Merge pull request #5964 from flavianmissi/backport-capabilities

[release-4.18] ARO-15695, OCPBUGS-54625: backport capabilities api

Author: openshift-merge-bot[bot]

api/hypershift/v1beta1/featuregates/featureGate-Hypershift-Default.yaml

@@ -23,6 +23,9 @@
                     },
                     {
                         "name": "HCPPodsLabels"
+                    },
+                    {
+                        "name": "DisableClusterCapabilities"
                     }
                 ],
                 "enabled": [
@@ -42,4 +45,4 @@
             }
         ]
     }
-}
+}

api/hypershift/v1beta1/featuregates/featureGate-Hypershift-TechPreviewNoUpgrade.yaml

@@ -33,6 +33,9 @@
                     },
                     {
                         "name": "HCPPodsLabels"
+                    },
+                    {
+                        "name": "DisableClusterCapabilities"
                     }
                 ],
                 "version": ""

api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-Default.yaml

@@ -23,6 +23,9 @@
                     },
                     {
                         "name": "HCPPodsLabels"
+                    },
+                    {
+                        "name": "DisableClusterCapabilities"
                     }
                 ],
                 "enabled": [
@@ -42,4 +45,4 @@
             }
         ]
     }
-}
+}

api/hypershift/v1beta1/featuregates/featureGate-SelfManagedHA-TechPreviewNoUpgrade.yaml

@@ -33,6 +33,9 @@
                     },
                     {
                         "name": "HCPPodsLabels"
+                    },
+                    {
+                        "name": "DisableClusterCapabilities"
                     }
                 ],
                 "version": ""

api/hypershift/v1beta1/hosted_controlplane.go

@@ -196,6 +196,14 @@ type HostedControlPlaneSpec struct {
 	// +kubebuilder:validation:MaxProperties=20
 	// +optional
 	Labels map[string]string `json:"labels,omitempty"`
+
+	// capabilities allows for disabling optional components at cluster install time.
+	// This field is optional and once set cannot be changed.
+	// +immutable
+	// +optional
+	// +kubebuilder:default={}
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior."
+	Capabilities *Capabilities `json:"capabilities,omitempty"`
 }
 
 // availabilityPolicy specifies a high level availability policy for components.

api/hypershift/v1beta1/hostedcluster_types.go

@@ -349,6 +349,30 @@ const (
 	ControlPlaneOperatorV2EnvVar = "CPO_V2"
 )
 
+// +kubebuilder:validation:Enum=ImageRegistry
+type OptionalCapability string
+
+const ImageRegistryCapability OptionalCapability = OptionalCapability(configv1.ClusterVersionCapabilityImageRegistry)
+
+// capabilities allows disabling optional components at install time.
+// Once set, it cannot be changed.
+type Capabilities struct {
+	// disabled when specified, sets the cluster version baselineCapabilitySet to None
+	// and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+	// This effectively disables that capability on the hosted cluster.
+	//
+	// When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+	// OpenShift version.
+	//
+	// Once set, this field cannot be changed.
+	//
+	// +listType=atomic
+	// +immutable
+	// +optional
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Disabled is immutable. Changes might result in unpredictable and disruptive behavior."
+	Disabled []OptionalCapability `json:"disabled,omitempty"`
+}
+
 // HostedClusterSpec is the desired behavior of a HostedCluster.
 
 // +kubebuilder:validation:XValidation:rule="self.platform.type == 'IBMCloud' ? size(self.services) >= 3 : size(self.services) >= 4",message="spec.services in body should have at least 4 items or 3 for IBMCloud"
@@ -625,6 +649,14 @@ type HostedClusterSpec struct {
 	// +optional
 	// +openshift:enable:FeatureGate=HCPPodsLabels
 	Labels map[string]string `json:"labels,omitempty"`
+
+	// capabilities allows for disabling optional components at cluster install time.
+	// This field is optional and once set cannot be changed.
+	// +immutable
+	// +optional
+	// +kubebuilder:default={}
+	// +kubebuilder:validation:XValidation:rule="self == oldSelf", message="Capabilities is immutable. Changes might result in unpredictable and disruptive behavior."
+	Capabilities *Capabilities `json:"capabilities,omitempty"`
 }
 
 // OLMCatalogPlacement is an enum specifying the placement of OLM catalog components.

api/hypershift/v1beta1/zz_generated.deepcopy.go

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.

api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AAA_ungated.yaml

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.

api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/AROHCPManagedIdentities.yaml

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.

api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/DynamicResourceAllocation.yaml

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.

api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/ExternalOIDC.yaml

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.

api/hypershift/v1beta1/zz_generated.featuregated-crd-manifests/hostedclusters.hypershift.openshift.io/HCPPodsLabels.yaml

@@ -149,6 +149,37 @@ spec:
                     format: int32
                     type: integer
                 type: object
+              capabilities:
+                default: {}
+                description: |-
+                  capabilities allows for disabling optional components at cluster install time.
+                  This field is optional and once set cannot be changed.
+                properties:
+                  disabled:
+                    description: |-
+                      disabled when specified, sets the cluster version baselineCapabilitySet to None
+                      and sets all additionalEnabledCapabilities BUT the ones supplied in disabled.
+                      This effectively disables that capability on the hosted cluster.
+
+                      When this is not supplied, the cluster will use the DefaultCapabilitySet defined for the respective
+                      OpenShift version.
+
+                      Once set, this field cannot be changed.
+                    items:
+                      enum:
+                      - ImageRegistry
+                      type: string
+                    type: array
+                    x-kubernetes-list-type: atomic
+                    x-kubernetes-validations:
+                    - message: Disabled is immutable. Changes might result in unpredictable
+                        and disruptive behavior.
+                      rule: self == oldSelf
+                type: object
+                x-kubernetes-validations:
+                - message: Capabilities is immutable. Changes might result in unpredictable
+                    and disruptive behavior.
+                  rule: self == oldSelf
               channel:
                 description: |-
                   channel is an identifier for explicitly requesting that a non-default set of updates be applied to this cluster.