).Interface() + found := false + for j := 0; j < bLen; j++ { + if visited[j] { + continue + } + if ObjectsAreEqual(bValue.Index(j).Interface(), element) { + visited[j] = true + found = true + break + } + } + if !found { + extraA = append(extraA, element) + } + } + + for j := 0; j < bLen; j++ { + if visited[j] { + continue + } + extraB = append(extraB, bValue.Index(j).Interface()) + } + + return +} + +func formatListDiff(listA, listB interface{}, extraA, extraB []interface{}) string { + var msg bytes.Buffer + + msg.WriteString("elements differ") + if len(extraA) > 0 { + msg.WriteString("\n\nextra elements in list A:\n") + msg.WriteString(spewConfig.Sdump(extraA)) + } + if len(extraB) > 0 { + msg.WriteString("\n\nextra elements in list B:\n") + msg.WriteString(spewConfig.Sdump(extraB)) + } + msg.WriteString("\n\nlistA:\n") + msg.WriteString(spewConfig.Sdump(listA)) + msg.WriteString("\n\nlistB:\n") + msg.WriteString(spewConfig.Sdump(listB)) + + return msg.String() +} + +// Condition uses a Comparison to assert a complex condition. +func Condition(t TestingT, comp Comparison, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + result := comp() + if !result { + Fail(t, "Condition failed!", msgAndArgs...) + } + return result +} + +// PanicTestFunc defines a func that should be passed to the assert.Panics and assert.NotPanics +// methods, and represents a simple func that takes no arguments, and returns nothing. +type PanicTestFunc func() + +// didPanic returns true if the function passed to it panics. Otherwise, it returns false. +func didPanic(f PanicTestFunc) (didPanic bool, message interface{}, stack string) { + didPanic = true + + defer func() { + message = recover() + if didPanic { + stack = string(debug.Stack()) + } + }() + + // call the target function + f() + didPanic = false + + return +} + +// Panics asserts that the code inside the specified PanicTestFunc panics. +// +// assert.Panics(t, func(){ GoCrazy() }) +func Panics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if funcDidPanic, panicValue, _ := didPanic(f); !funcDidPanic { + return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...) + } + + return true +} + +// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that +// the recovered panic value equals the expected panic value. +// +// assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() }) +func PanicsWithValue(t TestingT, expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + funcDidPanic, panicValue, panickedStack := didPanic(f) + if !funcDidPanic { + return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...) + } + if panicValue != expected { + return Fail(t, fmt.Sprintf("func %#v should panic with value:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, expected, panicValue, panickedStack), msgAndArgs...) + } + + return true +} + +// PanicsWithError asserts that the code inside the specified PanicTestFunc +// panics, and that the recovered panic value is an error that satisfies the +// EqualError comparison. +// +// assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() }) +func PanicsWithError(t TestingT, errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + funcDidPanic, panicValue, panickedStack := didPanic(f) + if !funcDidPanic { + return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...) + } + panicErr, ok := panicValue.(error) + if !ok || panicErr.Error() != errString { + return Fail(t, fmt.Sprintf("func %#v should panic with error message:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, errString, panicValue, panickedStack), msgAndArgs...) + } + + return true +} + +// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. +// +// assert.NotPanics(t, func(){ RemainCalm() }) +func NotPanics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if funcDidPanic, panicValue, panickedStack := didPanic(f); funcDidPanic { + return Fail(t, fmt.Sprintf("func %#v should not panic\n\tPanic value:\t%v\n\tPanic stack:\t%s", f, panicValue, panickedStack), msgAndArgs...) + } + + return true +} + +// WithinDuration asserts that the two times are within duration delta of each other. +// +// assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second) +func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + dt := expected.Sub(actual) + if dt < -delta || dt > delta { + return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...) + } + + return true +} + +// WithinRange asserts that a time is within a time range (inclusive). +// +// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func WithinRange(t TestingT, actual, start, end time.Time, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if end.Before(start) { + return Fail(t, "Start should be before end", msgAndArgs...) + } + + if actual.Before(start) { + return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is before the range", actual, start, end), msgAndArgs...) + } else if actual.After(end) { + return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is after the range", actual, start, end), msgAndArgs...) + } + + return true +} + +func toFloat(x interface{}) (float64, bool) { + var xf float64 + xok := true + + switch xn := x.(type) { + case uint: + xf = float64(xn) + case uint8: + xf = float64(xn) + case uint16: + xf = float64(xn) + case uint32: + xf = float64(xn) + case uint64: + xf = float64(xn) + case int: + xf = float64(xn) + case int8: + xf = float64(xn) + case int16: + xf = float64(xn) + case int32: + xf = float64(xn) + case int64: + xf = float64(xn) + case float32: + xf = float64(xn) + case float64: + xf = xn + case time.Duration: + xf = float64(xn) + default: + xok = false + } + + return xf, xok +} + +// InDelta asserts that the two numerals are within delta of each other. +// +// assert.InDelta(t, math.Pi, 22/7.0, 0.01) +func InDelta(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + af, aok := toFloat(expected) + bf, bok := toFloat(actual) + + if !aok || !bok { + return Fail(t, "Parameters must be numerical", msgAndArgs...) + } + + if math.IsNaN(af) && math.IsNaN(bf) { + return true + } + + if math.IsNaN(af) { + return Fail(t, "Expected must not be NaN", msgAndArgs...) + } + + if math.IsNaN(bf) { + return Fail(t, fmt.Sprintf("Expected %v with delta %v, but was NaN", expected, delta), msgAndArgs...) + } + + dt := af - bf + if dt < -delta || dt > delta { + return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...) + } + + return true +} + +// InDeltaSlice is the same as InDelta, except it compares two slices. +func InDeltaSlice(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if expected == nil || actual == nil || + reflect.TypeOf(actual).Kind() != reflect.Slice || + reflect.TypeOf(expected).Kind() != reflect.Slice { + return Fail(t, "Parameters must be slice", msgAndArgs...) + } + + actualSlice := reflect.ValueOf(actual) + expectedSlice := reflect.ValueOf(expected) + + for i := 0; i < actualSlice.Len(); i++ { + result := InDelta(t, actualSlice.Index(i).Interface(), expectedSlice.Index(i).Interface(), delta, msgAndArgs...) + if !result { + return result + } + } + + return true +} + +// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys. +func InDeltaMapValues(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if expected == nil || actual == nil || + reflect.TypeOf(actual).Kind() != reflect.Map || + reflect.TypeOf(expected).Kind() != reflect.Map { + return Fail(t, "Arguments must be maps", msgAndArgs...) + } + + expectedMap := reflect.ValueOf(expected) + actualMap := reflect.ValueOf(actual) + + if expectedMap.Len() != actualMap.Len() { + return Fail(t, "Arguments must have the same number of keys", msgAndArgs...) + } + + for _, k := range expectedMap.MapKeys() { + ev := expectedMap.MapIndex(k) + av := actualMap.MapIndex(k) + + if !ev.IsValid() { + return Fail(t, fmt.Sprintf("missing key %q in expected map", k), msgAndArgs...) + } + + if !av.IsValid() { + return Fail(t, fmt.Sprintf("missing key %q in actual map", k), msgAndArgs...) + } + + if !InDelta( + t, + ev.Interface(), + av.Interface(), + delta, + msgAndArgs..., + ) { + return false + } + } + + return true +} + +func calcRelativeError(expected, actual interface{}) (float64, error) { + af, aok := toFloat(expected) + bf, bok := toFloat(actual) + if !aok || !bok { + return 0, fmt.Errorf("Parameters must be numerical") + } + if math.IsNaN(af) && math.IsNaN(bf) { + return 0, nil + } + if math.IsNaN(af) { + return 0, errors.New("expected value must not be NaN") + } + if af == 0 { + return 0, fmt.Errorf("expected value must have a value other than zero to calculate the relative error") + } + if math.IsNaN(bf) { + return 0, errors.New("actual value must not be NaN") + } + + return math.Abs(af-bf) / math.Abs(af), nil +} + +// InEpsilon asserts that expected and actual have a relative error less than epsilon +func InEpsilon(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if math.IsNaN(epsilon) { + return Fail(t, "epsilon must not be NaN", msgAndArgs...) + } + actualEpsilon, err := calcRelativeError(expected, actual) + if err != nil { + return Fail(t, err.Error(), msgAndArgs...) + } + if actualEpsilon > epsilon { + return Fail(t, fmt.Sprintf("Relative error is too high: %#v (expected)\n"+ + " < %#v (actual)", epsilon, actualEpsilon), msgAndArgs...) + } + + return true +} + +// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices. +func InEpsilonSlice(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if expected == nil || actual == nil { + return Fail(t, "Parameters must be slice", msgAndArgs...) + } + + expectedSlice := reflect.ValueOf(expected) + actualSlice := reflect.ValueOf(actual) + + if expectedSlice.Type().Kind() != reflect.Slice { + return Fail(t, "Expected value must be slice", msgAndArgs...) + } + + expectedLen := expectedSlice.Len() + if !IsType(t, expected, actual) || !Len(t, actual, expectedLen) { + return false + } + + for i := 0; i < expectedLen; i++ { + if !InEpsilon(t, expectedSlice.Index(i).Interface(), actualSlice.Index(i).Interface(), epsilon, "at index %d", i) { + return false + } + } + + return true +} + +/* + Errors +*/ + +// NoError asserts that a function returned no error (i.e. `nil`). +// +// actualObj, err := SomeFunction() +// if assert.NoError(t, err) { +// assert.Equal(t, expectedObj, actualObj) +// } +func NoError(t TestingT, err error, msgAndArgs ...interface{}) bool { + if err != nil { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, fmt.Sprintf("Received unexpected error:\n%+v", err), msgAndArgs...) + } + + return true +} + +// Error asserts that a function returned an error (i.e. not `nil`). +// +// actualObj, err := SomeFunction() +// if assert.Error(t, err) { +// assert.Equal(t, expectedError, err) +// } +func Error(t TestingT, err error, msgAndArgs ...interface{}) bool { + if err == nil { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return Fail(t, "An error is expected but got nil.", msgAndArgs...) + } + + return true +} + +// EqualError asserts that a function returned an error (i.e. not `nil`) +// and that it is equal to the provided error. +// +// actualObj, err := SomeFunction() +// assert.EqualError(t, err, expectedErrorString) +func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if !Error(t, theError, msgAndArgs...) { + return false + } + expected := errString + actual := theError.Error() + // don't need to use deep equals here, we know they are both strings + if expected != actual { + return Fail(t, fmt.Sprintf("Error message not equal:\n"+ + "expected: %q\n"+ + "actual : %q", expected, actual), msgAndArgs...) + } + return true +} + +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContains(t, err, expectedErrorSubString) +func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if !Error(t, theError, msgAndArgs...) { + return false + } + + actual := theError.Error() + if !strings.Contains(actual, contains) { + return Fail(t, fmt.Sprintf("Error %#v does not contain %#v", actual, contains), msgAndArgs...) + } + + return true +} + +// matchRegexp return true if a specified regexp matches a string. +func matchRegexp(rx interface{}, str interface{}) bool { + + var r *regexp.Regexp + if rr, ok := rx.(*regexp.Regexp); ok { + r = rr + } else { + r = regexp.MustCompile(fmt.Sprint(rx)) + } + + return (r.FindStringIndex(fmt.Sprint(str)) != nil) + +} + +// Regexp asserts that a specified regexp matches a string. +// +// assert.Regexp(t, regexp.MustCompile("start"), "it's starting") +// assert.Regexp(t, "start...$", "it's not starting") +func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + match := matchRegexp(rx, str) + + if !match { + Fail(t, fmt.Sprintf("Expect \"%v\" to match \"%v\"", str, rx), msgAndArgs...) + } + + return match +} + +// NotRegexp asserts that a specified regexp does not match a string. +// +// assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting") +// assert.NotRegexp(t, "^start", "it's not starting") +func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + match := matchRegexp(rx, str) + + if match { + Fail(t, fmt.Sprintf("Expect \"%v\" to NOT match \"%v\"", str, rx), msgAndArgs...) + } + + return !match + +} + +// Zero asserts that i is the zero value for its type. +func Zero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if i != nil && !reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) { + return Fail(t, fmt.Sprintf("Should be zero, but was %v", i), msgAndArgs...) + } + return true +} + +// NotZero asserts that i is not the zero value for its type. +func NotZero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if i == nil || reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) { + return Fail(t, fmt.Sprintf("Should not be zero, but was %v", i), msgAndArgs...) + } + return true +} + +// FileExists checks whether a file exists in the given path. It also fails if +// the path points to a directory or there is an error when trying to check the file. +func FileExists(t TestingT, path string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + info, err := os.Lstat(path) + if err != nil { + if os.IsNotExist(err) { + return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...) + } + return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...) + } + if info.IsDir() { + return Fail(t, fmt.Sprintf("%q is a directory", path), msgAndArgs...) + } + return true +} + +// NoFileExists checks whether a file does not exist in a given path. It fails +// if the path points to an existing _file_ only. +func NoFileExists(t TestingT, path string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + info, err := os.Lstat(path) + if err != nil { + return true + } + if info.IsDir() { + return true + } + return Fail(t, fmt.Sprintf("file %q exists", path), msgAndArgs...) +} + +// DirExists checks whether a directory exists in the given path. It also fails +// if the path is a file rather a directory or there is an error checking whether it exists. +func DirExists(t TestingT, path string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + info, err := os.Lstat(path) + if err != nil { + if os.IsNotExist(err) { + return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...) + } + return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...) + } + if !info.IsDir() { + return Fail(t, fmt.Sprintf("%q is a file", path), msgAndArgs...) + } + return true +} + +// NoDirExists checks whether a directory does not exist in the given path. +// It fails if the path points to an existing _directory_ only. +func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + info, err := os.Lstat(path) + if err != nil { + if os.IsNotExist(err) { + return true + } + return true + } + if !info.IsDir() { + return true + } + return Fail(t, fmt.Sprintf("directory %q exists", path), msgAndArgs...) +} + +// JSONEq asserts that two JSON strings are equivalent. +// +// assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + var expectedJSONAsInterface, actualJSONAsInterface interface{} + + if err := json.Unmarshal([]byte(expected), &expectedJSONAsInterface); err != nil { + return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid json.\nJSON parsing error: '%s'", expected, err.Error()), msgAndArgs...) + } + + if err := json.Unmarshal([]byte(actual), &actualJSONAsInterface); err != nil { + return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid json.\nJSON parsing error: '%s'", actual, err.Error()), msgAndArgs...) + } + + return Equal(t, expectedJSONAsInterface, actualJSONAsInterface, msgAndArgs...) +} + +// YAMLEq asserts that two YAML strings are equivalent. +func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + var expectedYAMLAsInterface, actualYAMLAsInterface interface{} + + if err := yaml.Unmarshal([]byte(expected), &expectedYAMLAsInterface); err != nil { + return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid yaml.\nYAML parsing error: '%s'", expected, err.Error()), msgAndArgs...) + } + + if err := yaml.Unmarshal([]byte(actual), &actualYAMLAsInterface); err != nil { + return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid yaml.\nYAML error: '%s'", actual, err.Error()), msgAndArgs...) + } + + return Equal(t, expectedYAMLAsInterface, actualYAMLAsInterface, msgAndArgs...) +} + +func typeAndKind(v interface{}) (reflect.Type, reflect.Kind) { + t := reflect.TypeOf(v) + k := t.Kind() + + if k == reflect.Ptr { + t = t.Elem() + k = t.Kind() + } + return t, k +} + +// diff returns a diff of both values as long as both are of the same type and +// are a struct, map, slice, array or string. Otherwise it returns an empty string. +func diff(expected interface{}, actual interface{}) string { + if expected == nil || actual == nil { + return "" + } + + et, ek := typeAndKind(expected) + at, _ := typeAndKind(actual) + + if et != at { + return "" + } + + if ek != reflect.Struct && ek != reflect.Map && ek != reflect.Slice && ek != reflect.Array && ek != reflect.String { + return "" + } + + var e, a string + + switch et { + case reflect.TypeOf(""): + e = reflect.ValueOf(expected).String() + a = reflect.ValueOf(actual).String() + case reflect.TypeOf(time.Time{}): + e = spewConfigStringerEnabled.Sdump(expected) + a = spewConfigStringerEnabled.Sdump(actual) + default: + e = spewConfig.Sdump(expected) + a = spewConfig.Sdump(actual) + } + + diff, _ := difflib.GetUnifiedDiffString(difflib.UnifiedDiff{ + A: difflib.SplitLines(e), + B: difflib.SplitLines(a), + FromFile: "Expected", + FromDate: "", + ToFile: "Actual", + ToDate: "", + Context: 1, + }) + + return "\n\nDiff:\n" + diff +} + +func isFunction(arg interface{}) bool { + if arg == nil { + return false + } + return reflect.TypeOf(arg).Kind() == reflect.Func +} + +var spewConfig = spew.ConfigState{ + Indent: " ", + DisablePointerAddresses: true, + DisableCapacities: true, + SortKeys: true, + DisableMethods: true, + MaxDepth: 10, +} + +var spewConfigStringerEnabled = spew.ConfigState{ + Indent: " ", + DisablePointerAddresses: true, + DisableCapacities: true, + SortKeys: true, + MaxDepth: 10, +} + +type tHelper interface { + Helper() +} + +// Eventually asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. +// +// assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond) +func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + ch := make(chan bool, 1) + + timer := time.NewTimer(waitFor) + defer timer.Stop() + + ticker := time.NewTicker(tick) + defer ticker.Stop() + + for tick := ticker.C; ; { + select { + case <-timer.C: + return Fail(t, "Condition never satisfied", msgAndArgs...) + case <-tick: + tick = nil + go func() { ch <- condition() }() + case v := <-ch: + if v { + return true + } + tick = ticker.C + } + } +} + +// CollectT implements the TestingT interface and collects all errors. +type CollectT struct { + errors []error +} + +// Errorf collects the error. +func (c *CollectT) Errorf(format string, args ...interface{}) { + c.errors = append(c.errors, fmt.Errorf(format, args...)) +} + +// FailNow panics. +func (*CollectT) FailNow() { + panic("Assertion failed") +} + +// Deprecated: That was a method for internal usage that should not have been published. Now just panics. +func (*CollectT) Reset() { + panic("Reset() is deprecated") +} + +// Deprecated: That was a method for internal usage that should not have been published. Now just panics. +func (*CollectT) Copy(TestingT) { + panic("Copy() is deprecated") +} + +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithT(t, func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithT(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + var lastFinishedTickErrs []error + ch := make(chan []error, 1) + + timer := time.NewTimer(waitFor) + defer timer.Stop() + + ticker := time.NewTicker(tick) + defer ticker.Stop() + + for tick := ticker.C; ; { + select { + case <-timer.C: + for _, err := range lastFinishedTickErrs { + t.Errorf("%v", err) + } + return Fail(t, "Condition never satisfied", msgAndArgs...) + case <-tick: + tick = nil + go func() { + collect := new(CollectT) + defer func() { + ch <- collect.errors + }() + condition(collect) + }() + case errs := <-ch: + if len(errs) == 0 { + return true + } + // Keep the errors from the last ended condition, so that they can be copied to t if timeout is reached. + lastFinishedTickErrs = errs + tick = ticker.C + } + } +} + +// Never asserts that the given condition doesn't satisfy in waitFor time, +// periodically checking the target function each tick. +// +// assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond) +func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + ch := make(chan bool, 1) + + timer := time.NewTimer(waitFor) + defer timer.Stop() + + ticker := time.NewTicker(tick) + defer ticker.Stop() + + for tick := ticker.C; ; { + select { + case <-timer.C: + return true + case <-tick: + tick = nil + go func() { ch <- condition() }() + case v := <-ch: + if v { + return Fail(t, "Condition satisfied", msgAndArgs...) + } + tick = ticker.C + } + } +} + +// ErrorIs asserts that at least one of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func ErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if errors.Is(err, target) { + return true + } + + var expectedText string + if target != nil { + expectedText = target.Error() + } + + chain := buildErrorChainString(err) + + return Fail(t, fmt.Sprintf("Target error should be in err chain:\n"+ + "expected: %q\n"+ + "in chain: %s", expectedText, chain, + ), msgAndArgs...) +} + +// NotErrorIs asserts that at none of the errors in err's chain matches target. +// This is a wrapper for errors.Is. +func NotErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if !errors.Is(err, target) { + return true + } + + var expectedText string + if target != nil { + expectedText = target.Error() + } + + chain := buildErrorChainString(err) + + return Fail(t, fmt.Sprintf("Target error should not be in err chain:\n"+ + "found: %q\n"+ + "in chain: %s", expectedText, chain, + ), msgAndArgs...) +} + +// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value. +// This is a wrapper for errors.As. +func ErrorAs(t TestingT, err error, target interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if errors.As(err, target) { + return true + } + + chain := buildErrorChainString(err) + + return Fail(t, fmt.Sprintf("Should be in error chain:\n"+ + "expected: %q\n"+ + "in chain: %s", target, chain, + ), msgAndArgs...) +} + +func buildErrorChainString(err error) string { + if err == nil { + return "" + } + + e := errors.Unwrap(err) + chain := fmt.Sprintf("%q", err.Error()) + for e != nil { + chain += fmt.Sprintf("\n\t%q", e.Error()) + e = errors.Unwrap(e) + } + return chain +} diff --git a/vendor/github.com/stretchr/testify/assert/doc.go b/vendor/github.com/stretchr/testify/assert/doc.go new file mode 100644 index 0000000000..4953981d38 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/doc.go @@ -0,0 +1,46 @@ +// Package assert provides a set of comprehensive testing tools for use with the normal Go testing system. +// +// # Example Usage +// +// The following is a complete example using assert in a standard test function: +// +// import ( +// "testing" +// "github.com/stretchr/testify/assert" +// ) +// +// func TestSomething(t *testing.T) { +// +// var a string = "Hello" +// var b string = "Hello" +// +// assert.Equal(t, a, b, "The two words should be the same.") +// +// } +// +// if you assert many times, use the format below: +// +// import ( +// "testing" +// "github.com/stretchr/testify/assert" +// ) +// +// func TestSomething(t *testing.T) { +// assert := assert.New(t) +// +// var a string = "Hello" +// var b string = "Hello" +// +// assert.Equal(a, b, "The two words should be the same.") +// } +// +// # Assertions +// +// Assertions allow you to easily write test code, and are global funcs in the `assert` package. +// All assertion functions take, as the first argument, the `*testing.T` object provided by the +// testing framework. This allows the assertion funcs to write the failings and other details to +// the correct place. +// +// Every assertion function also takes an optional string message as the final argument, +// allowing custom error messages to be appended to the message the assertion method outputs. +package assert diff --git a/vendor/github.com/stretchr/testify/assert/errors.go b/vendor/github.com/stretchr/testify/assert/errors.go new file mode 100644 index 0000000000..ac9dc9d1d6 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/errors.go @@ -0,0 +1,10 @@ +package assert + +import ( + "errors" +) + +// AnError is an error instance useful for testing. If the code does not care +// about error specifics, and only needs to return the error for example, this +// error should be used to make the test code more readable. +var AnError = errors.New("assert.AnError general error for testing") diff --git a/vendor/github.com/stretchr/testify/assert/forward_assertions.go b/vendor/github.com/stretchr/testify/assert/forward_assertions.go new file mode 100644 index 0000000000..df189d2348 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/forward_assertions.go @@ -0,0 +1,16 @@ +package assert + +// Assertions provides assertion methods around the +// TestingT interface. +type Assertions struct { + t TestingT +} + +// New makes a new Assertions object for the specified TestingT. +func New(t TestingT) *Assertions { + return &Assertions{ + t: t, + } +} + +//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_forward.go.tmpl -include-format-funcs" diff --git a/vendor/github.com/stretchr/testify/assert/http_assertions.go b/vendor/github.com/stretchr/testify/assert/http_assertions.go new file mode 100644 index 0000000000..861ed4b7ce --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/http_assertions.go @@ -0,0 +1,165 @@ +package assert + +import ( + "fmt" + "net/http" + "net/http/httptest" + "net/url" + "strings" +) + +// httpCode is a helper that returns HTTP code of the response. It returns -1 and +// an error if building a new request fails. +func httpCode(handler http.HandlerFunc, method, url string, values url.Values) (int, error) { + w := httptest.NewRecorder() + req, err := http.NewRequest(method, url, http.NoBody) + if err != nil { + return -1, err + } + req.URL.RawQuery = values.Encode() + handler(w, req) + return w.Code, nil +} + +// HTTPSuccess asserts that a specified handler returns a success status code. +// +// assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil) +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPSuccess(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + code, err := httpCode(handler, method, url, values) + if err != nil { + Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...) + } + + isSuccessCode := code >= http.StatusOK && code <= http.StatusPartialContent + if !isSuccessCode { + Fail(t, fmt.Sprintf("Expected HTTP success status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...) + } + + return isSuccessCode +} + +// HTTPRedirect asserts that a specified handler returns a redirect status code. +// +// assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPRedirect(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + code, err := httpCode(handler, method, url, values) + if err != nil { + Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...) + } + + isRedirectCode := code >= http.StatusMultipleChoices && code <= http.StatusTemporaryRedirect + if !isRedirectCode { + Fail(t, fmt.Sprintf("Expected HTTP redirect status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...) + } + + return isRedirectCode +} + +// HTTPError asserts that a specified handler returns an error status code. +// +// assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPError(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + code, err := httpCode(handler, method, url, values) + if err != nil { + Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...) + } + + isErrorCode := code >= http.StatusBadRequest + if !isErrorCode { + Fail(t, fmt.Sprintf("Expected HTTP error status code for %q but received %d", url+"?"+values.Encode(), code), msgAndArgs...) + } + + return isErrorCode +} + +// HTTPStatusCode asserts that a specified handler returns a specified status code. +// +// assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501) +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + code, err := httpCode(handler, method, url, values) + if err != nil { + Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err), msgAndArgs...) + } + + successful := code == statuscode + if !successful { + Fail(t, fmt.Sprintf("Expected HTTP status code %d for %q but received %d", statuscode, url+"?"+values.Encode(), code), msgAndArgs...) + } + + return successful +} + +// HTTPBody is a helper that returns HTTP body of the response. It returns +// empty string if building a new request fails. +func HTTPBody(handler http.HandlerFunc, method, url string, values url.Values) string { + w := httptest.NewRecorder() + if len(values) > 0 { + url += "?" + values.Encode() + } + req, err := http.NewRequest(method, url, http.NoBody) + if err != nil { + return "" + } + handler(w, req) + return w.Body.String() +} + +// HTTPBodyContains asserts that a specified handler returns a +// body that contains a string. +// +// assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + body := HTTPBody(handler, method, url, values) + + contains := strings.Contains(body, fmt.Sprint(str)) + if !contains { + Fail(t, fmt.Sprintf("Expected response body for \"%s\" to contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body), msgAndArgs...) + } + + return contains +} + +// HTTPBodyNotContains asserts that a specified handler returns a +// body that does not contain a string. +// +// assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// +// Returns whether the assertion was successful (true) or not (false). +func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + body := HTTPBody(handler, method, url, values) + + contains := strings.Contains(body, fmt.Sprint(str)) + if contains { + Fail(t, fmt.Sprintf("Expected response body for \"%s\" to NOT contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body), msgAndArgs...) + } + + return !contains +} diff --git a/vendor/go.opentelemetry.io/otel/metric/noop/noop.go b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go new file mode 100644 index 0000000000..acc9a670b2 --- /dev/null +++ b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go @@ -0,0 +1,264 @@ +// Copyright The OpenTelemetry Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package noop provides an implementation of the OpenTelemetry metric API that +// produces no telemetry and minimizes used computation resources. +// +// Using this package to implement the OpenTelemetry metric API will +// effectively disable OpenTelemetry. +// +// This implementation can be embedded in other implementations of the +// OpenTelemetry metric API. Doing so will mean the implementation defaults to +// no operation for methods it does not implement. +package noop // import "go.opentelemetry.io/otel/metric/noop" + +import ( + "context" + + "go.opentelemetry.io/otel/metric" + "go.opentelemetry.io/otel/metric/embedded" +) + +var ( + // Compile-time check this implements the OpenTelemetry API. + + _ metric.MeterProvider = MeterProvider{} + _ metric.Meter = Meter{} + _ metric.Observer = Observer{} + _ metric.Registration = Registration{} + _ metric.Int64Counter = Int64Counter{} + _ metric.Float64Counter = Float64Counter{} + _ metric.Int64UpDownCounter = Int64UpDownCounter{} + _ metric.Float64UpDownCounter = Float64UpDownCounter{} + _ metric.Int64Histogram = Int64Histogram{} + _ metric.Float64Histogram = Float64Histogram{} + _ metric.Int64ObservableCounter = Int64ObservableCounter{} + _ metric.Float64ObservableCounter = Float64ObservableCounter{} + _ metric.Int64ObservableGauge = Int64ObservableGauge{} + _ metric.Float64ObservableGauge = Float64ObservableGauge{} + _ metric.Int64ObservableUpDownCounter = Int64ObservableUpDownCounter{} + _ metric.Float64ObservableUpDownCounter = Float64ObservableUpDownCounter{} + _ metric.Int64Observer = Int64Observer{} + _ metric.Float64Observer = Float64Observer{} +) + +// MeterProvider is an OpenTelemetry No-Op MeterProvider. +type MeterProvider struct{ embedded.MeterProvider } + +// NewMeterProvider returns a MeterProvider that does not record any telemetry. +func NewMeterProvider() MeterProvider { + return MeterProvider{} +} + +// Meter returns an OpenTelemetry Meter that does not record any telemetry. +func (MeterProvider) Meter(string, ...metric.MeterOption) metric.Meter { + return Meter{} +} + +// Meter is an OpenTelemetry No-Op Meter. +type Meter struct{ embedded.Meter } + +// Int64Counter returns a Counter used to record int64 measurements that +// produces no telemetry. +func (Meter) Int64Counter(string, ...metric.Int64CounterOption) (metric.Int64Counter, error) { + return Int64Counter{}, nil +} + +// Int64UpDownCounter returns an UpDownCounter used to record int64 +// measurements that produces no telemetry. +func (Meter) Int64UpDownCounter(string, ...metric.Int64UpDownCounterOption) (metric.Int64UpDownCounter, error) { + return Int64UpDownCounter{}, nil +} + +// Int64Histogram returns a Histogram used to record int64 measurements that +// produces no telemetry. +func (Meter) Int64Histogram(string, ...metric.Int64HistogramOption) (metric.Int64Histogram, error) { + return Int64Histogram{}, nil +} + +// Int64ObservableCounter returns an ObservableCounter used to record int64 +// measurements that produces no telemetry. +func (Meter) Int64ObservableCounter(string, ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) { + return Int64ObservableCounter{}, nil +} + +// Int64ObservableUpDownCounter returns an ObservableUpDownCounter used to +// record int64 measurements that produces no telemetry. +func (Meter) Int64ObservableUpDownCounter(string, ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) { + return Int64ObservableUpDownCounter{}, nil +} + +// Int64ObservableGauge returns an ObservableGauge used to record int64 +// measurements that produces no telemetry. +func (Meter) Int64ObservableGauge(string, ...metric.Int64ObservableGaugeOption) (metric.Int64ObservableGauge, error) { + return Int64ObservableGauge{}, nil +} + +// Float64Counter returns a Counter used to record int64 measurements that +// produces no telemetry. +func (Meter) Float64Counter(string, ...metric.Float64CounterOption) (metric.Float64Counter, error) { + return Float64Counter{}, nil +} + +// Float64UpDownCounter returns an UpDownCounter used to record int64 +// measurements that produces no telemetry. +func (Meter) Float64UpDownCounter(string, ...metric.Float64UpDownCounterOption) (metric.Float64UpDownCounter, error) { + return Float64UpDownCounter{}, nil +} + +// Float64Histogram returns a Histogram used to record int64 measurements that +// produces no telemetry. +func (Meter) Float64Histogram(string, ...metric.Float64HistogramOption) (metric.Float64Histogram, error) { + return Float64Histogram{}, nil +} + +// Float64ObservableCounter returns an ObservableCounter used to record int64 +// measurements that produces no telemetry. +func (Meter) Float64ObservableCounter(string, ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) { + return Float64ObservableCounter{}, nil +} + +// Float64ObservableUpDownCounter returns an ObservableUpDownCounter used to +// record int64 measurements that produces no telemetry. +func (Meter) Float64ObservableUpDownCounter(string, ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) { + return Float64ObservableUpDownCounter{}, nil +} + +// Float64ObservableGauge returns an ObservableGauge used to record int64 +// measurements that produces no telemetry. +func (Meter) Float64ObservableGauge(string, ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) { + return Float64ObservableGauge{}, nil +} + +// RegisterCallback performs no operation. +func (Meter) RegisterCallback(metric.Callback, ...metric.Observable) (metric.Registration, error) { + return Registration{}, nil +} + +// Observer acts as a recorder of measurements for multiple instruments in a +// Callback, it performing no operation. +type Observer struct{ embedded.Observer } + +// ObserveFloat64 performs no operation. +func (Observer) ObserveFloat64(metric.Float64Observable, float64, ...metric.ObserveOption) { +} + +// ObserveInt64 performs no operation. +func (Observer) ObserveInt64(metric.Int64Observable, int64, ...metric.ObserveOption) { +} + +// Registration is the registration of a Callback with a No-Op Meter. +type Registration struct{ embedded.Registration } + +// Unregister unregisters the Callback the Registration represents with the +// No-Op Meter. This will always return nil because the No-Op Meter performs no +// operation, including hold any record of registrations. +func (Registration) Unregister() error { return nil } + +// Int64Counter is an OpenTelemetry Counter used to record int64 measurements. +// It produces no telemetry. +type Int64Counter struct{ embedded.Int64Counter } + +// Add performs no operation. +func (Int64Counter) Add(context.Context, int64, ...metric.AddOption) {} + +// Float64Counter is an OpenTelemetry Counter used to record float64 +// measurements. It produces no telemetry. +type Float64Counter struct{ embedded.Float64Counter } + +// Add performs no operation. +func (Float64Counter) Add(context.Context, float64, ...metric.AddOption) {} + +// Int64UpDownCounter is an OpenTelemetry UpDownCounter used to record int64 +// measurements. It produces no telemetry. +type Int64UpDownCounter struct{ embedded.Int64UpDownCounter } + +// Add performs no operation. +func (Int64UpDownCounter) Add(context.Context, int64, ...metric.AddOption) {} + +// Float64UpDownCounter is an OpenTelemetry UpDownCounter used to record +// float64 measurements. It produces no telemetry. +type Float64UpDownCounter struct{ embedded.Float64UpDownCounter } + +// Add performs no operation. +func (Float64UpDownCounter) Add(context.Context, float64, ...metric.AddOption) {} + +// Int64Histogram is an OpenTelemetry Histogram used to record int64 +// measurements. It produces no telemetry. +type Int64Histogram struct{ embedded.Int64Histogram } + +// Record performs no operation. +func (Int64Histogram) Record(context.Context, int64, ...metric.RecordOption) {} + +// Float64Histogram is an OpenTelemetry Histogram used to record float64 +// measurements. It produces no telemetry. +type Float64Histogram struct{ embedded.Float64Histogram } + +// Record performs no operation. +func (Float64Histogram) Record(context.Context, float64, ...metric.RecordOption) {} + +// Int64ObservableCounter is an OpenTelemetry ObservableCounter used to record +// int64 measurements. It produces no telemetry. +type Int64ObservableCounter struct { + metric.Int64Observable + embedded.Int64ObservableCounter +} + +// Float64ObservableCounter is an OpenTelemetry ObservableCounter used to record +// float64 measurements. It produces no telemetry. +type Float64ObservableCounter struct { + metric.Float64Observable + embedded.Float64ObservableCounter +} + +// Int64ObservableGauge is an OpenTelemetry ObservableGauge used to record +// int64 measurements. It produces no telemetry. +type Int64ObservableGauge struct { + metric.Int64Observable + embedded.Int64ObservableGauge +} + +// Float64ObservableGauge is an OpenTelemetry ObservableGauge used to record +// float64 measurements. It produces no telemetry. +type Float64ObservableGauge struct { + metric.Float64Observable + embedded.Float64ObservableGauge +} + +// Int64ObservableUpDownCounter is an OpenTelemetry ObservableUpDownCounter +// used to record int64 measurements. It produces no telemetry. +type Int64ObservableUpDownCounter struct { + metric.Int64Observable + embedded.Int64ObservableUpDownCounter +} + +// Float64ObservableUpDownCounter is an OpenTelemetry ObservableUpDownCounter +// used to record float64 measurements. It produces no telemetry. +type Float64ObservableUpDownCounter struct { + metric.Float64Observable + embedded.Float64ObservableUpDownCounter +} + +// Int64Observer is a recorder of int64 measurements that performs no operation. +type Int64Observer struct{ embedded.Int64Observer } + +// Observe performs no operation. +func (Int64Observer) Observe(int64, ...metric.ObserveOption) {} + +// Float64Observer is a recorder of float64 measurements that performs no +// operation. +type Float64Observer struct{ embedded.Float64Observer } + +// Observe performs no operation. +func (Float64Observer) Observe(float64, ...metric.ObserveOption) {} diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go index e2b298d859..43557ab7e9 100644 --- a/vendor/golang.org/x/net/http2/frame.go +++ b/vendor/golang.org/x/net/http2/frame.go @@ -1564,6 +1564,7 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) { if size > remainSize { hdec.SetEmitEnabled(false) mh.Truncated = true + remainSize = 0 return } remainSize -= size @@ -1576,6 +1577,36 @@ func (fr *Framer) readMetaFrame(hf *HeadersFrame) (*MetaHeadersFrame, error) { var hc headersOrContinuation = hf for { frag := hc.HeaderBlockFragment() + + // Avoid parsing large amounts of headers that we will then discard. + // If the sender exceeds the max header list size by too much, + // skip parsing the fragment and close the connection. + // + // "Too much" is either any CONTINUATION frame after we've already + // exceeded the max header list size (in which case remainSize is 0), + // or a frame whose encoded size is more than twice the remaining + // header list bytes we're willing to accept. + if int64(len(frag)) > int64(2*remainSize) { + if VerboseLogs { + log.Printf("http2: header list too large") + } + // It would be nice to send a RST_STREAM before sending the GOAWAY, + // but the structure of the server's frame writer makes this difficult. + return nil, ConnectionError(ErrCodeProtocol) + } + + // Also close the connection after any CONTINUATION frame following an + // invalid header, since we stop tracking the size of the headers after + // an invalid one. + if invalid != nil { + if VerboseLogs { + log.Printf("http2: invalid header: %v", invalid) + } + // It would be nice to send a RST_STREAM before sending the GOAWAY, + // but the structure of the server's frame writer makes this difficult. + return nil, ConnectionError(ErrCodeProtocol) + } + if _, err := hdec.Write(frag); err != nil { return nil, ConnectionError(ErrCodeCompression) } diff --git a/vendor/golang.org/x/net/http2/pipe.go b/vendor/golang.org/x/net/http2/pipe.go index 684d984fd9..3b9f06b962 100644 --- a/vendor/golang.org/x/net/http2/pipe.go +++ b/vendor/golang.org/x/net/http2/pipe.go @@ -77,7 +77,10 @@ func (p *pipe) Read(d []byte) (n int, err error) { } } -var errClosedPipeWrite = errors.New("write on closed buffer") +var ( + errClosedPipeWrite = errors.New("write on closed buffer") + errUninitializedPipeWrite = errors.New("write on uninitialized buffer") +) // Write copies bytes from p into the buffer and wakes a reader. // It is an error to write more data than the buffer can hold. @@ -91,6 +94,12 @@ func (p *pipe) Write(d []byte) (n int, err error) { if p.err != nil || p.breakErr != nil { return 0, errClosedPipeWrite } + // pipe.setBuffer is never invoked, leaving the buffer uninitialized. + // We shouldn't try to write to an uninitialized pipe, + // but returning an error is better than panicking. + if p.b == nil { + return 0, errUninitializedPipeWrite + } return p.b.Write(d) } diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go index ae94c6408d..ce2e8b40ee 100644 --- a/vendor/golang.org/x/net/http2/server.go +++ b/vendor/golang.org/x/net/http2/server.go @@ -124,6 +124,7 @@ type Server struct { // IdleTimeout specifies how long until idle clients should be // closed with a GOAWAY frame. PING frames are not considered // activity for the purposes of IdleTimeout. + // If zero or negative, there is no timeout. IdleTimeout time.Duration // MaxUploadBufferPerConnection is the size of the initial flow @@ -434,7 +435,7 @@ func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) { // passes the connection off to us with the deadline already set. // Write deadlines are set per stream in serverConn.newStream. // Disarm the net.Conn write deadline here. - if sc.hs.WriteTimeout != 0 { + if sc.hs.WriteTimeout > 0 { sc.conn.SetWriteDeadline(time.Time{}) } @@ -924,7 +925,7 @@ func (sc *serverConn) serve() { sc.setConnState(http.StateActive) sc.setConnState(http.StateIdle) - if sc.srv.IdleTimeout != 0 { + if sc.srv.IdleTimeout > 0 { sc.idleTimer = time.AfterFunc(sc.srv.IdleTimeout, sc.onIdleTimer) defer sc.idleTimer.Stop() } @@ -1637,7 +1638,7 @@ func (sc *serverConn) closeStream(st *stream, err error) { delete(sc.streams, st.id) if len(sc.streams) == 0 { sc.setConnState(http.StateIdle) - if sc.srv.IdleTimeout != 0 { + if sc.srv.IdleTimeout > 0 { sc.idleTimer.Reset(sc.srv.IdleTimeout) } if h1ServerKeepAlivesDisabled(sc.hs) { @@ -2017,7 +2018,7 @@ func (sc *serverConn) processHeaders(f *MetaHeadersFrame) error { // similar to how the http1 server works. Here it's // technically more like the http1 Server's ReadHeaderTimeout // (in Go 1.8), though. That's a more sane option anyway. - if sc.hs.ReadTimeout != 0 { + if sc.hs.ReadTimeout > 0 { sc.conn.SetReadDeadline(time.Time{}) st.readDeadline = time.AfterFunc(sc.hs.ReadTimeout, st.onReadTimeout) } @@ -2038,7 +2039,7 @@ func (sc *serverConn) upgradeRequest(req *http.Request) { // Disable any read deadline set by the net/http package // prior to the upgrade. - if sc.hs.ReadTimeout != 0 { + if sc.hs.ReadTimeout > 0 { sc.conn.SetReadDeadline(time.Time{}) } @@ -2116,7 +2117,7 @@ func (sc *serverConn) newStream(id, pusherID uint32, state streamState) *stream st.flow.conn = &sc.flow // link to conn-level counter st.flow.add(sc.initialStreamSendWindowSize) st.inflow.init(sc.srv.initialStreamRecvWindowSize()) - if sc.hs.WriteTimeout != 0 { + if sc.hs.WriteTimeout > 0 { st.writeDeadline = time.AfterFunc(sc.hs.WriteTimeout, st.onWriteTimeout) } diff --git a/vendor/golang.org/x/net/http2/testsync.go b/vendor/golang.org/x/net/http2/testsync.go new file mode 100644 index 0000000000..61075bd16d --- /dev/null +++ b/vendor/golang.org/x/net/http2/testsync.go @@ -0,0 +1,331 @@ +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. +package http2 + +import ( + "context" + "sync" + "time" +) + +// testSyncHooks coordinates goroutines in tests. +// +// For example, a call to ClientConn.RoundTrip involves several goroutines, including: +// - the goroutine running RoundTrip; +// - the clientStream.doRequest goroutine, which writes the request; and +// - the clientStream.readLoop goroutine, which reads the response. +// +// Using testSyncHooks, a test can start a RoundTrip and identify when all these goroutines +// are blocked waiting for some condition such as reading the Request.Body or waiting for +// flow control to become available. +// +// The testSyncHooks also manage timers and synthetic time in tests. +// This permits us to, for example, start a request and cause it to time out waiting for +// response headers without resorting to time.Sleep calls. +type testSyncHooks struct { + // active/inactive act as a mutex and condition variable. + // + // - neither chan contains a value: testSyncHooks is locked. + // - active contains a value: unlocked, and at least one goroutine is not blocked + // - inactive contains a value: unlocked, and all goroutines are blocked + active chan struct{} + inactive chan struct{} + + // goroutine counts + total int // total goroutines + condwait map[*sync.Cond]int // blocked in sync.Cond.Wait + blocked []*testBlockedGoroutine // otherwise blocked + + // fake time + now time.Time + timers []*fakeTimer + + // Transport testing: Report various events. + newclientconn func(*ClientConn) + newstream func(*clientStream) +} + +// testBlockedGoroutine is a blocked goroutine. +type testBlockedGoroutine struct { + f func() bool // blocked until f returns true + ch chan struct{} // closed when unblocked +} + +func newTestSyncHooks() *testSyncHooks { + h := &testSyncHooks{ + active: make(chan struct{}, 1), + inactive: make(chan struct{}, 1), + condwait: map[*sync.Cond]int{}, + } + h.inactive <- struct{}{} + h.now = time.Date(2000, 1, 1, 0, 0, 0, 0, time.UTC) + return h +} + +// lock acquires the testSyncHooks mutex. +func (h *testSyncHooks) lock() { + select { + case <-h.active: + case <-h.inactive: + } +} + +// waitInactive waits for all goroutines to become inactive. +func (h *testSyncHooks) waitInactive() { + for { + <-h.inactive + if !h.unlock() { + break + } + } +} + +// unlock releases the testSyncHooks mutex. +// It reports whether any goroutines are active. +func (h *testSyncHooks) unlock() (active bool) { + // Look for a blocked goroutine which can be unblocked. + blocked := h.blocked[:0] + unblocked := false + for _, b := range h.blocked { + if !unblocked && b.f() { + unblocked = true + close(b.ch) + } else { + blocked = append(blocked, b) + } + } + h.blocked = blocked + + // Count goroutines blocked on condition variables. + condwait := 0 + for _, count := range h.condwait { + condwait += count + } + + if h.total > condwait+len(blocked) { + h.active <- struct{}{} + return true + } else { + h.inactive <- struct{}{} + return false + } +} + +// goRun starts a new goroutine. +func (h *testSyncHooks) goRun(f func()) { + h.lock() + h.total++ + h.unlock() + go func() { + defer func() { + h.lock() + h.total-- + h.unlock() + }() + f() + }() +} + +// blockUntil indicates that a goroutine is blocked waiting for some condition to become true. +// It waits until f returns true before proceeding. +// +// Example usage: +// +// h.blockUntil(func() bool { +// // Is the context done yet? +// select { +// case <-ctx.Done(): +// default: +// return false +// } +// return true +// }) +// // Wait for the context to become done. +// <-ctx.Done() +// +// The function f passed to blockUntil must be non-blocking and idempotent. +func (h *testSyncHooks) blockUntil(f func() bool) { + if f() { + return + } + ch := make(chan struct{}) + h.lock() + h.blocked = append(h.blocked, &testBlockedGoroutine{ + f: f, + ch: ch, + }) + h.unlock() + <-ch +} + +// broadcast is sync.Cond.Broadcast. +func (h *testSyncHooks) condBroadcast(cond *sync.Cond) { + h.lock() + delete(h.condwait, cond) + h.unlock() + cond.Broadcast() +} + +// broadcast is sync.Cond.Wait. +func (h *testSyncHooks) condWait(cond *sync.Cond) { + h.lock() + h.condwait[cond]++ + h.unlock() +} + +// newTimer creates a new fake timer. +func (h *testSyncHooks) newTimer(d time.Duration) timer { + h.lock() + defer h.unlock() + t := &fakeTimer{ + hooks: h, + when: h.now.Add(d), + c: make(chan time.Time), + } + h.timers = append(h.timers, t) + return t +} + +// afterFunc creates a new fake AfterFunc timer. +func (h *testSyncHooks) afterFunc(d time.Duration, f func()) timer { + h.lock() + defer h.unlock() + t := &fakeTimer{ + hooks: h, + when: h.now.Add(d), + f: f, + } + h.timers = append(h.timers, t) + return t +} + +func (h *testSyncHooks) contextWithTimeout(ctx context.Context, d time.Duration) (context.Context, context.CancelFunc) { + ctx, cancel := context.WithCancel(ctx) + t := h.afterFunc(d, cancel) + return ctx, func() { + t.Stop() + cancel() + } +} + +func (h *testSyncHooks) timeUntilEvent() time.Duration { + h.lock() + defer h.unlock() + var next time.Time + for _, t := range h.timers { + if next.IsZero() || t.when.Before(next) { + next = t.when + } + } + if d := next.Sub(h.now); d > 0 { + return d + } + return 0 +} + +// advance advances time and causes synthetic timers to fire. +func (h *testSyncHooks) advance(d time.Duration) { + h.lock() + defer h.unlock() + h.now = h.now.Add(d) + timers := h.timers[:0] + for _, t := range h.timers { + t := t // remove after go.mod depends on go1.22 + t.mu.Lock() + switch { + case t.when.After(h.now): + timers = append(timers, t) + case t.when.IsZero(): + // stopped timer + default: + t.when = time.Time{} + if t.c != nil { + close(t.c) + } + if t.f != nil { + h.total++ + go func() { + defer func() { + h.lock() + h.total-- + h.unlock() + }() + t.f() + }() + } + } + t.mu.Unlock() + } + h.timers = timers +} + +// A timer wraps a time.Timer, or a synthetic equivalent in tests. +// Unlike time.Timer, timer is single-use: The timer channel is closed when the timer expires. +type timer interface { + C() <-chan time.Time + Stop() bool + Reset(d time.Duration) bool +} + +// timeTimer implements timer using real time. +type timeTimer struct { + t *time.Timer + c chan time.Time +} + +// newTimeTimer creates a new timer using real time. +func newTimeTimer(d time.Duration) timer { + ch := make(chan time.Time) + t := time.AfterFunc(d, func() { + close(ch) + }) + return &timeTimer{t, ch} +} + +// newTimeAfterFunc creates an AfterFunc timer using real time. +func newTimeAfterFunc(d time.Duration, f func()) timer { + return &timeTimer{ + t: time.AfterFunc(d, f), + } +} + +func (t timeTimer) C() <-chan time.Time { return t.c } +func (t timeTimer) Stop() bool { return t.t.Stop() } +func (t timeTimer) Reset(d time.Duration) bool { return t.t.Reset(d) } + +// fakeTimer implements timer using fake time. +type fakeTimer struct { + hooks *testSyncHooks + + mu sync.Mutex + when time.Time // when the timer will fire + c chan time.Time // closed when the timer fires; mutually exclusive with f + f func() // called when the timer fires; mutually exclusive with c +} + +func (t *fakeTimer) C() <-chan time.Time { return t.c } + +func (t *fakeTimer) Stop() bool { + t.mu.Lock() + defer t.mu.Unlock() + stopped := t.when.IsZero() + t.when = time.Time{} + return stopped +} + +func (t *fakeTimer) Reset(d time.Duration) bool { + if t.c != nil || t.f == nil { + panic("fakeTimer only supports Reset on AfterFunc timers") + } + t.mu.Lock() + defer t.mu.Unlock() + t.hooks.lock() + defer t.hooks.unlock() + active := !t.when.IsZero() + t.when = t.hooks.now.Add(d) + if !active { + t.hooks.timers = append(t.hooks.timers, t) + } + return active +} diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go index df578b86c6..ce375c8c75 100644 --- a/vendor/golang.org/x/net/http2/transport.go +++ b/vendor/golang.org/x/net/http2/transport.go @@ -147,6 +147,12 @@ type Transport struct { // waiting for their turn. StrictMaxConcurrentStreams bool + // IdleConnTimeout is the maximum amount of time an idle + // (keep-alive) connection will remain idle before closing + // itself. + // Zero means no limit. + IdleConnTimeout time.Duration + // ReadIdleTimeout is the timeout after which a health check using ping // frame will be carried out if no frame is received on the connection. // Note that a ping response will is considered a received frame, so if @@ -178,6 +184,8 @@ type Transport struct { connPoolOnce sync.Once connPoolOrDef ClientConnPool // non-nil version of ConnPool + + syncHooks *testSyncHooks } func (t *Transport) maxHeaderListSize() uint32 { @@ -302,7 +310,7 @@ type ClientConn struct { readerErr error // set before readerDone is closed idleTimeout time.Duration // or 0 for never - idleTimer *time.Timer + idleTimer timer mu sync.Mutex // guards following cond *sync.Cond // hold mu; broadcast on flow/closed changes @@ -344,6 +352,60 @@ type ClientConn struct { werr error // first write error that has occurred hbuf bytes.Buffer // HPACK encoder writes into this henc *hpack.Encoder + + syncHooks *testSyncHooks // can be nil +} + +// Hook points used for testing. +// Outside of tests, cc.syncHooks is nil and these all have minimal implementations. +// Inside tests, see the testSyncHooks function docs. + +// goRun starts a new goroutine. +func (cc *ClientConn) goRun(f func()) { + if cc.syncHooks != nil { + cc.syncHooks.goRun(f) + return + } + go f() +} + +// condBroadcast is cc.cond.Broadcast. +func (cc *ClientConn) condBroadcast() { + if cc.syncHooks != nil { + cc.syncHooks.condBroadcast(cc.cond) + } + cc.cond.Broadcast() +} + +// condWait is cc.cond.Wait. +func (cc *ClientConn) condWait() { + if cc.syncHooks != nil { + cc.syncHooks.condWait(cc.cond) + } + cc.cond.Wait() +} + +// newTimer creates a new time.Timer, or a synthetic timer in tests. +func (cc *ClientConn) newTimer(d time.Duration) timer { + if cc.syncHooks != nil { + return cc.syncHooks.newTimer(d) + } + return newTimeTimer(d) +} + +// afterFunc creates a new time.AfterFunc timer, or a synthetic timer in tests. +func (cc *ClientConn) afterFunc(d time.Duration, f func()) timer { + if cc.syncHooks != nil { + return cc.syncHooks.afterFunc(d, f) + } + return newTimeAfterFunc(d, f) +} + +func (cc *ClientConn) contextWithTimeout(ctx context.Context, d time.Duration) (context.Context, context.CancelFunc) { + if cc.syncHooks != nil { + return cc.syncHooks.contextWithTimeout(ctx, d) + } + return context.WithTimeout(ctx, d) } // clientStream is the state for a single HTTP/2 stream. One of these @@ -425,7 +487,7 @@ func (cs *clientStream) abortStreamLocked(err error) { // TODO(dneil): Clean up tests where cs.cc.cond is nil. if cs.cc.cond != nil { // Wake up writeRequestBody if it is waiting on flow control. - cs.cc.cond.Broadcast() + cs.cc.condBroadcast() } } @@ -435,7 +497,7 @@ func (cs *clientStream) abortRequestBodyWrite() { defer cc.mu.Unlock() if cs.reqBody != nil && cs.reqBodyClosed == nil { cs.closeReqBodyLocked() - cc.cond.Broadcast() + cc.condBroadcast() } } @@ -445,10 +507,10 @@ func (cs *clientStream) closeReqBodyLocked() { } cs.reqBodyClosed = make(chan struct{}) reqBodyClosed := cs.reqBodyClosed - go func() { + cs.cc.goRun(func() { cs.reqBody.Close() close(reqBodyClosed) - }() + }) } type stickyErrWriter struct { @@ -537,15 +599,6 @@ func authorityAddr(scheme string, authority string) (addr string) { return net.JoinHostPort(host, port) } -var retryBackoffHook func(time.Duration) *time.Timer - -func backoffNewTimer(d time.Duration) *time.Timer { - if retryBackoffHook != nil { - return retryBackoffHook(d) - } - return time.NewTimer(d) -} - // RoundTripOpt is like RoundTrip, but takes options. func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Response, error) { if !(req.URL.Scheme == "https" || (req.URL.Scheme == "http" && t.AllowHTTP)) { @@ -573,13 +626,27 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res backoff := float64(uint(1) << (uint(retry) - 1)) backoff += backoff * (0.1 * mathrand.Float64()) d := time.Second * time.Duration(backoff) - timer := backoffNewTimer(d) + var tm timer + if t.syncHooks != nil { + tm = t.syncHooks.newTimer(d) + t.syncHooks.blockUntil(func() bool { + select { + case <-tm.C(): + case <-req.Context().Done(): + default: + return false + } + return true + }) + } else { + tm = newTimeTimer(d) + } select { - case <-timer.C: + case <-tm.C(): t.vlogf("RoundTrip retrying after failure: %v", roundTripErr) continue case <-req.Context().Done(): - timer.Stop() + tm.Stop() err = req.Context().Err() } } @@ -658,6 +725,9 @@ func canRetryError(err error) bool { } func (t *Transport) dialClientConn(ctx context.Context, addr string, singleUse bool) (*ClientConn, error) { + if t.syncHooks != nil { + return t.newClientConn(nil, singleUse, t.syncHooks) + } host, _, err := net.SplitHostPort(addr) if err != nil { return nil, err @@ -666,7 +736,7 @@ func (t *Transport) dialClientConn(ctx context.Context, addr string, singleUse b if err != nil { return nil, err } - return t.newClientConn(tconn, singleUse) + return t.newClientConn(tconn, singleUse, nil) } func (t *Transport) newTLSConfig(host string) *tls.Config { @@ -732,10 +802,10 @@ func (t *Transport) maxEncoderHeaderTableSize() uint32 { } func (t *Transport) NewClientConn(c net.Conn) (*ClientConn, error) { - return t.newClientConn(c, t.disableKeepAlives()) + return t.newClientConn(c, t.disableKeepAlives(), nil) } -func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, error) { +func (t *Transport) newClientConn(c net.Conn, singleUse bool, hooks *testSyncHooks) (*ClientConn, error) { cc := &ClientConn{ t: t, tconn: c, @@ -750,10 +820,15 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro wantSettingsAck: true, pings: make(map[[8]byte]chan struct{}), reqHeaderMu: make(chan struct{}, 1), + syncHooks: hooks, + } + if hooks != nil { + hooks.newclientconn(cc) + c = cc.tconn } if d := t.idleConnTimeout(); d != 0 { cc.idleTimeout = d - cc.idleTimer = time.AfterFunc(d, cc.onIdleTimeout) + cc.idleTimer = cc.afterFunc(d, cc.onIdleTimeout) } if VerboseLogs { t.vlogf("http2: Transport creating client conn %p to %v", cc, c.RemoteAddr()) @@ -818,7 +893,7 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro return nil, cc.werr } - go cc.readLoop() + cc.goRun(cc.readLoop) return cc, nil } @@ -826,7 +901,7 @@ func (cc *ClientConn) healthCheck() { pingTimeout := cc.t.pingTimeout() // We don't need to periodically ping in the health check, because the readLoop of ClientConn will // trigger the healthCheck again if there is no frame received. - ctx, cancel := context.WithTimeout(context.Background(), pingTimeout) + ctx, cancel := cc.contextWithTimeout(context.Background(), pingTimeout) defer cancel() cc.vlogf("http2: Transport sending health check") err := cc.Ping(ctx) @@ -1056,7 +1131,7 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error { // Wait for all in-flight streams to complete or connection to close done := make(chan struct{}) cancelled := false // guarded by cc.mu - go func() { + cc.goRun(func() { cc.mu.Lock() defer cc.mu.Unlock() for { @@ -1068,9 +1143,9 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error { if cancelled { break } - cc.cond.Wait() + cc.condWait() } - }() + }) shutdownEnterWaitStateHook() select { case <-done: @@ -1080,7 +1155,7 @@ func (cc *ClientConn) Shutdown(ctx context.Context) error { cc.mu.Lock() // Free the goroutine above cancelled = true - cc.cond.Broadcast() + cc.condBroadcast() cc.mu.Unlock() return ctx.Err() } @@ -1118,7 +1193,7 @@ func (cc *ClientConn) closeForError(err error) { for _, cs := range cc.streams { cs.abortStreamLocked(err) } - cc.cond.Broadcast() + cc.condBroadcast() cc.mu.Unlock() cc.closeConn() } @@ -1215,6 +1290,10 @@ func (cc *ClientConn) decrStreamReservationsLocked() { } func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) { + return cc.roundTrip(req, nil) +} + +func (cc *ClientConn) roundTrip(req *http.Request, streamf func(*clientStream)) (*http.Response, error) { ctx := req.Context() cs := &clientStream{ cc: cc, @@ -1229,9 +1308,23 @@ func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) { respHeaderRecv: make(chan struct{}), donec: make(chan struct{}), } - go cs.doRequest(req) + cc.goRun(func() { + cs.doRequest(req) + }) waitDone := func() error { + if cc.syncHooks != nil { + cc.syncHooks.blockUntil(func() bool { + select { + case <-cs.donec: + case <-ctx.Done(): + case <-cs.reqCancel: + default: + return false + } + return true + }) + } select { case <-cs.donec: return nil @@ -1292,7 +1385,24 @@ func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) { return err } + if streamf != nil { + streamf(cs) + } + for { + if cc.syncHooks != nil { + cc.syncHooks.blockUntil(func() bool { + select { + case <-cs.respHeaderRecv: + case <-cs.abort: + case <-ctx.Done(): + case <-cs.reqCancel: + default: + return false + } + return true + }) + } select { case <-cs.respHeaderRecv: return handleResponseHeaders() @@ -1348,6 +1458,21 @@ func (cs *clientStream) writeRequest(req *http.Request) (err error) { if cc.reqHeaderMu == nil { panic("RoundTrip on uninitialized ClientConn") // for tests } + var newStreamHook func(*clientStream) + if cc.syncHooks != nil { + newStreamHook = cc.syncHooks.newstream + cc.syncHooks.blockUntil(func() bool { + select { + case cc.reqHeaderMu <- struct{}{}: + <-cc.reqHeaderMu + case <-cs.reqCancel: + case <-ctx.Done(): + default: + return false + } + return true + }) + } select { case cc.reqHeaderMu <- struct{}{}: case <-cs.reqCancel: @@ -1372,6 +1497,10 @@ func (cs *clientStream) writeRequest(req *http.Request) (err error) { } cc.mu.Unlock() + if newStreamHook != nil { + newStreamHook(cs) + } + // TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere? if !cc.t.disableCompression() && req.Header.Get("Accept-Encoding") == "" && @@ -1452,15 +1581,30 @@ func (cs *clientStream) writeRequest(req *http.Request) (err error) { var respHeaderTimer <-chan time.Time var respHeaderRecv chan struct{} if d := cc.responseHeaderTimeout(); d != 0 { - timer := time.NewTimer(d) + timer := cc.newTimer(d) defer timer.Stop() - respHeaderTimer = timer.C + respHeaderTimer = timer.C() respHeaderRecv = cs.respHeaderRecv } // Wait until the peer half-closes its end of the stream, // or until the request is aborted (via context, error, or otherwise), // whichever comes first. for { + if cc.syncHooks != nil { + cc.syncHooks.blockUntil(func() bool { + select { + case <-cs.peerClosed: + case <-respHeaderTimer: + case <-respHeaderRecv: + case <-cs.abort: + case <-ctx.Done(): + case <-cs.reqCancel: + default: + return false + } + return true + }) + } select { case <-cs.peerClosed: return nil @@ -1609,7 +1753,7 @@ func (cc *ClientConn) awaitOpenSlotForStreamLocked(cs *clientStream) error { return nil } cc.pendingRequests++ - cc.cond.Wait() + cc.condWait() cc.pendingRequests-- select { case <-cs.abort: @@ -1871,8 +2015,24 @@ func (cs *clientStream) awaitFlowControl(maxBytes int) (taken int32, err error) cs.flow.take(take) return take, nil } - cc.cond.Wait() + cc.condWait() + } +} + +func validateHeaders(hdrs http.Header) string { + for k, vv := range hdrs { + if !httpguts.ValidHeaderFieldName(k) { + return fmt.Sprintf("name %q", k) + } + for _, v := range vv { + if !httpguts.ValidHeaderFieldValue(v) { + // Don't include the value in the error, + // because it may be sensitive. + return fmt.Sprintf("value for header %q", k) + } + } } + return "" } var errNilRequestURL = errors.New("http2: Request.URI is nil") @@ -1912,19 +2072,14 @@ func (cc *ClientConn) encodeHeaders(req *http.Request, addGzipHeader bool, trail } } - // Check for any invalid headers and return an error before we + // Check for any invalid headers+trailers and return an error before we // potentially pollute our hpack state. (We want to be able to // continue to reuse the hpack encoder for future requests) - for k, vv := range req.Header { - if !httpguts.ValidHeaderFieldName(k) { - return nil, fmt.Errorf("invalid HTTP header name %q", k) - } - for _, v := range vv { - if !httpguts.ValidHeaderFieldValue(v) { - // Don't include the value in the error, because it may be sensitive. - return nil, fmt.Errorf("invalid HTTP header value for header %q", k) - } - } + if err := validateHeaders(req.Header); err != "" { + return nil, fmt.Errorf("invalid HTTP header %s", err) + } + if err := validateHeaders(req.Trailer); err != "" { + return nil, fmt.Errorf("invalid HTTP trailer %s", err) } enumerateHeaders := func(f func(name, value string)) { @@ -2143,7 +2298,7 @@ func (cc *ClientConn) forgetStreamID(id uint32) { } // Wake up writeRequestBody via clientStream.awaitFlowControl and // wake up RoundTrip if there is a pending request. - cc.cond.Broadcast() + cc.condBroadcast() closeOnIdle := cc.singleUse || cc.doNotReuse || cc.t.disableKeepAlives() || cc.goAway != nil if closeOnIdle && cc.streamsReserved == 0 && len(cc.streams) == 0 { @@ -2231,7 +2386,7 @@ func (rl *clientConnReadLoop) cleanup() { cs.abortStreamLocked(err) } } - cc.cond.Broadcast() + cc.condBroadcast() cc.mu.Unlock() } @@ -2266,10 +2421,9 @@ func (rl *clientConnReadLoop) run() error { cc := rl.cc gotSettings := false readIdleTimeout := cc.t.ReadIdleTimeout - var t *time.Timer + var t timer if readIdleTimeout != 0 { - t = time.AfterFunc(readIdleTimeout, cc.healthCheck) - defer t.Stop() + t = cc.afterFunc(readIdleTimeout, cc.healthCheck) } for { f, err := cc.fr.ReadFrame() @@ -2684,7 +2838,7 @@ func (rl *clientConnReadLoop) processData(f *DataFrame) error { }) return nil } - if !cs.firstByte { + if !cs.pastHeaders { cc.logf("protocol error: received DATA before a HEADERS frame") rl.endStreamError(cs, StreamError{ StreamID: f.StreamID, @@ -2867,7 +3021,7 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { for _, cs := range cc.streams { cs.flow.add(delta) } - cc.cond.Broadcast() + cc.condBroadcast() cc.initialWindowSize = s.Val case SettingHeaderTableSize: @@ -2911,9 +3065,18 @@ func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error { fl = &cs.flow } if !fl.add(int32(f.Increment)) { + // For stream, the sender sends RST_STREAM with an error code of FLOW_CONTROL_ERROR + if cs != nil { + rl.endStreamError(cs, StreamError{ + StreamID: f.StreamID, + Code: ErrCodeFlowControl, + }) + return nil + } + return ConnectionError(ErrCodeFlowControl) } - cc.cond.Broadcast() + cc.condBroadcast() return nil } @@ -2955,24 +3118,38 @@ func (cc *ClientConn) Ping(ctx context.Context) error { } cc.mu.Unlock() } - errc := make(chan error, 1) - go func() { + var pingError error + errc := make(chan struct{}) + cc.goRun(func() { cc.wmu.Lock() defer cc.wmu.Unlock() - if err := cc.fr.WritePing(false, p); err != nil { - errc <- err + if pingError = cc.fr.WritePing(false, p); pingError != nil { + close(errc) return } - if err := cc.bw.Flush(); err != nil { - errc <- err + if pingError = cc.bw.Flush(); pingError != nil { + close(errc) return } - }() + }) + if cc.syncHooks != nil { + cc.syncHooks.blockUntil(func() bool { + select { + case <-c: + case <-errc: + case <-ctx.Done(): + case <-cc.readerDone: + default: + return false + } + return true + }) + } select { case <-c: return nil - case err := <-errc: - return err + case <-errc: + return pingError case <-ctx.Done(): return ctx.Err() case <-cc.readerDone: @@ -3141,9 +3318,17 @@ func (rt noDialH2RoundTripper) RoundTrip(req *http.Request) (*http.Response, err } func (t *Transport) idleConnTimeout() time.Duration { + // to keep things backwards compatible, we use non-zero values of + // IdleConnTimeout, followed by using the IdleConnTimeout on the underlying + // http1 transport, followed by 0 + if t.IdleConnTimeout != 0 { + return t.IdleConnTimeout + } + if t.t1 != nil { return t.t1.IdleConnTimeout } + return 0 } diff --git a/vendor/golang.org/x/net/websocket/client.go b/vendor/golang.org/x/net/websocket/client.go index 69a4ac7eef..1e64157f3e 100644 --- a/vendor/golang.org/x/net/websocket/client.go +++ b/vendor/golang.org/x/net/websocket/client.go @@ -6,10 +6,12 @@ package websocket import ( "bufio" + "context" "io" "net" "net/http" "net/url" + "time" ) // DialError is an error that occurs while dialling a websocket server. @@ -79,28 +81,59 @@ func parseAuthority(location *url.URL) string { // DialConfig opens a new client connection to a WebSocket with a config. func DialConfig(config *Config) (ws *Conn, err error) { - var client net.Conn + return config.DialContext(context.Background()) +} + +// DialContext opens a new client connection to a WebSocket, with context support for timeouts/cancellation. +func (config *Config) DialContext(ctx context.Context) (*Conn, error) { if config.Location == nil { return nil, &DialError{config, ErrBadWebSocketLocation} } if config.Origin == nil { return nil, &DialError{config, ErrBadWebSocketOrigin} } + dialer := config.Dialer if dialer == nil { dialer = &net.Dialer{} } - client, err = dialWithDialer(dialer, config) - if err != nil { - goto Error - } - ws, err = NewClient(config, client) + + client, err := dialWithDialer(ctx, dialer, config) if err != nil { - client.Close() - goto Error + return nil, &DialError{config, err} } - return -Error: - return nil, &DialError{config, err} + // Cleanup the connection if we fail to create the websocket successfully + success := false + defer func() { + if !success { + _ = client.Close() + } + }() + + var ws *Conn + var wsErr error + doneConnecting := make(chan struct{}) + go func() { + defer close(doneConnecting) + ws, err = NewClient(config, client) + if err != nil { + wsErr = &DialError{config, err} + } + }() + + // The websocket.NewClient() function can block indefinitely, make sure that we + // respect the deadlines specified by the context. + select { + case <-ctx.Done(): + // Force the pending operations to fail, terminating the pending connection attempt + _ = client.SetDeadline(time.Now()) + <-doneConnecting // Wait for the goroutine that tries to establish the connection to finish + return nil, &DialError{config, ctx.Err()} + case <-doneConnecting: + if wsErr == nil { + success = true // Disarm the deferred connection cleanup + } + return ws, wsErr + } } diff --git a/vendor/golang.org/x/net/websocket/dial.go b/vendor/golang.org/x/net/websocket/dial.go index 2dab943a48..8a2d83c473 100644 --- a/vendor/golang.org/x/net/websocket/dial.go +++ b/vendor/golang.org/x/net/websocket/dial.go @@ -5,18 +5,23 @@ package websocket import ( + "context" "crypto/tls" "net" ) -func dialWithDialer(dialer *net.Dialer, config *Config) (conn net.Conn, err error) { +func dialWithDialer(ctx context.Context, dialer *net.Dialer, config *Config) (conn net.Conn, err error) { switch config.Location.Scheme { case "ws": - conn, err = dialer.Dial("tcp", parseAuthority(config.Location)) + conn, err = dialer.DialContext(ctx, "tcp", parseAuthority(config.Location)) case "wss": - conn, err = tls.DialWithDialer(dialer, "tcp", parseAuthority(config.Location), config.TlsConfig) + tlsDialer := &tls.Dialer{ + NetDialer: dialer, + Config: config.TlsConfig, + } + conn, err = tlsDialer.DialContext(ctx, "tcp", parseAuthority(config.Location)) default: err = ErrBadScheme } diff --git a/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go b/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go index bd6b17e158..78d918bc72 100644 --- a/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go +++ b/vendor/k8s.io/api/admissionregistration/v1alpha1/types.go @@ -142,7 +142,7 @@ type ValidatingAdmissionPolicyList struct { // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // List of ValidatingAdmissionPolicy. - Items []ValidatingAdmissionPolicy `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` + Items []ValidatingAdmissionPolicy `json:"items" protobuf:"bytes,2,rep,name=items"` } // ValidatingAdmissionPolicySpec is the specification of the desired behavior of the AdmissionPolicy. @@ -404,7 +404,7 @@ type ValidatingAdmissionPolicyBindingList struct { // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // List of PolicyBinding. - Items []ValidatingAdmissionPolicyBinding `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` + Items []ValidatingAdmissionPolicyBinding `json:"items" protobuf:"bytes,2,rep,name=items"` } // ValidatingAdmissionPolicyBindingSpec is the specification of the ValidatingAdmissionPolicyBinding. diff --git a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go index 12c680dc97..27085e056a 100644 --- a/vendor/k8s.io/api/admissionregistration/v1beta1/types.go +++ b/vendor/k8s.io/api/admissionregistration/v1beta1/types.go @@ -158,7 +158,7 @@ type ValidatingAdmissionPolicyList struct { // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // List of ValidatingAdmissionPolicy. - Items []ValidatingAdmissionPolicy `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` + Items []ValidatingAdmissionPolicy `json:"items" protobuf:"bytes,2,rep,name=items"` } // ValidatingAdmissionPolicySpec is the specification of the desired behavior of the AdmissionPolicy. @@ -419,7 +419,7 @@ type ValidatingAdmissionPolicyBindingList struct { // +optional metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"` // List of PolicyBinding. - Items []ValidatingAdmissionPolicyBinding `json:"items,omitempty" protobuf:"bytes,2,rep,name=items"` + Items []ValidatingAdmissionPolicyBinding `json:"items" protobuf:"bytes,2,rep,name=items"` } // ValidatingAdmissionPolicyBindingSpec is the specification of the ValidatingAdmissionPolicyBinding. diff --git a/vendor/k8s.io/api/batch/v1/types.go b/vendor/k8s.io/api/batch/v1/types.go index 53fdf3c8d0..65e1d3c592 100644 --- a/vendor/k8s.io/api/batch/v1/types.go +++ b/vendor/k8s.io/api/batch/v1/types.go @@ -171,7 +171,7 @@ type PodFailurePolicyOnExitCodesRequirement struct { // When specified, it should match one the container or initContainer // names in the pod template. // +optional - ContainerName *string `json:"containerName" protobuf:"bytes,1,opt,name=containerName"` + ContainerName *string `json:"containerName,omitempty" protobuf:"bytes,1,opt,name=containerName"` // Represents the relationship between the container exit code(s) and the // specified values. Containers completed with success (exit code 0) are @@ -231,14 +231,14 @@ type PodFailurePolicyRule struct { // Represents the requirement on the container exit codes. // +optional - OnExitCodes *PodFailurePolicyOnExitCodesRequirement `json:"onExitCodes" protobuf:"bytes,2,opt,name=onExitCodes"` + OnExitCodes *PodFailurePolicyOnExitCodesRequirement `json:"onExitCodes,omitempty" protobuf:"bytes,2,opt,name=onExitCodes"` // Represents the requirement on the pod conditions. The requirement is represented // as a list of pod condition patterns. The requirement is satisfied if at // least one pattern matches an actual pod condition. At most 20 elements are allowed. // +listType=atomic // +optional - OnPodConditions []PodFailurePolicyOnPodConditionsPattern `json:"onPodConditions" protobuf:"bytes,3,opt,name=onPodConditions"` + OnPodConditions []PodFailurePolicyOnPodConditionsPattern `json:"onPodConditions,omitempty" protobuf:"bytes,3,opt,name=onPodConditions"` } // PodFailurePolicy describes how failed pods influence the backoffLimit. diff --git a/vendor/k8s.io/api/core/v1/generated.proto b/vendor/k8s.io/api/core/v1/generated.proto index cf9b6e6ebc..d099238cdf 100644 --- a/vendor/k8s.io/api/core/v1/generated.proto +++ b/vendor/k8s.io/api/core/v1/generated.proto @@ -3286,7 +3286,7 @@ message PersistentVolumeStatus { // lastPhaseTransitionTime is the time the phase transitioned from one to another // and automatically resets to current time everytime a volume phase transitions. - // This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature. + // This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default). // +featureGate=PersistentVolumeLastPhaseTransitionTime // +optional optional k8s.io.apimachinery.pkg.apis.meta.v1.Time lastPhaseTransitionTime = 4; diff --git a/vendor/k8s.io/api/core/v1/types.go b/vendor/k8s.io/api/core/v1/types.go index 1aade3806f..61ba21bcad 100644 --- a/vendor/k8s.io/api/core/v1/types.go +++ b/vendor/k8s.io/api/core/v1/types.go @@ -423,7 +423,7 @@ type PersistentVolumeStatus struct { Reason string `json:"reason,omitempty" protobuf:"bytes,3,opt,name=reason"` // lastPhaseTransitionTime is the time the phase transitioned from one to another // and automatically resets to current time everytime a volume phase transitions. - // This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature. + // This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default). // +featureGate=PersistentVolumeLastPhaseTransitionTime // +optional LastPhaseTransitionTime *metav1.Time `json:"lastPhaseTransitionTime,omitempty" protobuf:"bytes,4,opt,name=lastPhaseTransitionTime"` diff --git a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go index 01152a0964..fd6f7dc61b 100644 --- a/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go +++ b/vendor/k8s.io/api/core/v1/types_swagger_doc_generated.go @@ -1478,7 +1478,7 @@ var map_PersistentVolumeStatus = map[string]string{ "phase": "phase indicates if a volume is available, bound to a claim, or released by a claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#phase", "message": "message is a human-readable message indicating details about why the volume is in this state.", "reason": "reason is a brief CamelCase string that describes any failure and is meant for machine parsing and tidy display in the CLI.", - "lastPhaseTransitionTime": "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature.", + "lastPhaseTransitionTime": "lastPhaseTransitionTime is the time the phase transitioned from one to another and automatically resets to current time everytime a volume phase transitions. This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default).", } func (PersistentVolumeStatus) SwaggerDoc() map[string]string { diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go index 7cfdd06321..8a741936a3 100644 --- a/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go +++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go @@ -344,7 +344,7 @@ func (conn *Conn) handle(ws *websocket.Conn) { continue } if _, err := conn.channels[channel].DataFromSocket(data); err != nil { - klog.Errorf("Unable to write frame to %d: %v\n%s", channel, err, string(data)) + klog.Errorf("Unable to write frame (%d bytes) to %d: %v", len(data), channel, err) continue } } diff --git a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go b/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go index b2624694c8..9cd3c01aed 100644 --- a/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go +++ b/vendor/k8s.io/apiserver/pkg/admission/plugin/validatingadmissionpolicy/controller_reconcile.go @@ -180,8 +180,9 @@ func (c *policyController) reconcilePolicyDefinitionSpec(namespace, name string, celmetrics.Metrics.ObserveDefinition(context.TODO(), "active", "deny") } - // Skip reconcile if the spec of the definition is unchanged - if info.lastReconciledValue != nil && definition != nil && + // Skip reconcile if the spec of the definition is unchanged and had a + // successful previous sync + if info.configurationError == nil && info.lastReconciledValue != nil && definition != nil && apiequality.Semantic.DeepEqual(info.lastReconciledValue.Spec, definition.Spec) { return nil } diff --git a/vendor/k8s.io/apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiserver/pkg/features/kube_features.go index f059cef9bc..e524e0c647 100644 --- a/vendor/k8s.io/apiserver/pkg/features/kube_features.go +++ b/vendor/k8s.io/apiserver/pkg/features/kube_features.go @@ -163,6 +163,13 @@ const ( // Deprecates and removes SelfLink from ObjectMeta and ListMeta. RemoveSelfLink featuregate.Feature = "RemoveSelfLink" + // owner: @serathius + // beta: v1.30 + // + // Allow watch cache to create a watch on a dedicated RPC. + // This prevents watch cache from being starved by other watches. + SeparateCacheWatchRPC featuregate.Feature = "SeparateCacheWatchRPC" + // owner: @apelisse, @lavalamp // alpha: v1.14 // beta: v1.16 @@ -233,6 +240,12 @@ const ( // Enables support for watch bookmark events. WatchBookmark featuregate.Feature = "WatchBookmark" + // owner: @serathius + // beta: 1.30 + // Enables watches without resourceVersion to be served from storage. + // Used to prevent https://github.com/kubernetes/kubernetes/issues/123072 until etcd fixes the issue. + WatchFromStorageWithoutResourceVersion featuregate.Feature = "WatchFromStorageWithoutResourceVersion" + // owner: @vinaykul // kep: http://kep.k8s.io/1287 // alpha: v1.27 @@ -303,6 +316,8 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS RemoveSelfLink: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, + SeparateCacheWatchRPC: {Default: true, PreRelease: featuregate.Beta}, + ServerSideApply: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29 ServerSideFieldValidation: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29 @@ -319,6 +334,8 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS WatchBookmark: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, + WatchFromStorageWithoutResourceVersion: {Default: false, PreRelease: featuregate.Beta}, + InPlacePodVerticalScaling: {Default: false, PreRelease: featuregate.Alpha}, WatchList: {Default: false, PreRelease: featuregate.Alpha}, diff --git a/vendor/k8s.io/apiserver/pkg/server/config.go b/vendor/k8s.io/apiserver/pkg/server/config.go index beff08f14d..2142c14e61 100644 --- a/vendor/k8s.io/apiserver/pkg/server/config.go +++ b/vendor/k8s.io/apiserver/pkg/server/config.go @@ -1142,7 +1142,7 @@ func AuthorizeClientBearerToken(loopback *restclient.Config, authn *Authenticati tokens[privilegedLoopbackToken] = &user.DefaultInfo{ Name: user.APIServerUser, UID: uid, - Groups: []string{user.SystemPrivilegedGroup}, + Groups: []string{user.AllAuthenticated, user.SystemPrivilegedGroup}, } tokenAuthenticator := authenticatorfactory.NewFromTokens(tokens, authn.APIAudiences) diff --git a/vendor/k8s.io/apiserver/pkg/server/options/tracing.go b/vendor/k8s.io/apiserver/pkg/server/options/tracing.go index d56e7df511..7be62fad04 100644 --- a/vendor/k8s.io/apiserver/pkg/server/options/tracing.go +++ b/vendor/k8s.io/apiserver/pkg/server/options/tracing.go @@ -23,7 +23,9 @@ import ( "net" "github.com/spf13/pflag" + "go.opentelemetry.io/otel" "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc" + "go.opentelemetry.io/otel/metric/noop" "go.opentelemetry.io/otel/sdk/resource" "go.opentelemetry.io/otel/semconv/v1.12.0" "google.golang.org/grpc" @@ -48,6 +50,12 @@ var ( codecs = serializer.NewCodecFactory(cfgScheme) ) +func init() { + // Prevent memory leak from OTel metrics, which we don't use: + // https://github.com/open-telemetry/opentelemetry-go-contrib/issues/5190 + otel.SetMeterProvider(noop.NewMeterProvider()) +} + func init() { install.Install(cfgScheme) } diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go index 4f40804419..1bfc08d582 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go +++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/cacher.go @@ -25,6 +25,7 @@ import ( "time" "go.opentelemetry.io/otel/attribute" + "google.golang.org/grpc/metadata" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" @@ -50,7 +51,8 @@ import ( ) var ( - emptyFunc = func(bool) {} + emptyFunc = func(bool) {} + coreNamespaceResource = schema.GroupResource{Group: "", Resource: "namespaces"} ) const ( @@ -397,10 +399,18 @@ func NewCacherFromConfig(config Config) (*Cacher, error) { // so that future reuse does not get a spurious timeout. <-cacher.timer.C } - progressRequester := newConditionalProgressRequester(config.Storage.RequestWatchProgress, config.Clock) + var contextMetadata metadata.MD + if utilfeature.DefaultFeatureGate.Enabled(features.SeparateCacheWatchRPC) { + // Add grpc context metadata to watch and progress notify requests done by cacher to: + // * Prevent starvation of watch opened by cacher, by moving it to separate Watch RPC than watch request that bypass cacher. + // * Ensure that progress notification requests are executed on the same Watch RPC as their watch, which is required for it to work. + contextMetadata = metadata.New(map[string]string{"source": "cache"}) + } + + progressRequester := newConditionalProgressRequester(config.Storage.RequestWatchProgress, config.Clock, contextMetadata) watchCache := newWatchCache( config.KeyFunc, cacher.processEvent, config.GetAttrsFunc, config.Versioner, config.Indexers, config.Clock, config.GroupResource, progressRequester) - listerWatcher := NewListerWatcher(config.Storage, config.ResourcePrefix, config.NewListFunc) + listerWatcher := NewListerWatcher(config.Storage, config.ResourcePrefix, config.NewListFunc, contextMetadata) reflectorName := "storage/cacher.go:" + config.ResourcePrefix reflector := cache.NewNamedReflector(reflectorName, listerWatcher, obj, watchCache, 0) @@ -513,7 +523,7 @@ func (c *Cacher) Watch(ctx context.Context, key string, opts storage.ListOptions if !utilfeature.DefaultFeatureGate.Enabled(features.WatchList) && opts.SendInitialEvents != nil { opts.SendInitialEvents = nil } - if opts.SendInitialEvents == nil && opts.ResourceVersion == "" { + if utilfeature.DefaultFeatureGate.Enabled(features.WatchFromStorageWithoutResourceVersion) && opts.SendInitialEvents == nil && opts.ResourceVersion == "" { return c.storage.Watch(ctx, key, opts) } requestedWatchRV, err := c.versioner.ParseResourceVersion(opts.ResourceVersion) @@ -539,6 +549,12 @@ func (c *Cacher) Watch(ctx context.Context, key string, opts storage.ListOptions scope.name = selectorName } + // for request like '/api/v1/watch/namespaces/*', set scope.namespace to empty. + // namespaces don't populate metadata.namespace in ObjFields. + if c.groupResource == coreNamespaceResource && len(scope.namespace) > 0 && scope.namespace == scope.name { + scope.namespace = "" + } + triggerValue, triggerSupported := "", false if c.indexedTrigger != nil { for _, field := range pred.IndexFields { diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/lister_watcher.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/lister_watcher.go index 1252e5e349..2817a93dd0 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/cacher/lister_watcher.go +++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/lister_watcher.go @@ -19,6 +19,8 @@ package cacher import ( "context" + "google.golang.org/grpc/metadata" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/fields" "k8s.io/apimachinery/pkg/labels" @@ -30,17 +32,19 @@ import ( // listerWatcher opaques storage.Interface to expose cache.ListerWatcher. type listerWatcher struct { - storage storage.Interface - resourcePrefix string - newListFunc func() runtime.Object + storage storage.Interface + resourcePrefix string + newListFunc func() runtime.Object + contextMetadata metadata.MD } // NewListerWatcher returns a storage.Interface backed ListerWatcher. -func NewListerWatcher(storage storage.Interface, resourcePrefix string, newListFunc func() runtime.Object) cache.ListerWatcher { +func NewListerWatcher(storage storage.Interface, resourcePrefix string, newListFunc func() runtime.Object, contextMetadata metadata.MD) cache.ListerWatcher { return &listerWatcher{ - storage: storage, - resourcePrefix: resourcePrefix, - newListFunc: newListFunc, + storage: storage, + resourcePrefix: resourcePrefix, + newListFunc: newListFunc, + contextMetadata: contextMetadata, } } @@ -59,7 +63,11 @@ func (lw *listerWatcher) List(options metav1.ListOptions) (runtime.Object, error Predicate: pred, Recursive: true, } - if err := lw.storage.GetList(context.TODO(), lw.resourcePrefix, storageOpts, list); err != nil { + ctx := context.Background() + if lw.contextMetadata != nil { + ctx = metadata.NewOutgoingContext(ctx, lw.contextMetadata) + } + if err := lw.storage.GetList(ctx, lw.resourcePrefix, storageOpts, list); err != nil { return nil, err } return list, nil @@ -73,5 +81,9 @@ func (lw *listerWatcher) Watch(options metav1.ListOptions) (watch.Interface, err Recursive: true, ProgressNotify: true, } - return lw.storage.Watch(context.TODO(), lw.resourcePrefix, opts) + ctx := context.Background() + if lw.contextMetadata != nil { + ctx = metadata.NewOutgoingContext(ctx, lw.contextMetadata) + } + return lw.storage.Watch(ctx, lw.resourcePrefix, opts) } diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go index c26eb55dac..c27ca053b7 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go +++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache.go @@ -492,8 +492,7 @@ func (s sortableStoreElements) Swap(i, j int) { // WaitUntilFreshAndList returns list of pointers to `storeElement` objects along // with their ResourceVersion and the name of the index, if any, that was used. -func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion uint64, matchValues []storage.MatchValue) ([]interface{}, uint64, string, error) { - var err error +func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion uint64, matchValues []storage.MatchValue) (result []interface{}, rv uint64, index string, err error) { if utilfeature.DefaultFeatureGate.Enabled(features.ConsistentListFromCache) && w.notFresh(resourceVersion) { w.waitingUntilFresh.Add() err = w.waitUntilFreshAndBlock(ctx, resourceVersion) @@ -501,12 +500,14 @@ func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion } else { err = w.waitUntilFreshAndBlock(ctx, resourceVersion) } + + defer func() { sort.Sort(sortableStoreElements(result)) }() defer w.RUnlock() if err != nil { - return nil, 0, "", err + return result, rv, index, err } - result, rv, index, err := func() ([]interface{}, uint64, string, error) { + result, rv, index, err = func() ([]interface{}, uint64, string, error) { // This isn't the place where we do "final filtering" - only some "prefiltering" is happening here. So the only // requirement here is to NOT miss anything that should be returned. We can return as many non-matching items as we // want - they will be filtered out later. The fact that we return less things is only further performance improvement. @@ -519,7 +520,6 @@ func (w *watchCache) WaitUntilFreshAndList(ctx context.Context, resourceVersion return w.store.List(), w.resourceVersion, "", nil }() - sort.Sort(sortableStoreElements(result)) return result, rv, index, err } diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache_interval.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache_interval.go index c455357e04..2b57dd1650 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache_interval.go +++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_cache_interval.go @@ -18,6 +18,7 @@ package cacher import ( "fmt" + "sort" "sync" "k8s.io/apimachinery/pkg/fields" @@ -114,9 +115,24 @@ func newCacheInterval(startIndex, endIndex int, indexer indexerFunc, indexValida } } +type sortableWatchCacheEvents []*watchCacheEvent + +func (s sortableWatchCacheEvents) Len() int { + return len(s) +} + +func (s sortableWatchCacheEvents) Less(i, j int) bool { + return s[i].Key < s[j].Key +} + +func (s sortableWatchCacheEvents) Swap(i, j int) { + s[i], s[j] = s[j], s[i] +} + // newCacheIntervalFromStore is meant to handle the case of rv=0, such that the events // returned by Next() need to be events from a List() done on the underlying store of // the watch cache. +// The items returned in the interval will be sorted by Key. func newCacheIntervalFromStore(resourceVersion uint64, store cache.Indexer, getAttrsFunc attrFunc) (*watchCacheInterval, error) { buffer := &watchCacheIntervalBuffer{} allItems := store.List() @@ -140,6 +156,7 @@ func newCacheIntervalFromStore(resourceVersion uint64, store cache.Indexer, getA } buffer.endIndex++ } + sort.Sort(sortableWatchCacheEvents(buffer.buffer)) ci := &watchCacheInterval{ startIndex: 0, // Simulate that we already have all the events we're looking for. diff --git a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_progress.go b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_progress.go index f44ca9325b..13f50bc187 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_progress.go +++ b/vendor/k8s.io/apiserver/pkg/storage/cacher/watch_progress.go @@ -21,6 +21,8 @@ import ( "sync" "time" + "google.golang.org/grpc/metadata" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" "k8s.io/apimachinery/pkg/util/wait" @@ -34,10 +36,11 @@ const ( progressRequestPeriod = 100 * time.Millisecond ) -func newConditionalProgressRequester(requestWatchProgress WatchProgressRequester, clock TickerFactory) *conditionalProgressRequester { +func newConditionalProgressRequester(requestWatchProgress WatchProgressRequester, clock TickerFactory, contextMetadata metadata.MD) *conditionalProgressRequester { pr := &conditionalProgressRequester{ clock: clock, requestWatchProgress: requestWatchProgress, + contextMetadata: contextMetadata, } pr.cond = sync.NewCond(pr.mux.RLocker()) return pr @@ -54,6 +57,7 @@ type TickerFactory interface { type conditionalProgressRequester struct { clock TickerFactory requestWatchProgress WatchProgressRequester + contextMetadata metadata.MD mux sync.RWMutex cond *sync.Cond @@ -63,6 +67,9 @@ type conditionalProgressRequester struct { func (pr *conditionalProgressRequester) Run(stopCh <-chan struct{}) { ctx := wait.ContextForChannel(stopCh) + if pr.contextMetadata != nil { + ctx = metadata.NewOutgoingContext(ctx, pr.contextMetadata) + } go func() { defer utilruntime.HandleCrash() <-stopCh diff --git a/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go b/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go index fadc87d53d..1c0307bd91 100644 --- a/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go +++ b/vendor/k8s.io/apiserver/pkg/storage/etcd3/metrics/metrics.go @@ -84,7 +84,7 @@ var ( }, []string{"endpoint"}, ) - storageSizeDescription = compbasemetrics.NewDesc("apiserver_storage_size_bytes", "Size of the storage database file physically allocated in bytes.", []string{"cluster"}, nil, compbasemetrics.ALPHA, "") + storageSizeDescription = compbasemetrics.NewDesc("apiserver_storage_size_bytes", "Size of the storage database file physically allocated in bytes.", []string{"storage_cluster_id"}, nil, compbasemetrics.ALPHA, "") storageMonitor = &monitorCollector{monitorGetter: func() ([]Monitor, error) { return nil, nil }} etcdEventsReceivedCounts = compbasemetrics.NewCounterVec( &compbasemetrics.CounterOpts{ @@ -287,21 +287,21 @@ func (c *monitorCollector) CollectWithStability(ch chan<- compbasemetrics.Metric } for i, m := range monitors { - cluster := fmt.Sprintf("etcd-%d", i) + storageClusterID := fmt.Sprintf("etcd-%d", i) - klog.V(4).InfoS("Start collecting storage metrics", "cluster", cluster) + klog.V(4).InfoS("Start collecting storage metrics", "storage_cluster_id", storageClusterID) ctx, cancel := context.WithTimeout(context.Background(), time.Second) metrics, err := m.Monitor(ctx) cancel() m.Close() if err != nil { - klog.InfoS("Failed to get storage metrics", "cluster", cluster, "err", err) + klog.InfoS("Failed to get storage metrics", "storage_cluster_id", storageClusterID, "err", err) continue } - metric, err := compbasemetrics.NewConstMetric(storageSizeDescription, compbasemetrics.GaugeValue, float64(metrics.Size), cluster) + metric, err := compbasemetrics.NewConstMetric(storageSizeDescription, compbasemetrics.GaugeValue, float64(metrics.Size), storageClusterID) if err != nil { - klog.ErrorS(err, "Failed to create metric", "cluster", cluster) + klog.ErrorS(err, "Failed to create metric", "storage_cluster_id", storageClusterID) } ch <- metric } diff --git a/vendor/k8s.io/client-go/tools/remotecommand/websocket.go b/vendor/k8s.io/client-go/tools/remotecommand/websocket.go index a60986decc..49ef4717cd 100644 --- a/vendor/k8s.io/client-go/tools/remotecommand/websocket.go +++ b/vendor/k8s.io/client-go/tools/remotecommand/websocket.go @@ -187,6 +187,9 @@ type wsStreamCreator struct { // map of stream id to stream; multiple streams read/write the connection streams map[byte]*stream streamsMu sync.Mutex + // setStreamErr holds the error to return to anyone calling setStreams. + // this is populated in closeAllStreamReaders + setStreamErr error } func newWSStreamCreator(conn *gwebsocket.Conn) *wsStreamCreator { @@ -202,10 +205,14 @@ func (c *wsStreamCreator) getStream(id byte) *stream { return c.streams[id] } -func (c *wsStreamCreator) setStream(id byte, s *stream) { +func (c *wsStreamCreator) setStream(id byte, s *stream) error { c.streamsMu.Lock() defer c.streamsMu.Unlock() + if c.setStreamErr != nil { + return c.setStreamErr + } c.streams[id] = s + return nil } // CreateStream uses id from passed headers to create a stream over "c.conn" connection. @@ -228,7 +235,11 @@ func (c *wsStreamCreator) CreateStream(headers http.Header) (httpstream.Stream, connWriteLock: &c.connWriteLock, id: id, } - c.setStream(id, s) + if err := c.setStream(id, s); err != nil { + _ = s.writePipe.Close() + _ = s.readPipe.Close() + return nil, err + } return s, nil } @@ -312,7 +323,7 @@ func (c *wsStreamCreator) readDemuxLoop(bufferSize int, period time.Duration, de } // closeAllStreamReaders closes readers in all streams. -// This unblocks all stream.Read() calls. +// This unblocks all stream.Read() calls, and keeps any future streams from being created. func (c *wsStreamCreator) closeAllStreamReaders(err error) { c.streamsMu.Lock() defer c.streamsMu.Unlock() @@ -320,6 +331,12 @@ func (c *wsStreamCreator) closeAllStreamReaders(err error) { // Closing writePipe unblocks all readPipe.Read() callers and prevents any future writes. _ = s.writePipe.CloseWithError(err) } + // ensure callers to setStreams receive an error after this point + if err != nil { + c.setStreamErr = err + } else { + c.setStreamErr = fmt.Errorf("closed all streams") + } } type stream struct { diff --git a/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go b/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go index 3d464d12d7..39cd2ba288 100644 --- a/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go +++ b/vendor/k8s.io/component-base/metrics/prometheus/slis/metrics.go @@ -57,6 +57,7 @@ var ( func Register(registry k8smetrics.KubeRegistry) { registry.Register(healthcheck) registry.Register(healthchecksTotal) + _ = k8smetrics.RegisterProcessStartTime(registry.Register) } func ResetHealthMetrics() { diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go b/vendor/k8s.io/kubernetes/pkg/apis/core/types.go index fa1242b8a1..6a3f888ab3 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/types.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/types.go @@ -392,7 +392,7 @@ type PersistentVolumeStatus struct { Reason string // LastPhaseTransitionTime is the time the phase transitioned from one to another // and automatically resets to current time everytime a volume phase transitions. - // This is an alpha field and requires enabling PersistentVolumeLastPhaseTransitionTime feature. + // This is a beta field and requires the PersistentVolumeLastPhaseTransitionTime feature to be enabled (enabled by default). // +featureGate=PersistentVolumeLastPhaseTransitionTime // +optional LastPhaseTransitionTime *metav1.Time diff --git a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go index a6f7fef301..1885531f87 100644 --- a/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go +++ b/vendor/k8s.io/kubernetes/pkg/apis/core/validation/validation.go @@ -5141,6 +5141,46 @@ func ValidateContainerStateTransition(newStatuses, oldStatuses []core.ContainerS return allErrs } +// ValidateInitContainerStateTransition test to if any illegal init container state transitions are being attempted +func ValidateInitContainerStateTransition(newStatuses, oldStatuses []core.ContainerStatus, fldpath *field.Path, podSpec *core.PodSpec) field.ErrorList { + allErrs := field.ErrorList{} + // If we should always restart, containers are allowed to leave the terminated state + if podSpec.RestartPolicy == core.RestartPolicyAlways { + return allErrs + } + for i, oldStatus := range oldStatuses { + // Skip any container that is not terminated + if oldStatus.State.Terminated == nil { + continue + } + // Skip any container that failed but is allowed to restart + if oldStatus.State.Terminated.ExitCode != 0 && podSpec.RestartPolicy == core.RestartPolicyOnFailure { + continue + } + + // Skip any restartable init container that is allowed to restart + isRestartableInitContainer := false + for _, c := range podSpec.InitContainers { + if oldStatus.Name == c.Name { + if c.RestartPolicy != nil && *c.RestartPolicy == core.ContainerRestartPolicyAlways { + isRestartableInitContainer = true + } + break + } + } + if isRestartableInitContainer { + continue + } + + for _, newStatus := range newStatuses { + if oldStatus.Name == newStatus.Name && newStatus.State.Terminated == nil { + allErrs = append(allErrs, field.Forbidden(fldpath.Index(i).Child("state"), "may not be transitioned to non-terminated state")) + } + } + } + return allErrs +} + // ValidatePodStatusUpdate checks for changes to status that shouldn't occur in normal operation. func ValidatePodStatusUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions) field.ErrorList { fldPath := field.NewPath("metadata") @@ -5162,7 +5202,7 @@ func ValidatePodStatusUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions // If pod should not restart, make sure the status update does not transition // any terminated containers to a non-terminated state. allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.ContainerStatuses, oldPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), oldPod.Spec.RestartPolicy)...) - allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.InitContainerStatuses, oldPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), oldPod.Spec.RestartPolicy)...) + allErrs = append(allErrs, ValidateInitContainerStateTransition(newPod.Status.InitContainerStatuses, oldPod.Status.InitContainerStatuses, fldPath.Child("initContainerStatuses"), &oldPod.Spec)...) // The kubelet will never restart ephemeral containers, so treat them like they have an implicit RestartPolicyNever. allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.EphemeralContainerStatuses, oldPod.Status.EphemeralContainerStatuses, fldPath.Child("ephemeralContainerStatuses"), core.RestartPolicyNever)...) allErrs = append(allErrs, validatePodResourceClaimStatuses(newPod.Status.ResourceClaimStatuses, newPod.Spec.ResourceClaims, fldPath.Child("resourceClaimStatuses"))...) diff --git a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go b/vendor/k8s.io/kubernetes/pkg/features/kube_features.go index 48daa70635..b0b12d6ebf 100644 --- a/vendor/k8s.io/kubernetes/pkg/features/kube_features.go +++ b/vendor/k8s.io/kubernetes/pkg/features/kube_features.go @@ -616,6 +616,7 @@ const ( // owner: @RomanBednar // kep: https://kep.k8s.io/3762 // alpha: v1.28 + // beta: v1.29 // // Adds a new field to persistent volumes which holds a timestamp of when the volume last transitioned its phase. PersistentVolumeLastPhaseTransitionTime featuregate.Feature = "PersistentVolumeLastPhaseTransitionTime" @@ -1262,6 +1263,8 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS genericfeatures.OpenAPIEnums: {Default: true, PreRelease: featuregate.Beta}, + genericfeatures.SeparateCacheWatchRPC: {Default: true, PreRelease: featuregate.Beta}, + genericfeatures.ServerSideApply: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29 genericfeatures.ServerSideFieldValidation: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, // remove in 1.29 @@ -1272,6 +1275,8 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS genericfeatures.ZeroLimitedNominalConcurrencyShares: {Default: false, PreRelease: featuregate.Beta}, + genericfeatures.WatchFromStorageWithoutResourceVersion: {Default: false, PreRelease: featuregate.Beta}, + // inherited features from apiextensions-apiserver, relisted here to get a conflict if it is changed // unintentionally on either side: diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/framework/interface.go b/vendor/k8s.io/kubernetes/pkg/scheduler/framework/interface.go index d8f0f7d0e2..7d0610822d 100644 --- a/vendor/k8s.io/kubernetes/pkg/scheduler/framework/interface.go +++ b/vendor/k8s.io/kubernetes/pkg/scheduler/framework/interface.go @@ -49,7 +49,8 @@ type NodeScore struct { Score int64 } -// NodeToStatusMap declares map from node name to its status. +// NodeToStatusMap contains the statuses of the Nodes where the incoming Pod was not schedulable. +// A PostFilter plugin that uses this map should interpret absent Nodes as UnschedulableAndUnresolvable. type NodeToStatusMap map[string]*Status // NodePluginScores is a struct with node name and scores for that node. @@ -435,6 +436,8 @@ type FilterPlugin interface { type PostFilterPlugin interface { Plugin // PostFilter is called by the scheduling framework. + // If there is no entry in the NodeToStatus map, its implicit status is UnschedulableAndUnresolvable. + // // A PostFilter plugin should return one of the following statuses: // - Unschedulable: the plugin gets executed successfully but the pod cannot be made schedulable. // - Success: the plugin gets executed successfully and the pod can be made schedulable. diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/framework/types.go b/vendor/k8s.io/kubernetes/pkg/scheduler/framework/types.go index 696ad9b41a..a6b0d08bcd 100644 --- a/vendor/k8s.io/kubernetes/pkg/scheduler/framework/types.go +++ b/vendor/k8s.io/kubernetes/pkg/scheduler/framework/types.go @@ -279,8 +279,16 @@ type WeightedAffinityTerm struct { Weight int32 } +// ExtenderName is a fake plugin name put in UnschedulablePlugins when Extender rejected some Nodes. +const ExtenderName = "Extender" + // Diagnosis records the details to diagnose a scheduling failure. type Diagnosis struct { + // NodeToStatusMap records the status of each retriable node (status Unschedulable) + // if they're rejected in PreFilter (via PreFilterResult) or Filter plugins. + // Nodes that pass PreFilter/Filter plugins are not included in this map. + // While this map may contain UnschedulableAndUnresolvable statuses, the absence of + // a node should be interpreted as UnschedulableAndUnresolvable. NodeToStatusMap NodeToStatusMap // UnschedulablePlugins are plugins that returns Unschedulable or UnschedulableAndUnresolvable. UnschedulablePlugins sets.Set[string] diff --git a/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go index d4871e70d7..220acad24e 100644 --- a/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go +++ b/vendor/k8s.io/kubernetes/pkg/scheduler/metrics/metrics.go @@ -124,7 +124,7 @@ var ( // Start with 10ms with the last bucket being [~88m, Inf). Buckets: metrics.ExponentialBuckets(0.01, 2, 20), StabilityLevel: metrics.STABLE, - DeprecatedVersion: "1.28.0", + DeprecatedVersion: "1.29.0", }, []string{"attempts"}) diff --git a/vendor/k8s.io/kubernetes/pkg/util/filesystem/defaultfs.go b/vendor/k8s.io/kubernetes/pkg/util/filesystem/defaultfs.go index 39673a9589..ef99bd3bc4 100644 --- a/vendor/k8s.io/kubernetes/pkg/util/filesystem/defaultfs.go +++ b/vendor/k8s.io/kubernetes/pkg/util/filesystem/defaultfs.go @@ -72,9 +72,8 @@ func (fs *DefaultFs) Rename(oldpath, newpath string) error { return os.Rename(oldpath, newpath) } -// MkdirAll via os.MkdirAll func (fs *DefaultFs) MkdirAll(path string, perm os.FileMode) error { - return os.MkdirAll(fs.prefix(path), perm) + return MkdirAll(fs.prefix(path), perm) } // MkdirAllWithPathCheck checks if path exists already. If not, it creates a directory @@ -97,7 +96,7 @@ func MkdirAllWithPathCheck(path string, perm os.FileMode) error { return fmt.Errorf("path %v exists but is not a directory", path) } // If existence of path not known, attempt to create it. - if err := os.MkdirAll(path, perm); err != nil { + if err := MkdirAll(path, perm); err != nil { return err } return nil diff --git a/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_unix.go b/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_unix.go index df887f9450..07175cc103 100644 --- a/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_unix.go +++ b/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_unix.go @@ -35,3 +35,13 @@ func IsUnixDomainSocket(filePath string) (bool, error) { } return true, nil } + +// Chmod is the same as os.Chmod on Linux. +func Chmod(name string, mode os.FileMode) error { + return os.Chmod(name, mode) +} + +// MkdirAll is the same as os.MkdirAll on Linux. +func MkdirAll(path string, perm os.FileMode) error { + return os.MkdirAll(path, perm) +} diff --git a/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_windows.go b/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_windows.go index cd6a11ed30..2365e6e7d8 100644 --- a/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_windows.go +++ b/vendor/k8s.io/kubernetes/pkg/util/filesystem/util_windows.go @@ -27,6 +27,8 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "k8s.io/klog/v2" + + "golang.org/x/sys/windows" ) const ( @@ -85,3 +87,157 @@ func IsUnixDomainSocket(filePath string) (bool, error) { } return true, nil } + +// On Windows os.Mkdir all doesn't set any permissions so call the Chown function below to set +// permissions once the directory is created. +func MkdirAll(path string, perm os.FileMode) error { + klog.V(6).InfoS("Function MkdirAll starts", "path", path, "perm", perm) + err := os.MkdirAll(path, perm) + if err != nil { + return fmt.Errorf("Error creating directory %s: %v", path, err) + } + + err = Chmod(path, perm) + if err != nil { + return fmt.Errorf("Error setting permissions for directory %s: %v", path, err) + } + + return nil +} + +const ( + // These aren't defined in the syscall package for Windows :( + USER_READ = 0x100 + USER_WRITE = 0x80 + USER_EXECUTE = 0x40 + GROUP_READ = 0x20 + GROUP_WRITE = 0x10 + GROUP_EXECUTE = 0x8 + OTHERS_READ = 0x4 + OTHERS_WRITE = 0x2 + OTHERS_EXECUTE = 0x1 + USER_ALL = USER_READ | USER_WRITE | USER_EXECUTE + GROUP_ALL = GROUP_READ | GROUP_WRITE | GROUP_EXECUTE + OTHERS_ALL = OTHERS_READ | OTHERS_WRITE | OTHERS_EXECUTE +) + +// On Windows os.Chmod only sets the read-only flag on files, so we need to use Windows APIs to set the desired access on files / directories. +// The OWNER mode will set file permissions for the file owner SID, the GROUP mode will set file permissions for the file group SID, +// and the OTHERS mode will set file permissions for BUILTIN\Users. +// Please note that Windows containers can be run as one of two user accounts; ContainerUser or ContainerAdministrator. +// Containers run as ContainerAdministrator will inherit permissions from BUILTIN\Administrators, +// while containers run as ContainerUser will inherit permissions from BUILTIN\Users. +// Windows containers do not have the ability to run as a custom user account that is known to the host so the OTHERS group mode +// is used to grant / deny permissions of files on the hosts to the ContainerUser account. +func Chmod(path string, filemode os.FileMode) error { + klog.V(6).InfoS("Function Chmod starts", "path", path, "filemode", filemode) + // Get security descriptor for the file + sd, err := windows.GetNamedSecurityInfo( + path, + windows.SE_FILE_OBJECT, + windows.DACL_SECURITY_INFORMATION|windows.PROTECTED_DACL_SECURITY_INFORMATION|windows.OWNER_SECURITY_INFORMATION|windows.GROUP_SECURITY_INFORMATION) + if err != nil { + return fmt.Errorf("Error getting security descriptor for file %s: %v", path, err) + } + + // Get owner SID from the security descriptor for assigning USER permissions + owner, _, err := sd.Owner() + if err != nil { + return fmt.Errorf("Error getting owner SID for file %s: %v", path, err) + } + ownerString := owner.String() + + // Get the group SID from the security descriptor for assigning GROUP permissions + group, _, err := sd.Group() + if err != nil { + return fmt.Errorf("Error getting group SID for file %s: %v", path, err) + } + groupString := group.String() + + mask := uint32(windows.ACCESS_MASK(filemode)) + + // Build a new Discretionary Access Control List (DACL) with the desired permissions using + //the Security Descriptor Definition Language (SDDL) format. + // https://learn.microsoft.com/windows/win32/secauthz/security-descriptor-definition-language + // the DACL is a list of Access Control Entries (ACEs) where each ACE represents the permissions (Allow or Deny) for a specific SID. + // Each ACE has the following format: + // (AceType;AceFlags;Rights;ObjectGuid;InheritObjectGuid;AccountSid) + // We can leave ObjectGuid and InheritObjectGuid empty for our purposes. + + dacl := "D:" + + // build the owner ACE + dacl += "(A;OICI;" + if mask&USER_ALL == USER_ALL { + dacl += "FA" + } else { + if mask&USER_READ == USER_READ { + dacl += "FR" + } + if mask&USER_WRITE == USER_WRITE { + dacl += "FW" + } + if mask&USER_EXECUTE == USER_EXECUTE { + dacl += "FX" + } + } + dacl += ";;;" + ownerString + ")" + + // Build the group ACE + dacl += "(A;OICI;" + if mask&GROUP_ALL == GROUP_ALL { + dacl += "FA" + } else { + if mask&GROUP_READ == GROUP_READ { + dacl += "FR" + } + if mask&GROUP_WRITE == GROUP_WRITE { + dacl += "FW" + } + if mask&GROUP_EXECUTE == GROUP_EXECUTE { + dacl += "FX" + } + } + dacl += ";;;" + groupString + ")" + + // Build the others ACE + dacl += "(A;OICI;" + if mask&OTHERS_ALL == OTHERS_ALL { + dacl += "FA" + } else { + if mask&OTHERS_READ == OTHERS_READ { + dacl += "FR" + } + if mask&OTHERS_WRITE == OTHERS_WRITE { + dacl += "FW" + } + if mask&OTHERS_EXECUTE == OTHERS_EXECUTE { + dacl += "FX" + } + } + dacl += ";;;BU)" + + klog.V(6).InfoS("Setting new DACL for path", "path", path, "dacl", dacl) + + // create a new security descriptor from the DACL string + newSD, err := windows.SecurityDescriptorFromString(dacl) + if err != nil { + return fmt.Errorf("Error creating new security descriptor from DACL string: %v", err) + } + + // get the DACL in binary format from the newly created security descriptor + newDACL, _, err := newSD.DACL() + if err != nil { + return fmt.Errorf("Error getting DACL from new security descriptor: %v", err) + } + + // Write the new security descriptor to the file + return windows.SetNamedSecurityInfo( + path, + windows.SE_FILE_OBJECT, + windows.DACL_SECURITY_INFORMATION|windows.PROTECTED_DACL_SECURITY_INFORMATION, + nil, // owner SID + nil, // group SID + newDACL, + nil) // SACL +} diff --git a/vendor/k8s.io/kubernetes/pkg/volume/plugins.go b/vendor/k8s.io/kubernetes/pkg/volume/plugins.go index 94c2330afc..dcccb56f10 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/plugins.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/plugins.go @@ -1064,7 +1064,7 @@ func NewPersistentVolumeRecyclerPodTemplate() *v1.Pod { Containers: []v1.Container{ { Name: "pv-recycler", - Image: "registry.k8s.io/build-image/debian-base:bookworm-v1.0.0", + Image: "registry.k8s.io/build-image/debian-base:bookworm-v1.0.3", Command: []string{"/bin/sh"}, Args: []string{"-c", "test -e /scrub && find /scrub -mindepth 1 -delete && test -z \"$(ls -A /scrub)\" || exit 1"}, VolumeMounts: []v1.VolumeMount{ diff --git a/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go b/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go index af309353ba..238e919b33 100644 --- a/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go +++ b/vendor/k8s.io/kubernetes/pkg/volume/util/types/types.go @@ -102,6 +102,23 @@ func IsFailedPreconditionError(err error) bool { return errors.As(err, &failedPreconditionError) } +type OperationNotSupported struct { + msg string +} + +func (err *OperationNotSupported) Error() string { + return err.msg +} + +func NewOperationNotSupportedError(msg string) *OperationNotSupported { + return &OperationNotSupported{msg: msg} +} + +func IsOperationNotSupportedError(err error) bool { + var operationNotSupportedError *OperationNotSupported + return errors.As(err, &operationNotSupportedError) +} + // TransientOperationFailure indicates operation failed with a transient error // and may fix itself when retried. type TransientOperationFailure struct { diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/scheduling/nvidia-driver-installer.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/scheduling/nvidia-driver-installer.yaml index ab558f9147..019d7cfc7b 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/scheduling/nvidia-driver-installer.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/scheduling/nvidia-driver-installer.yaml @@ -1,5 +1,5 @@ # This DaemonSet was originally referenced from -# https://github.com/GoogleCloudPlatform/container-engine-accelerators/blob/master/daemonset.yaml +# https://github.com/GoogleCloudPlatform/container-engine-accelerators/blob/master/nvidia-driver-installer/cos/daemonset-preloaded.yaml # The Dockerfile and other source for this daemonset are in # https://github.com/GoogleCloudPlatform/cos-gpu-installer @@ -47,17 +47,43 @@ spec: - name: root-mount hostPath: path: / + - name: cos-tools + hostPath: + path: /var/lib/cos-tools + - name: nvidia-config + hostPath: + path: /etc/nvidia initContainers: + - image: "ubuntu@sha256:3f85b7caad41a95462cf5b787d8a04604c8262cdcdf9a472b8c52ef83375fe15" + name: bind-mount-install-dir + securityContext: + privileged: true + command: + - nsenter + - -at + - '1' + - -- + - sh + - -c + - | + if mountpoint -q /var/lib/nvidia; then + echo "The mountpoint /var/lib/nvidia exists." + else + echo "The mountpoint /var/lib/nvidia does not exist. Creating directories /home/kubernetes/bin/nvidia and /var/lib/nvidia and bind mount." + mkdir -p /var/lib/nvidia /home/kubernetes/bin/nvidia + mount --bind /home/kubernetes/bin/nvidia /var/lib/nvidia + echo "Done creating bind mounts" + fi # The COS GPU installer image version may be dependent on the version of COS being used. # Refer to details about the installer in https://cos.googlesource.com/cos/tools/+/refs/heads/master/src/cmd/cos_gpu_installer/ # and the COS release notes (https://cloud.google.com/container-optimized-os/docs/release-notes) to determine version COS GPU installer for a given version of COS. - # Maps to gcr.io/cos-cloud/cos-gpu-installer:v2.1.9 - suitable for COS M109 as per https://cloud.google.com/container-optimized-os/docs/release-notes - - image: gcr.io/cos-cloud/cos-gpu-installer:v2.1.9 + # Maps to gcr.io/cos-cloud/cos-gpu-installer:v2.1.10 - suitable for COS M109 as per https://cloud.google.com/container-optimized-os/docs/release-notes + - image: "gcr.io/cos-cloud/cos-gpu-installer:v2.1.10" name: nvidia-driver-installer resources: requests: - cpu: 0.15 + cpu: 150m securityContext: privileged: true env: @@ -71,6 +97,10 @@ spec: value: /etc/vulkan/icd.d - name: ROOT_MOUNT_DIR value: /root + - name: COS_TOOLS_DIR_HOST + value: /var/lib/cos-tools + - name: COS_TOOLS_DIR_CONTAINER + value: /build/cos-tools volumeMounts: - name: nvidia-install-dir-host mountPath: /usr/local/nvidia @@ -80,6 +110,37 @@ spec: mountPath: /dev - name: root-mount mountPath: /root + - name: cos-tools + mountPath: /build/cos-tools + command: + - bash + - -c + - | + echo "Checking for existing GPU driver modules" + if lsmod | grep nvidia; then + echo "GPU driver is already installed, the installed version may or may not be the driver version being tried to install, skipping installation" + exit 0 + else + echo "No GPU driver module detected, installing now" + /cos-gpu-installer install + fi + - image: "gcr.io/gke-release/nvidia-partition-gpu@sha256:e226275da6c45816959fe43cde907ee9a85c6a2aa8a429418a4cadef8ecdb86a" + name: partition-gpus + env: + - name: LD_LIBRARY_PATH + value: /usr/local/nvidia/lib64 + resources: + requests: + cpu: 150m + securityContext: + privileged: true + volumeMounts: + - name: nvidia-install-dir-host + mountPath: /usr/local/nvidia + - name: dev + mountPath: /dev + - name: nvidia-config + mountPath: /etc/nvidia containers: - image: "registry.k8s.io/pause:3.9" name: pause diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml index e47e6fed26..3d33dfc066 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-attacher/rbac.yaml @@ -1,5 +1,5 @@ -# Do not edit, downloaded from https://github.com/kubernetes-csi/external-attacher/raw/v3.4.0/deploy/kubernetes//rbac.yaml -# for csi-driver-host-path v1.8.0 +# Do not edit, downloaded from https://github.com/kubernetes-csi/external-attacher/raw/v4.5.0/deploy/kubernetes//rbac.yaml +# for csi-driver-host-path release-1.13 # by ./update-hostpath.sh # # This YAML file contains all RBAC objects that are necessary to run external diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-health-monitor/external-health-monitor-controller/rbac.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-health-monitor/external-health-monitor-controller/rbac.yaml index 8f806887f4..bdd93b894d 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-health-monitor/external-health-monitor-controller/rbac.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-health-monitor/external-health-monitor-controller/rbac.yaml @@ -1,5 +1,5 @@ -# Do not edit, downloaded from https://github.com/kubernetes-csi/external-health-monitor/raw/v0.4.0/deploy/kubernetes/external-health-monitor-controller/rbac.yaml -# for csi-driver-host-path v1.8.0 +# Do not edit, downloaded from https://github.com/kubernetes-csi/external-health-monitor/raw/v0.11.0/deploy/kubernetes/external-health-monitor-controller/rbac.yaml +# for csi-driver-host-path release-1.13 # by ./update-hostpath.sh # # This YAML file contains all RBAC objects that are necessary to run external diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml index ba65d9e7f5..d80b5d793b 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-provisioner/rbac.yaml @@ -1,5 +1,5 @@ -# Do not edit, downloaded from https://github.com/kubernetes-csi/external-provisioner/raw/v3.1.0/deploy/kubernetes//rbac.yaml -# for csi-driver-host-path v1.8.0 +# Do not edit, downloaded from https://github.com/kubernetes-csi/external-provisioner/raw/v4.0.0/deploy/kubernetes//rbac.yaml +# for csi-driver-host-path release-1.13 # by ./update-hostpath.sh # # This YAML file contains all RBAC objects that are necessary to run external @@ -61,6 +61,13 @@ rules: - apiGroups: ["storage.k8s.io"] resources: ["volumeattachments"] verbs: ["get", "list", "watch"] + # (Alpha) Access to referencegrants is only needed when the CSI driver + # has the CrossNamespaceVolumeDataSource controller capability. + # In that case, external-provisioner requires "get", "list", "watch" + # permissions for "referencegrants" on "gateway.networking.k8s.io". + #- apiGroups: ["gateway.networking.k8s.io"] + # resources: ["referencegrants"] + # verbs: ["get", "list", "watch"] --- kind: ClusterRoleBinding @@ -89,9 +96,6 @@ metadata: rules: # Only one of the following rules for endpoints or leases is required based on # what is set for `--leader-election-type`. Endpoints are deprecated in favor of Leases. -- apiGroups: [""] - resources: ["endpoints"] - verbs: ["get", "watch", "list", "delete", "update", "create"] - apiGroups: ["coordination.k8s.io"] resources: ["leases"] verbs: ["get", "watch", "list", "delete", "update", "create"] diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-resizer/rbac.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-resizer/rbac.yaml index 410d14ff90..4f8f7980d4 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-resizer/rbac.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-resizer/rbac.yaml @@ -1,5 +1,5 @@ -# Do not edit, downloaded from https://github.com/kubernetes-csi/external-resizer/raw/v1.4.0/deploy/kubernetes//rbac.yaml -# for csi-driver-host-path v1.8.0 +# Do not edit, downloaded from https://github.com/kubernetes-csi/external-resizer/raw/v1.10.0/deploy/kubernetes//rbac.yaml +# for csi-driver-host-path release-1.13 # by ./update-hostpath.sh # # This YAML file contains all RBAC objects that are necessary to run external @@ -46,6 +46,10 @@ rules: - apiGroups: [""] resources: ["events"] verbs: ["list", "watch", "create", "update", "patch"] + # only required if enabling the alpha volume modify feature + - apiGroups: ["storage.k8s.io"] + resources: ["volumeattributesclasses"] + verbs: ["get", "list", "watch"] --- kind: ClusterRoleBinding @@ -63,7 +67,7 @@ roleRef: apiGroup: rbac.authorization.k8s.io --- -# Resizer must be able to work with end point in current namespace +# Resizer must be able to work with `leases` in current namespace # if (and only if) leadership election is enabled kind: Role apiVersion: rbac.authorization.k8s.io/v1 diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-snapshotter/csi-snapshotter/rbac-csi-snapshotter.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-snapshotter/csi-snapshotter/rbac-csi-snapshotter.yaml index 335538d44b..7b5f5ad34d 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-snapshotter/csi-snapshotter/rbac-csi-snapshotter.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/external-snapshotter/csi-snapshotter/rbac-csi-snapshotter.yaml @@ -1,5 +1,5 @@ -# Do not edit, downloaded from https://github.com/kubernetes-csi/external-snapshotter/raw/v5.0.1/deploy/kubernetes/csi-snapshotter/rbac-csi-snapshotter.yaml -# for csi-driver-host-path v1.8.0 +# Do not edit, downloaded from https://github.com/kubernetes-csi/external-snapshotter/raw/v7.0.1/deploy/kubernetes/csi-snapshotter/rbac-csi-snapshotter.yaml +# for csi-driver-host-path release-1.13 # by ./update-hostpath.sh # # Together with the RBAC file for external-provisioner, this YAML file @@ -12,6 +12,7 @@ # - optionally rename the non-namespaced ClusterRole if there # are conflicts with other deployments +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -37,13 +38,24 @@ rules: - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotclasses"] verbs: ["get", "list", "watch"] + - apiGroups: ["snapshot.storage.k8s.io"] + resources: ["volumesnapshots"] + verbs: ["get", "list", "watch", "update", "patch", "create"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotcontents"] - verbs: ["create", "get", "list", "watch", "update", "delete", "patch"] + verbs: ["get", "list", "watch", "update", "patch", "create"] - apiGroups: ["snapshot.storage.k8s.io"] resources: ["volumesnapshotcontents/status"] verbs: ["update", "patch"] - + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotclasses"] + verbs: ["get", "list", "watch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents"] + verbs: ["get", "list", "watch", "update", "patch"] + - apiGroups: ["groupsnapshot.storage.k8s.io"] + resources: ["volumegroupsnapshotcontents/status"] + verbs: ["update", "patch"] --- kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/README.md b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/README.md index 399316db2b..ce3a7694e1 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/README.md +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/README.md @@ -1,4 +1,4 @@ The files in this directory are exact copies of "kubernetes-latest" in -https://github.com/kubernetes-csi/csi-driver-host-path/tree/v1.8.0/deploy/ +https://github.com/kubernetes-csi/csi-driver-host-path/tree/release-1.13/deploy/ Do not edit manually. Run ./update-hostpath.sh to refresh the content. diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-driverinfo.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-driverinfo.yaml index c8cf666a47..0250a52c1a 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-driverinfo.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-driverinfo.yaml @@ -15,3 +15,6 @@ spec: # To determine at runtime which mode a volume uses, pod info and its # "csi.storage.k8s.io/ephemeral" entry are needed. podInfoOnMount: true + # Kubernetes may use fsGroup to change permissions and ownership + # of the volume to match user requested fsGroup in the pod's SecurityPolicy + fsGroupPolicy: File diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-plugin.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-plugin.yaml index 6a41a02391..eb4c163484 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-plugin.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-plugin.yaml @@ -1,4 +1,4 @@ -# All of the individual sidecar RBAC roles get bound + # All of the individual sidecar RBAC roles get bound # to this account. kind: ServiceAccount apiVersion: v1 @@ -190,6 +190,7 @@ kind: StatefulSet apiVersion: apps/v1 metadata: name: csi-hostpathplugin + namespace: default labels: app.kubernetes.io/instance: hostpath.csi.k8s.io app.kubernetes.io/part-of: csi-driver-host-path @@ -218,7 +219,7 @@ spec: serviceAccountName: csi-hostpathplugin-sa containers: - name: hostpath - image: registry.k8s.io/sig-storage/hostpathplugin:v1.11.0 + image: registry.k8s.io/sig-storage/hostpathplugin:v1.13.0 args: - "--drivername=hostpath.csi.k8s.io" - "--v=5" @@ -261,7 +262,7 @@ spec: name: dev-dir - name: csi-external-health-monitor-controller - image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.7.0 + image: registry.k8s.io/sig-storage/csi-external-health-monitor-controller:v0.11.0 args: - "--v=5" - "--csi-address=$(ADDRESS)" @@ -275,7 +276,7 @@ spec: mountPath: /csi - name: node-driver-registrar - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 args: - --v=5 - --csi-address=/csi/csi.sock @@ -303,13 +304,13 @@ spec: volumeMounts: - mountPath: /csi name: socket-dir - image: registry.k8s.io/sig-storage/livenessprobe:v2.7.0 + image: registry.k8s.io/sig-storage/livenessprobe:v2.12.0 args: - --csi-address=/csi/csi.sock - --health-port=9898 - name: csi-attacher - image: registry.k8s.io/sig-storage/csi-attacher:v4.0.0 + image: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 args: - --v=5 - --csi-address=/csi/csi.sock @@ -323,11 +324,12 @@ spec: name: socket-dir - name: csi-provisioner - image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0 + image: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 args: - -v=5 - --csi-address=/csi/csi.sock - --feature-gates=Topology=true + # end csi-provisioner args securityContext: # This is necessary only for systems with SELinux, where # non-privileged sidecar containers cannot access unix domain socket @@ -338,7 +340,7 @@ spec: name: socket-dir - name: csi-resizer - image: registry.k8s.io/sig-storage/csi-resizer:v1.6.0 + image: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 args: - -v=5 - -csi-address=/csi/csi.sock @@ -352,7 +354,7 @@ spec: name: socket-dir - name: csi-snapshotter - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0 + image: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 args: - -v=5 - --csi-address=/csi/csi.sock diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-testing.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-testing.yaml index 7253a70a9d..02e5e8d7c1 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-testing.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/hostpath/hostpath/csi-hostpath-testing.yaml @@ -11,6 +11,7 @@ apiVersion: v1 kind: Service metadata: name: hostpath-service + namespace: default labels: app.kubernetes.io/instance: hostpath.csi.k8s.io app.kubernetes.io/part-of: csi-driver-host-path @@ -30,6 +31,7 @@ kind: StatefulSet apiVersion: apps/v1 metadata: name: csi-hostpath-socat + namespace: default labels: app.kubernetes.io/instance: hostpath.csi.k8s.io app.kubernetes.io/part-of: csi-driver-host-path @@ -64,7 +66,9 @@ spec: topologyKey: kubernetes.io/hostname containers: - name: socat - image: docker.io/alpine/socat:1.7.4.3-r0 + image: registry.k8s.io/sig-storage/hostpathplugin:v1.13.0 + command: + - socat args: - tcp-listen:10000,fork,reuseaddr - unix-connect:/csi/csi.sock diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml index 7684aea78c..b17687c617 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-attacher.yaml @@ -15,7 +15,7 @@ spec: serviceAccountName: csi-mock containers: - name: csi-attacher - image: registry.k8s.io/sig-storage/csi-attacher:v4.0.0 + image: registry.k8s.io/sig-storage/csi-attacher:v4.5.0 args: - --v=5 - --csi-address=$(ADDRESS) diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml index 242c0b5aa7..ef85e3170f 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-resizer.yaml @@ -15,7 +15,7 @@ spec: serviceAccountName: csi-mock containers: - name: csi-resizer - image: registry.k8s.io/sig-storage/csi-resizer:v1.6.0 + image: registry.k8s.io/sig-storage/csi-resizer:v1.10.0 args: - "--v=5" - "--csi-address=$(ADDRESS)" diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-snapshotter.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-snapshotter.yaml index f788a4a8f2..6718060ec9 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-snapshotter.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver-snapshotter.yaml @@ -15,7 +15,7 @@ spec: serviceAccountName: csi-mock containers: - name: csi-snapshotter - image: registry.k8s.io/sig-storage/csi-snapshotter:v6.1.0 + image: registry.k8s.io/sig-storage/csi-snapshotter:v7.0.1 args: - "--v=5" - "--csi-address=$(ADDRESS)" diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml index 4493deccc0..3035532c5d 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-driver.yaml @@ -15,7 +15,7 @@ spec: serviceAccountName: csi-mock containers: - name: csi-provisioner - image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0 + image: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 args: - "--csi-address=$(ADDRESS)" # Topology support is needed for the pod rescheduling test @@ -34,7 +34,7 @@ spec: - mountPath: /csi name: socket-dir - name: driver-registrar - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 args: - --v=5 - --csi-address=/csi/csi.sock @@ -53,7 +53,7 @@ spec: - mountPath: /registration name: registration-dir - name: mock - image: registry.k8s.io/sig-storage/hostpathplugin:v1.9.0 + image: registry.k8s.io/sig-storage/hostpathplugin:v1.13.0 args: - "--drivername=mock.storage.k8s.io" - "--nodeid=$(KUBE_NODE_NAME)" diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-proxy.yaml b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-proxy.yaml index d1aa8ece86..189c17af67 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-proxy.yaml +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/mock/csi-mock-proxy.yaml @@ -15,7 +15,7 @@ spec: serviceAccountName: csi-mock containers: - name: csi-provisioner - image: registry.k8s.io/sig-storage/csi-provisioner:v3.4.0 + image: registry.k8s.io/sig-storage/csi-provisioner:v4.0.0 args: - "--csi-address=$(ADDRESS)" # Topology support is needed for the pod rescheduling test @@ -35,7 +35,7 @@ spec: - mountPath: /csi name: socket-dir - name: driver-registrar - image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.5.1 + image: registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.10.0 args: - --v=5 - --csi-address=/csi/csi.sock @@ -53,7 +53,7 @@ spec: - mountPath: /registration name: registration-dir - name: mock - image: registry.k8s.io/sig-storage/hostpathplugin:v1.9.0 + image: registry.k8s.io/sig-storage/hostpathplugin:v1.13.0 args: - -v=5 - -nodeid=$(KUBE_NODE_NAME) diff --git a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/update-hostpath.sh b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/update-hostpath.sh index ce60b39bc3..122de0d18b 100644 --- a/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/update-hostpath.sh +++ b/vendor/k8s.io/kubernetes/test/e2e/testing-manifests/storage-csi/update-hostpath.sh @@ -137,5 +137,5 @@ done grep -r image: hostpath/hostpath/csi-hostpath-plugin.yaml | while read -r image; do version=$(echo "$image" | sed -e 's/.*:\(.*\)/\1/') image=$(echo "$image" | sed -e 's/.*image: \([^:]*\).*/\1/') - sed -i -e "s;$image:.*;$image:$version;" mock/*.yaml + sed -i '' -e "s;$image:.*;$image:$version;" mock/*.yaml done diff --git a/vendor/k8s.io/kubernetes/test/utils/image/manifest.go b/vendor/k8s.io/kubernetes/test/utils/image/manifest.go index 4175c93940..4e4118876e 100644 --- a/vendor/k8s.io/kubernetes/test/utils/image/manifest.go +++ b/vendor/k8s.io/kubernetes/test/utils/image/manifest.go @@ -232,7 +232,7 @@ const ( func initImageConfigs(list RegistryList) (map[ImageID]Config, map[ImageID]Config) { configs := map[ImageID]Config{} - configs[Agnhost] = Config{list.PromoterE2eRegistry, "agnhost", "2.45"} + configs[Agnhost] = Config{list.PromoterE2eRegistry, "agnhost", "2.47"} configs[AgnhostPrivate] = Config{list.PrivateRegistry, "agnhost", "2.6"} configs[AuthenticatedAlpine] = Config{list.GcAuthenticatedRegistry, "alpine", "3.7"} configs[AuthenticatedWindowsNanoServer] = Config{list.GcAuthenticatedRegistry, "windows-nanoserver", "v1"} @@ -241,8 +241,8 @@ func initImageConfigs(list RegistryList) (map[ImageID]Config, map[ImageID]Config configs[BusyBox] = Config{list.PromoterE2eRegistry, "busybox", "1.36.1-1"} configs[CudaVectorAdd] = Config{list.PromoterE2eRegistry, "cuda-vector-add", "1.0"} configs[CudaVectorAdd2] = Config{list.PromoterE2eRegistry, "cuda-vector-add", "2.3"} - configs[DistrolessIptables] = Config{list.BuildImageRegistry, "distroless-iptables", "v0.4.4"} - configs[Etcd] = Config{list.GcEtcdRegistry, "etcd", "3.5.10-0"} + configs[DistrolessIptables] = Config{list.BuildImageRegistry, "distroless-iptables", "v0.5.9"} + configs[Etcd] = Config{list.GcEtcdRegistry, "etcd", "3.5.16-0"} configs[Httpd] = Config{list.PromoterE2eRegistry, "httpd", "2.4.38-4"} configs[HttpdNew] = Config{list.PromoterE2eRegistry, "httpd", "2.4.39-4"} configs[InvalidRegistryImage] = Config{list.InvalidRegistry, "alpine", "3.1"} diff --git a/vendor/k8s.io/mount-utils/mount_helper_unix.go b/vendor/k8s.io/mount-utils/mount_helper_unix.go index 9193e7c8d2..1c603dca7a 100644 --- a/vendor/k8s.io/mount-utils/mount_helper_unix.go +++ b/vendor/k8s.io/mount-utils/mount_helper_unix.go @@ -61,7 +61,13 @@ func IsCorruptedMnt(err error) bool { underlyingError = err } - return underlyingError == syscall.ENOTCONN || underlyingError == syscall.ESTALE || underlyingError == syscall.EIO || underlyingError == syscall.EACCES || underlyingError == syscall.EHOSTDOWN || underlyingError == syscall.EWOULDBLOCK + return errors.Is(underlyingError, syscall.ENOTCONN) || + errors.Is(underlyingError, syscall.ESTALE) || + errors.Is(underlyingError, syscall.EIO) || + errors.Is(underlyingError, syscall.EACCES) || + errors.Is(underlyingError, syscall.EHOSTDOWN) || + errors.Is(underlyingError, syscall.EWOULDBLOCK) || + errors.Is(underlyingError, syscall.ENODEV) } // MountInfo represents a single line in /proc//mountinfo. diff --git a/vendor/modules.txt b/vendor/modules.txt index 0bd6a8ad6d..bd238c2eea 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -285,7 +285,7 @@ github.com/opencontainers/go-digest ## explicit; go 1.19 github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/oracle/oci-go-sdk/v65 v65.56.0 +# github.com/oracle/oci-go-sdk/v65 v65.79.0 ## explicit; go 1.13 github.com/oracle/oci-go-sdk/v65/common github.com/oracle/oci-go-sdk/v65/common/auth @@ -303,6 +303,9 @@ github.com/pelletier/go-toml # github.com/pkg/errors v0.9.1 ## explicit github.com/pkg/errors +# github.com/pmezard/go-difflib v1.0.0 +## explicit +github.com/pmezard/go-difflib/difflib # github.com/prometheus/client_golang v1.17.0 => github.com/prometheus/client_golang v1.16.0 ## explicit; go 1.17 github.com/prometheus/client_golang/prometheus @@ -350,6 +353,9 @@ github.com/spf13/viper # github.com/stoewer/go-strcase v1.3.0 ## explicit; go 1.11 github.com/stoewer/go-strcase +# github.com/stretchr/testify v1.9.0 +## explicit; go 1.17 +github.com/stretchr/testify/assert # github.com/subosito/gotenv v1.2.0 ## explicit github.com/subosito/gotenv @@ -413,6 +419,7 @@ go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal/retry ## explicit; go 1.20 go.opentelemetry.io/otel/metric go.opentelemetry.io/otel/metric/embedded +go.opentelemetry.io/otel/metric/noop # go.opentelemetry.io/otel/sdk v1.21.0 ## explicit; go 1.20 go.opentelemetry.io/otel/sdk @@ -465,7 +472,7 @@ golang.org/x/exp/slices # golang.org/x/mod v0.14.0 ## explicit; go 1.18 golang.org/x/mod/semver -# golang.org/x/net v0.21.0 +# golang.org/x/net v0.23.0 ## explicit; go 1.18 golang.org/x/net/bpf golang.org/x/net/context @@ -693,7 +700,7 @@ gopkg.in/yaml.v2 # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/api v0.29.1 => k8s.io/api v0.29.1 +# k8s.io/api v0.29.11 => k8s.io/api v0.29.11 ## explicit; go 1.21 k8s.io/api/admission/v1 k8s.io/api/admission/v1beta1 @@ -749,7 +756,7 @@ k8s.io/api/scheduling/v1beta1 k8s.io/api/storage/v1 k8s.io/api/storage/v1alpha1 k8s.io/api/storage/v1beta1 -# k8s.io/apiextensions-apiserver v0.29.1 => k8s.io/apiextensions-apiserver v0.29.1 +# k8s.io/apiextensions-apiserver v0.29.11 => k8s.io/apiextensions-apiserver v0.29.11 ## explicit; go 1.21 k8s.io/apiextensions-apiserver/pkg/apis/apiextensions k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 @@ -761,7 +768,7 @@ k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/scheme k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1 k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1 k8s.io/apiextensions-apiserver/pkg/features -# k8s.io/apimachinery v0.29.1 => k8s.io/apimachinery v0.29.1 +# k8s.io/apimachinery v0.29.11 => k8s.io/apimachinery v0.29.11 ## explicit; go 1.21 k8s.io/apimachinery/pkg/api/equality k8s.io/apimachinery/pkg/api/errors @@ -824,7 +831,7 @@ k8s.io/apimachinery/pkg/watch k8s.io/apimachinery/third_party/forked/golang/json k8s.io/apimachinery/third_party/forked/golang/netutil k8s.io/apimachinery/third_party/forked/golang/reflect -# k8s.io/apiserver v0.29.1 => k8s.io/apiserver v0.29.1 +# k8s.io/apiserver v0.29.11 => k8s.io/apiserver v0.29.11 ## explicit; go 1.21 k8s.io/apiserver/pkg/admission k8s.io/apiserver/pkg/admission/cel @@ -972,7 +979,7 @@ k8s.io/apiserver/plugin/pkg/audit/truncate k8s.io/apiserver/plugin/pkg/audit/webhook k8s.io/apiserver/plugin/pkg/authenticator/token/webhook k8s.io/apiserver/plugin/pkg/authorizer/webhook -# k8s.io/client-go v1.5.2 => k8s.io/client-go v0.29.1 +# k8s.io/client-go v1.5.2 => k8s.io/client-go v0.29.11 ## explicit; go 1.21 k8s.io/client-go/applyconfigurations/admissionregistration/v1 k8s.io/client-go/applyconfigurations/admissionregistration/v1alpha1 @@ -1298,7 +1305,7 @@ k8s.io/client-go/util/homedir k8s.io/client-go/util/keyutil k8s.io/client-go/util/retry k8s.io/client-go/util/workqueue -# k8s.io/cloud-provider v0.29.1 => k8s.io/cloud-provider v0.29.1 +# k8s.io/cloud-provider v0.29.11 => k8s.io/cloud-provider v0.29.11 ## explicit; go 1.21 k8s.io/cloud-provider k8s.io/cloud-provider/api @@ -1321,7 +1328,7 @@ k8s.io/cloud-provider/options k8s.io/cloud-provider/service/helpers k8s.io/cloud-provider/volume k8s.io/cloud-provider/volume/helpers -# k8s.io/component-base v0.29.1 => k8s.io/component-base v0.29.1 +# k8s.io/component-base v0.29.11 => k8s.io/component-base v0.29.11 ## explicit; go 1.21 k8s.io/component-base/cli/flag k8s.io/component-base/cli/globalflag @@ -1350,14 +1357,14 @@ k8s.io/component-base/tracing k8s.io/component-base/tracing/api/v1 k8s.io/component-base/version k8s.io/component-base/version/verflag -# k8s.io/component-helpers v0.29.1 => k8s.io/component-helpers v0.29.1 +# k8s.io/component-helpers v0.29.11 => k8s.io/component-helpers v0.29.11 ## explicit; go 1.21 k8s.io/component-helpers/node/topology k8s.io/component-helpers/node/util k8s.io/component-helpers/node/util/sysctl k8s.io/component-helpers/scheduling/corev1 k8s.io/component-helpers/scheduling/corev1/nodeaffinity -# k8s.io/controller-manager v0.29.1 => k8s.io/controller-manager v0.29.1 +# k8s.io/controller-manager v0.29.11 => k8s.io/controller-manager v0.29.11 ## explicit; go 1.21 k8s.io/controller-manager/app k8s.io/controller-manager/config @@ -1374,7 +1381,7 @@ k8s.io/controller-manager/pkg/informerfactory k8s.io/controller-manager/pkg/leadermigration k8s.io/controller-manager/pkg/leadermigration/config k8s.io/controller-manager/pkg/leadermigration/options -# k8s.io/csi-translation-lib v0.29.1 => k8s.io/csi-translation-lib v0.29.1 +# k8s.io/csi-translation-lib v0.29.11 => k8s.io/csi-translation-lib v0.29.11 ## explicit; go 1.21 # k8s.io/klog v1.0.0 ## explicit; go 1.12 @@ -1388,7 +1395,7 @@ k8s.io/klog/v2/internal/dbg k8s.io/klog/v2/internal/serialize k8s.io/klog/v2/internal/severity k8s.io/klog/v2/internal/sloghandler -# k8s.io/kms v0.29.1 => k8s.io/kms v0.29.1 +# k8s.io/kms v0.29.11 => k8s.io/kms v0.29.11 ## explicit; go 1.21 k8s.io/kms/apis/v1beta1 k8s.io/kms/apis/v2 @@ -1415,16 +1422,16 @@ k8s.io/kube-openapi/pkg/validation/errors k8s.io/kube-openapi/pkg/validation/spec k8s.io/kube-openapi/pkg/validation/strfmt k8s.io/kube-openapi/pkg/validation/strfmt/bson -# k8s.io/kube-scheduler v0.0.0 => k8s.io/kube-scheduler v0.29.1 +# k8s.io/kube-scheduler v0.0.0 => k8s.io/kube-scheduler v0.29.11 ## explicit; go 1.21 k8s.io/kube-scheduler/extender/v1 -# k8s.io/kubectl v0.29.1 => k8s.io/kubectl v0.29.1 +# k8s.io/kubectl v0.29.11 => k8s.io/kubectl v0.29.11 ## explicit; go 1.21 k8s.io/kubectl/pkg/scale -# k8s.io/kubelet v0.29.1 => k8s.io/kubelet v0.29.1 +# k8s.io/kubelet v0.29.11 => k8s.io/kubelet v0.29.11 ## explicit; go 1.21 k8s.io/kubelet/pkg/apis -# k8s.io/kubernetes v1.29.1 => k8s.io/kubernetes v1.29.1 +# k8s.io/kubernetes v1.29.11 => k8s.io/kubernetes v1.29.11 ## explicit; go 1.21 k8s.io/kubernetes/pkg/api/legacyscheme k8s.io/kubernetes/pkg/api/service @@ -1483,7 +1490,7 @@ k8s.io/kubernetes/test/e2e/framework/testfiles k8s.io/kubernetes/test/e2e/testing-manifests k8s.io/kubernetes/test/utils k8s.io/kubernetes/test/utils/image -# k8s.io/mount-utils v0.29.1 => k8s.io/mount-utils v0.29.1 +# k8s.io/mount-utils v0.29.11 => k8s.io/mount-utils v0.29.11 ## explicit; go 1.21 k8s.io/mount-utils # k8s.io/utils v0.0.0-20230726121419-3b25d923346b @@ -1505,7 +1512,7 @@ k8s.io/utils/pointer k8s.io/utils/ptr k8s.io/utils/strings/slices k8s.io/utils/trace -# sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.3 +# sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 ## explicit; go 1.20 sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics @@ -1534,32 +1541,24 @@ sigs.k8s.io/yaml/goyaml.v2 # github.com/docker/docker => github.com/docker/engine v0.0.0-20181106193140-f5749085e9cb # github.com/prometheus/client_golang => github.com/prometheus/client_golang v1.16.0 # google.golang.org/grpc => google.golang.org/grpc v1.60.1 -# k8s.io/api => k8s.io/api v0.29.1 -# k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.1 -# k8s.io/apimachinery => k8s.io/apimachinery v0.29.1 -# k8s.io/apiserver => k8s.io/apiserver v0.29.1 -# k8s.io/cli-runtime => k8s.io/cli-runtime v0.29.1 -# k8s.io/client-go => k8s.io/client-go v0.29.1 -# k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.1 -# k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.29.1 -# k8s.io/code-generator => k8s.io/code-generator v0.29.1 -# k8s.io/component-base => k8s.io/component-base v0.29.1 -# k8s.io/component-helpers => k8s.io/component-helpers v0.29.1 -# k8s.io/controller-manager => k8s.io/controller-manager v0.29.1 -# k8s.io/cri-api => k8s.io/cri-api v0.29.1 -# k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.1 -# k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.29.1 +# k8s.io/api => k8s.io/api v0.29.11 +# k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.29.11 +# k8s.io/apimachinery => k8s.io/apimachinery v0.29.11 +# k8s.io/apiserver => k8s.io/apiserver v0.29.11 +# k8s.io/client-go => k8s.io/client-go v0.29.11 +# k8s.io/cloud-provider => k8s.io/cloud-provider v0.29.11 +# k8s.io/component-base => k8s.io/component-base v0.29.11 +# k8s.io/component-helpers => k8s.io/component-helpers v0.29.11 +# k8s.io/controller-manager => k8s.io/controller-manager v0.29.11 +# k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.29.11 +# k8s.io/dynamic-resource-allocation => k8s.io/dynamic-resource-allocation v0.29.11 # k8s.io/endpointslice => k8s.io/kubernetes/staging/src/k8s.io/endpointslice v0.0.0-20230810203337-add7e14df11e -# k8s.io/kms => k8s.io/kms v0.29.1 -# k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.1 -# k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.1 -# k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.1 -# k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.1 -# k8s.io/kubectl => k8s.io/kubectl v0.29.1 -# k8s.io/kubelet => k8s.io/kubelet v0.29.1 -# k8s.io/kubernetes => k8s.io/kubernetes v1.29.1 -# k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.29.1 -# k8s.io/metrics => k8s.io/metrics v0.29.1 -# k8s.io/mount-utils => k8s.io/mount-utils v0.29.1 -# k8s.io/pod-security-admission => k8s.io/pod-security-admission v0.29.1 -# k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.29.1 +# k8s.io/kms => k8s.io/kms v0.29.11 +# k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.29.11 +# k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.29.11 +# k8s.io/kube-proxy => k8s.io/kube-proxy v0.29.11 +# k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.29.11 +# k8s.io/kubectl => k8s.io/kubectl v0.29.11 +# k8s.io/kubelet => k8s.io/kubelet v0.29.11 +# k8s.io/kubernetes => k8s.io/kubernetes v1.29.11 +# k8s.io/mount-utils => k8s.io/mount-utils v0.29.11