From ebbc0fd4a217066aa2d91e4f85bf52c5c8a976c5 Mon Sep 17 00:00:00 2001 From: Rene Dekker Date: Tue, 3 Feb 2026 11:01:40 -0800 Subject: [PATCH] Fix make gen-versions --- config/enterprise_versions.yml | 2 +- ...d.projectcalico.org_bgpconfigurations.yaml | 20 +++++++ .../crd.projectcalico.org_bgpfilters.yaml | 52 ++++++++++++++++++ .../crd.projectcalico.org_bgppeers.yaml | 26 ++++----- ....projectcalico.org_caliconodestatuses.yaml | 52 ++++++++++++++++++ ...projectcalico.org_felixconfigurations.yaml | 4 ++ ...ojectcalico.org_globalnetworkpolicies.yaml | 48 +++++++++++++++++ ...d.projectcalico.org_globalnetworksets.yaml | 1 + .../crd.projectcalico.org_hostendpoints.yaml | 4 ++ .../calico/crd.projectcalico.org_ippools.yaml | 25 +++++---- .../crd.projectcalico.org_ipreservations.yaml | 2 + ...ico.org_kubecontrollersconfigurations.yaml | 52 ++++++++++++++++++ ...crd.projectcalico.org_networkpolicies.yaml | 48 +++++++++++++++++ .../crd.projectcalico.org_networksets.yaml | 1 + ...alico.org_stagedglobalnetworkpolicies.yaml | 53 +++++++++++++++++++ ...o.org_stagedkubernetesnetworkpolicies.yaml | 8 +++ ...ojectcalico.org_stagednetworkpolicies.yaml | 53 +++++++++++++++++++ .../calico/crd.projectcalico.org_tiers.yaml | 12 +++-- ...projectcalico.org_felixconfigurations.yaml | 27 ++-------- ...ojectcalico.org_globalnetworkpolicies.yaml | 1 - ...ico.org_kubecontrollersconfigurations.yaml | 18 ------- ...crd.projectcalico.org_networkpolicies.yaml | 1 - ...alico.org_stagedglobalnetworkpolicies.yaml | 1 - ...ojectcalico.org_stagednetworkpolicies.yaml | 1 - 24 files changed, 441 insertions(+), 71 deletions(-) diff --git a/config/enterprise_versions.yml b/config/enterprise_versions.yml index 20560080f0..409a2bda75 100644 --- a/config/enterprise_versions.yml +++ b/config/enterprise_versions.yml @@ -2,7 +2,7 @@ title: master components: libcalico-go: - version: master + version: release-calient-v3.23-1 manager: image: manager version: master diff --git a/pkg/crds/calico/crd.projectcalico.org_bgpconfigurations.yaml b/pkg/crds/calico/crd.projectcalico.org_bgpconfigurations.yaml index 1d10c04c90..b01b07be67 100644 --- a/pkg/crds/calico/crd.projectcalico.org_bgpconfigurations.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_bgpconfigurations.yaml @@ -30,6 +30,9 @@ spec: format: int32 type: integer bindMode: + enum: + - None + - NodeIP type: string communities: items: @@ -40,11 +43,14 @@ spec: pattern: ^(\d+):(\d+)$|^(\d+):(\d+):(\d+)$ type: string type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: set ignoredInterfaces: items: type: string type: array + x-kubernetes-list-type: set listenPort: maximum: 65535 minimum: 1 @@ -54,6 +60,8 @@ spec: localWorkloadPeeringIPV6: type: string logSeverityScreen: + default: Info + pattern: ^(?i)(Trace|Debug|Info|Warning|Error|Fatal)?$ type: string nodeMeshMaxRestartTime: type: string @@ -79,27 +87,36 @@ spec: items: properties: cidr: + format: cidr type: string communities: items: type: string type: array type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: set serviceClusterIPs: items: properties: cidr: + format: cidr type: string type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: set serviceExternalIPs: items: properties: cidr: + format: cidr type: string type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: set serviceLoadBalancerAggregation: default: Enabled enum: @@ -110,9 +127,12 @@ spec: items: properties: cidr: + format: cidr type: string type: object + x-kubernetes-map-type: atomic type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_bgpfilters.yaml b/pkg/crds/calico/crd.projectcalico.org_bgpfilters.yaml index 826d3f2c4f..3eb7eb8796 100644 --- a/pkg/crds/calico/crd.projectcalico.org_bgpfilters.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_bgpfilters.yaml @@ -30,12 +30,21 @@ spec: items: properties: action: + enum: + - Accept + - Reject type: string cidr: + format: cidr type: string interface: type: string matchOperator: + enum: + - Equal + - NotEqual + - In + - NotIn type: string prefixLength: properties: @@ -50,22 +59,35 @@ spec: minimum: 0 type: integer type: object + x-kubernetes-map-type: atomic source: + enum: + - RemotePeers type: string required: - action type: object + x-kubernetes-map-type: atomic type: array exportV6: items: properties: action: + enum: + - Accept + - Reject type: string cidr: + format: cidr type: string interface: type: string matchOperator: + enum: + - Equal + - NotEqual + - In + - NotIn type: string prefixLength: properties: @@ -80,22 +102,35 @@ spec: minimum: 0 type: integer type: object + x-kubernetes-map-type: atomic source: + enum: + - RemotePeers type: string required: - action type: object + x-kubernetes-map-type: atomic type: array importV4: items: properties: action: + enum: + - Accept + - Reject type: string cidr: + format: cidr type: string interface: type: string matchOperator: + enum: + - Equal + - NotEqual + - In + - NotIn type: string prefixLength: properties: @@ -110,22 +145,35 @@ spec: minimum: 0 type: integer type: object + x-kubernetes-map-type: atomic source: + enum: + - RemotePeers type: string required: - action type: object + x-kubernetes-map-type: atomic type: array importV6: items: properties: action: + enum: + - Accept + - Reject type: string cidr: + format: cidr type: string interface: type: string matchOperator: + enum: + - Equal + - NotEqual + - In + - NotIn type: string prefixLength: properties: @@ -140,11 +188,15 @@ spec: minimum: 0 type: integer type: object + x-kubernetes-map-type: atomic source: + enum: + - RemotePeers type: string required: - action type: object + x-kubernetes-map-type: atomic type: array type: object type: object diff --git a/pkg/crds/calico/crd.projectcalico.org_bgppeers.yaml b/pkg/crds/calico/crd.projectcalico.org_bgppeers.yaml index 8e05dbc193..ce6220f994 100644 --- a/pkg/crds/calico/crd.projectcalico.org_bgppeers.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_bgppeers.yaml @@ -45,15 +45,10 @@ spec: maxRestartTime: type: string nextHopMode: - allOf: - - enum: - - Auto - - Self - - Keep - - enum: - - Auto - - Self - - Keep + enum: + - Auto + - Self + - Keep type: string node: type: string @@ -85,11 +80,18 @@ spec: reachableBy: type: string reversePeering: - enum: - - Auto - - Manual + allOf: + - enum: + - Auto + - Manual + - enum: + - Auto + - Manual type: string sourceAddress: + enum: + - UseNodeIP + - None type: string ttlSecurity: type: integer diff --git a/pkg/crds/calico/crd.projectcalico.org_caliconodestatuses.yaml b/pkg/crds/calico/crd.projectcalico.org_caliconodestatuses.yaml index 166fa6d545..c9e04ba6e3 100644 --- a/pkg/crds/calico/crd.projectcalico.org_caliconodestatuses.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_caliconodestatuses.yaml @@ -28,6 +28,10 @@ spec: properties: classes: items: + enum: + - Agent + - BGP + - Routes type: string type: array node: @@ -49,6 +53,9 @@ spec: routerID: type: string state: + enum: + - Ready + - NotReady type: string version: type: string @@ -62,6 +69,9 @@ spec: routerID: type: string state: + enum: + - Ready + - NotReady type: string version: type: string @@ -85,8 +95,20 @@ spec: since: type: string state: + enum: + - Idle + - Connect + - Active + - OpenSent + - OpenConfirm + - Established + - Close type: string type: + enum: + - NodeMesh + - NodePeer + - GlobalPeer type: string type: object type: array @@ -98,8 +120,20 @@ spec: since: type: string state: + enum: + - Idle + - Connect + - Active + - OpenSent + - OpenConfirm + - Established + - Close type: string type: + enum: + - NodeMesh + - NodePeer + - GlobalPeer type: string type: object type: array @@ -129,9 +163,18 @@ spec: peerIP: type: string sourceType: + enum: + - Kernel + - Static + - Direct + - NodeMesh + - BGPPeer type: string type: object type: + enum: + - FIB + - RIB type: string type: object type: array @@ -149,9 +192,18 @@ spec: peerIP: type: string sourceType: + enum: + - Kernel + - Static + - Direct + - NodeMesh + - BGPPeer type: string type: object type: + enum: + - FIB + - RIB type: string type: object type: array diff --git a/pkg/crds/calico/crd.projectcalico.org_felixconfigurations.yaml b/pkg/crds/calico/crd.projectcalico.org_felixconfigurations.yaml index 89d9263ad3..f6efec65c5 100644 --- a/pkg/crds/calico/crd.projectcalico.org_felixconfigurations.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_felixconfigurations.yaml @@ -803,6 +803,10 @@ spec: Warning: changing this on a running system can leave "orphaned" rules in the "other" backend. These should be cleaned up to avoid confusing interactions. + enum: + - Legacy + - NFT + - Auto pattern: ^(?i)(Auto|Legacy|NFT)?$ type: string iptablesFilterAllowAction: diff --git a/pkg/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml b/pkg/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml index a9035d842f..5b6335d920 100644 --- a/pkg/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_globalnetworkpolicies.yaml @@ -34,6 +34,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -43,6 +48,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -73,6 +79,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -103,11 +110,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -119,8 +133,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -143,6 +161,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -173,6 +192,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -192,6 +212,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -201,6 +226,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -231,6 +257,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -261,11 +288,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -277,8 +311,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -301,6 +339,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -331,6 +370,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -352,6 +392,8 @@ spec: type: number performanceHints: items: + enum: + - AssumeNeededOnEveryNode type: string type: array preDNAT: @@ -365,8 +407,14 @@ spec: type: string types: items: + enum: + - Ingress + - Egress type: string + maxItems: 2 + minItems: 1 type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_globalnetworksets.yaml b/pkg/crds/calico/crd.projectcalico.org_globalnetworksets.yaml index 11c0576057..615c08528b 100644 --- a/pkg/crds/calico/crd.projectcalico.org_globalnetworksets.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_globalnetworksets.yaml @@ -30,6 +30,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_hostendpoints.yaml b/pkg/crds/calico/crd.projectcalico.org_hostendpoints.yaml index d9b542930e..bd72742527 100644 --- a/pkg/crds/calico/crd.projectcalico.org_hostendpoints.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_hostendpoints.yaml @@ -30,6 +30,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set interfaceName: type: string node: @@ -40,6 +41,8 @@ spec: name: type: string port: + maximum: 65535 + minimum: 0 type: integer protocol: anyOf: @@ -57,6 +60,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_ippools.yaml b/pkg/crds/calico/crd.projectcalico.org_ippools.yaml index 3e029cd922..afe3963be8 100644 --- a/pkg/crds/calico/crd.projectcalico.org_ippools.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_ippools.yaml @@ -28,8 +28,13 @@ spec: properties: allowedUses: items: + enum: + - Workload + - Tunnel + - LoadBalancer type: string type: array + x-kubernetes-list-type: set assignmentMode: default: Automatic enum: @@ -37,31 +42,33 @@ spec: - Manual type: string blockSize: + maximum: 128 + minimum: 0 type: integer cidr: + format: cidr type: string disableBGPExport: type: boolean disabled: type: boolean - ipip: - properties: - enabled: - type: boolean - mode: - type: string - type: object ipipMode: + enum: + - Never + - Always + - CrossSubnet type: string namespaceSelector: type: string - nat-outgoing: - type: boolean natOutgoing: type: boolean nodeSelector: type: string vxlanMode: + enum: + - Never + - Always + - CrossSubnet type: string required: - cidr diff --git a/pkg/crds/calico/crd.projectcalico.org_ipreservations.yaml b/pkg/crds/calico/crd.projectcalico.org_ipreservations.yaml index 61ddf451f1..251ba2b7be 100644 --- a/pkg/crds/calico/crd.projectcalico.org_ipreservations.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_ipreservations.yaml @@ -27,9 +27,11 @@ spec: spec: properties: reservedCIDRs: + format: cidr items: type: string type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_kubecontrollersconfigurations.yaml b/pkg/crds/calico/crd.projectcalico.org_kubecontrollersconfigurations.yaml index 80848a80b2..17bb1b4133 100644 --- a/pkg/crds/calico/crd.projectcalico.org_kubecontrollersconfigurations.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_kubecontrollersconfigurations.yaml @@ -32,6 +32,9 @@ spec: properties: assignIPs: default: AllServices + enum: + - AllServices + - RequestedServicesOnly type: string type: object namespace: @@ -44,6 +47,9 @@ spec: hostEndpoint: properties: autoCreate: + enum: + - Enabled + - Disabled type: string createDefaultHostEndpoint: type: string @@ -57,6 +63,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set interfacePattern: type: string labels: @@ -73,6 +80,9 @@ spec: reconcilerPeriod: type: string syncLabels: + enum: + - Enabled + - Disabled type: string type: object policy: @@ -102,14 +112,30 @@ spec: type: object debugProfilePort: format: int32 + maximum: 65535 + minimum: 0 type: integer etcdV3CompactionPeriod: type: string healthChecks: + default: Enabled + enum: + - Enabled + - Disabled type: string logSeverityScreen: + enum: + - None + - Debug + - Info + - Warning + - Error + - Fatal + - Panic type: string prometheusMetricsPort: + maximum: 65535 + minimum: 0 type: integer required: - controllers @@ -128,6 +154,9 @@ spec: properties: assignIPs: default: AllServices + enum: + - AllServices + - RequestedServicesOnly type: string type: object namespace: @@ -140,6 +169,9 @@ spec: hostEndpoint: properties: autoCreate: + enum: + - Enabled + - Disabled type: string createDefaultHostEndpoint: type: string @@ -153,6 +185,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set interfacePattern: type: string labels: @@ -169,6 +202,9 @@ spec: reconcilerPeriod: type: string syncLabels: + enum: + - Enabled + - Disabled type: string type: object policy: @@ -198,14 +234,30 @@ spec: type: object debugProfilePort: format: int32 + maximum: 65535 + minimum: 0 type: integer etcdV3CompactionPeriod: type: string healthChecks: + default: Enabled + enum: + - Enabled + - Disabled type: string logSeverityScreen: + enum: + - None + - Debug + - Info + - Warning + - Error + - Fatal + - Panic type: string prometheusMetricsPort: + maximum: 65535 + minimum: 0 type: integer required: - controllers diff --git a/pkg/crds/calico/crd.projectcalico.org_networkpolicies.yaml b/pkg/crds/calico/crd.projectcalico.org_networkpolicies.yaml index e18c0014ed..3b13ce4183 100644 --- a/pkg/crds/calico/crd.projectcalico.org_networkpolicies.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_networkpolicies.yaml @@ -30,6 +30,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -39,6 +44,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -69,6 +75,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -99,11 +106,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -115,8 +129,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -139,6 +157,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -169,6 +188,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -188,6 +208,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -197,6 +222,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -227,6 +253,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -257,11 +284,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -273,8 +307,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -297,6 +335,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -327,6 +366,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -346,6 +386,8 @@ spec: type: number performanceHints: items: + enum: + - AssumeNeededOnEveryNode type: string type: array selector: @@ -357,8 +399,14 @@ spec: type: string types: items: + enum: + - Ingress + - Egress type: string + maxItems: 2 + minItems: 1 type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_networksets.yaml b/pkg/crds/calico/crd.projectcalico.org_networksets.yaml index 26b2f55e47..7e43fbd8f0 100644 --- a/pkg/crds/calico/crd.projectcalico.org_networksets.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_networksets.yaml @@ -30,6 +30,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml b/pkg/crds/calico/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml index 50027b986e..8230107393 100644 --- a/pkg/crds/calico/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml @@ -34,6 +34,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -43,6 +48,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -73,6 +79,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -103,11 +110,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -119,8 +133,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -143,6 +161,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -173,6 +192,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -192,6 +212,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -201,6 +226,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -231,6 +257,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -261,11 +288,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -277,8 +311,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -301,6 +339,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -331,6 +370,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -352,6 +392,8 @@ spec: type: number performanceHints: items: + enum: + - AssumeNeededOnEveryNode type: string type: array preDNAT: @@ -361,14 +403,25 @@ spec: serviceAccountSelector: type: string stagedAction: + enum: + - Set + - Delete + - Learn + - Ignore type: string tier: default: default type: string types: items: + enum: + - Ingress + - Egress type: string + maxItems: 2 + minItems: 1 type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_stagedkubernetesnetworkpolicies.yaml b/pkg/crds/calico/crd.projectcalico.org_stagedkubernetesnetworkpolicies.yaml index 094fc67791..242e6cd2cb 100644 --- a/pkg/crds/calico/crd.projectcalico.org_stagedkubernetesnetworkpolicies.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_stagedkubernetesnetworkpolicies.yaml @@ -237,8 +237,16 @@ spec: policyTypes: items: type: string + maxItems: 2 + minItems: 1 type: array + x-kubernetes-list-type: set stagedAction: + enum: + - Set + - Delete + - Learn + - Ignore type: string type: object type: object diff --git a/pkg/crds/calico/crd.projectcalico.org_stagednetworkpolicies.yaml b/pkg/crds/calico/crd.projectcalico.org_stagednetworkpolicies.yaml index a2892ac3f8..99c60f94f6 100644 --- a/pkg/crds/calico/crd.projectcalico.org_stagednetworkpolicies.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_stagednetworkpolicies.yaml @@ -30,6 +30,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -39,6 +44,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -69,6 +75,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -99,11 +106,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -115,8 +129,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -139,6 +157,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -169,6 +188,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -188,6 +208,11 @@ spec: items: properties: action: + enum: + - Allow + - Deny + - Log + - Pass type: string destination: properties: @@ -197,6 +222,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -227,6 +253,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -257,11 +284,18 @@ spec: icmp: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object ipVersion: + enum: + - 4 + - 6 type: integer metadata: properties: @@ -273,8 +307,12 @@ spec: notICMP: properties: code: + maximum: 255 + minimum: 0 type: integer type: + maximum: 255 + minimum: 0 type: integer type: object notProtocol: @@ -297,6 +335,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set notNets: items: type: string @@ -327,6 +366,7 @@ spec: items: type: string type: array + x-kubernetes-list-type: set selector: type: string type: object @@ -346,6 +386,8 @@ spec: type: number performanceHints: items: + enum: + - AssumeNeededOnEveryNode type: string type: array selector: @@ -353,14 +395,25 @@ spec: serviceAccountSelector: type: string stagedAction: + enum: + - Set + - Delete + - Learn + - Ignore type: string tier: default: default type: string types: items: + enum: + - Ingress + - Egress type: string + maxItems: 2 + minItems: 1 type: array + x-kubernetes-list-type: set type: object type: object served: true diff --git a/pkg/crds/calico/crd.projectcalico.org_tiers.yaml b/pkg/crds/calico/crd.projectcalico.org_tiers.yaml index 430a51625f..e74d9238a3 100644 --- a/pkg/crds/calico/crd.projectcalico.org_tiers.yaml +++ b/pkg/crds/calico/crd.projectcalico.org_tiers.yaml @@ -27,9 +27,15 @@ spec: spec: properties: defaultAction: - enum: - - Pass - - Deny + allOf: + - enum: + - Allow + - Deny + - Log + - Pass + - enum: + - Pass + - Deny type: string order: type: number diff --git a/pkg/crds/enterprise/crd.projectcalico.org_felixconfigurations.yaml b/pkg/crds/enterprise/crd.projectcalico.org_felixconfigurations.yaml index 248ee47098..1769224f22 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_felixconfigurations.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_felixconfigurations.yaml @@ -1474,19 +1474,6 @@ spec: [Default: 300s] pattern: ^([0-9]+(\\.[0-9]+)?(ms|s|m|h))*$ type: string - logActionRateLimit: - description: |- - LogActionRateLimit sets the rate of hitting a Log action. The value must be in the format "N/unit", - where N is a number and unit is one of: second, minute, hour, or day. For example: "10/second" or "100/hour". - pattern: ^[1-9]\d{0,3}/(?:second|minute|hour|day)$ - type: string - logActionRateLimitBurst: - description: - LogActionRateLimitBurst sets the rate limit burst of - hitting a Log action when LogActionRateLimit is enabled. - maximum: 9999 - minimum: 0 - type: integer logDebugFilenameRegex: description: |- LogDebugFilenameRegex controls which source code files have their Debug log output included in the logs. @@ -1504,17 +1491,9 @@ spec: none to disable file logging. [Default: /var/log/calico/felix.log]" type: string logPrefix: - description: |- - LogPrefix is the log prefix that Felix uses when rendering LOG rules. It is possible to use the following specifiers - to include extra information in the log prefix. - - %t: Tier name. - - %k: Kind (short names). - - %n: Policy or profile name. - - %p: Policy or profile name (namespace/name for namespaced kinds or just name for non namespaced kinds). - Calico includes ": " characters at the end of the generated log prefix. - Note that iptables shows up to 29 characters for the log prefix and nftables up to 127 characters. Extra characters are truncated. - [Default: calico-packet] - pattern: "^([a-zA-Z0-9%: /_-])*$" + description: + "LogPrefix is the log prefix that Felix uses when rendering + LOG rules. [Default: calico-packet]" type: string logSeverityFile: description: diff --git a/pkg/crds/enterprise/crd.projectcalico.org_globalnetworkpolicies.yaml b/pkg/crds/enterprise/crd.projectcalico.org_globalnetworkpolicies.yaml index 1dff15c9a9..3310be7b60 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_globalnetworkpolicies.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_globalnetworkpolicies.yaml @@ -411,7 +411,6 @@ spec: serviceAccountSelector: type: string tier: - default: default type: string types: items: diff --git a/pkg/crds/enterprise/crd.projectcalico.org_kubecontrollersconfigurations.yaml b/pkg/crds/enterprise/crd.projectcalico.org_kubecontrollersconfigurations.yaml index 95b2b4c5db..32ddb712d4 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_kubecontrollersconfigurations.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_kubecontrollersconfigurations.yaml @@ -85,15 +85,6 @@ spec: reconcilerPeriod: type: string type: object - policyMigration: - properties: - enabled: - default: Enabled - enum: - - Disabled - - Enabled - type: string - type: object serviceAccount: properties: reconcilerPeriod: @@ -186,15 +177,6 @@ spec: reconcilerPeriod: type: string type: object - policyMigration: - properties: - enabled: - default: Enabled - enum: - - Disabled - - Enabled - type: string - type: object serviceAccount: properties: reconcilerPeriod: diff --git a/pkg/crds/enterprise/crd.projectcalico.org_networkpolicies.yaml b/pkg/crds/enterprise/crd.projectcalico.org_networkpolicies.yaml index 567d9461d7..0bbd77b2a6 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_networkpolicies.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_networkpolicies.yaml @@ -403,7 +403,6 @@ spec: serviceAccountSelector: type: string tier: - default: default type: string types: items: diff --git a/pkg/crds/enterprise/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml b/pkg/crds/enterprise/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml index 2ab2d14aae..a7cfe1615a 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_stagedglobalnetworkpolicies.yaml @@ -413,7 +413,6 @@ spec: stagedAction: type: string tier: - default: default type: string types: items: diff --git a/pkg/crds/enterprise/crd.projectcalico.org_stagednetworkpolicies.yaml b/pkg/crds/enterprise/crd.projectcalico.org_stagednetworkpolicies.yaml index a852c93095..3afb3ca2af 100644 --- a/pkg/crds/enterprise/crd.projectcalico.org_stagednetworkpolicies.yaml +++ b/pkg/crds/enterprise/crd.projectcalico.org_stagednetworkpolicies.yaml @@ -405,7 +405,6 @@ spec: stagedAction: type: string tier: - default: default type: string types: items: