From d8ffdf87f9c4a07da0f2198345fdf7030faa4193 Mon Sep 17 00:00:00 2001 From: Maru Newby Date: Mon, 23 Mar 2020 23:41:32 -0700 Subject: [PATCH 1/2] Add flag to enable deprecated service ca injection into sa tokens --- operator/v1/types_kubecontrollermanager.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/operator/v1/types_kubecontrollermanager.go b/operator/v1/types_kubecontrollermanager.go index c20ae30ccd7..42ed8c9019c 100644 --- a/operator/v1/types_kubecontrollermanager.go +++ b/operator/v1/types_kubecontrollermanager.go @@ -25,6 +25,12 @@ type KubeControllerManager struct { type KubeControllerManagerSpec struct { StaticPodOperatorSpec `json:",inline"` + + // enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade + // enables service ca injection into all legacy service account token secrets. Defaults to + // false. If set to true, will make it impossible to upgrade the cluster. + // +optional + EnableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade bool `json:"enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade"` } type KubeControllerManagerStatus struct { From 92c884ce7b8f572272655cb4a09ab753d0432eaa Mon Sep 17 00:00:00 2001 From: Maru Newby Date: Mon, 23 Mar 2020 23:41:49 -0700 Subject: [PATCH 2/2] Update generated --- ...25_kube-controller-manager-operator_01_config.crd.yaml | 6 ++++++ operator/v1/zz_generated.swagger_doc_generated.go | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml b/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml index 257620128ca..7a67e86a673 100644 --- a/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml +++ b/operator/v1/0000_25_kube-controller-manager-operator_01_config.crd.yaml @@ -35,6 +35,12 @@ spec: description: spec is the specification of the desired behavior of the Kubernetes Controller Manager properties: + enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade: + description: enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade + enables service ca injection into all legacy service account token + secrets. Defaults to false. If set to true, will make it impossible + to upgrade the cluster. + type: boolean failedRevisionLimit: description: failedRevisionLimit is the number of failed static pod installer revisions to keep on disk and in the api -1 = unlimited, diff --git a/operator/v1/zz_generated.swagger_doc_generated.go b/operator/v1/zz_generated.swagger_doc_generated.go index 6e70887c22e..043a8b21b79 100644 --- a/operator/v1/zz_generated.swagger_doc_generated.go +++ b/operator/v1/zz_generated.swagger_doc_generated.go @@ -533,6 +533,14 @@ func (KubeControllerManagerList) SwaggerDoc() map[string]string { return map_KubeControllerManagerList } +var map_KubeControllerManagerSpec = map[string]string{ + "enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade": "enableDeprecatedAndRemovedServiceCAKeyUntilNextRelease_ThisMakesClusterImpossibleToUpgrade enables service ca injection into all legacy service account token secrets. Defaults to false. If set to true, will make it impossible to upgrade the cluster.", +} + +func (KubeControllerManagerSpec) SwaggerDoc() map[string]string { + return map_KubeControllerManagerSpec +} + var map_KubeStorageVersionMigrator = map[string]string{ "": "KubeStorageVersionMigrator provides information to configure an operator to manage kube-storage-version-migrator.", }