github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-07 12:11:43 +00:00
Code Issues Projects Releases Wiki Activity

Implementation on Network Policy Status (#107963)

Browse Source 
* Implement status subresource in NetworkPolicy

* add NetworkPolicyStatus generated files

* Fix comments in netpol status review
This commit is contained in:
Ricardo Katz
2022-03-29 05:52:48 -03:00
committed by GitHub
parent fe8a663860
commit 42a1201082
56 changed files with 3740 additions and 375 deletions
Download Patch File Download Diff File Expand all files Collapse all files

239
api/openapi-spec/swagger.json generated
View File

@@ -12944,6 +12944,10 @@
"spec": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicySpec",
"description": "Specification of the desired behavior for this NetworkPolicy."
},
"status": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicyStatus",
"description": "Status is the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
}
},
"type": "object",
@@ -13101,6 +13105,25 @@
],
"type": "object"
},
"io.k8s.api.networking.v1.NetworkPolicyStatus": {
"description": "NetworkPolicyStatus describe the current state of the NetworkPolicy.",
"properties": {
"conditions": {
"description": "Conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state",
"items": {
"$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Condition"
},
"type": "array",
"x-kubernetes-list-map-keys": [
"type"
],
"x-kubernetes-list-type": "map",
"x-kubernetes-patch-merge-key": "type",
"x-kubernetes-patch-strategy": "merge"
}
},
"type": "object"
},
"io.k8s.api.networking.v1.ServiceBackendPort": {
"description": "ServiceBackendPort is the service port being referenced.",
"properties": {
@@ -73094,6 +73117,222 @@
}
}
},
"/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status": {
"get": {
"consumes": [
"*/*"
],
"description": "read status of the specified NetworkPolicy",
"operationId": "readNetworkingV1NamespacedNetworkPolicyStatus",
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"401": {
"description": "Unauthorized"
}
},
"schemes": [
"https"
],
"tags": [
"networking_v1"
],
"x-kubernetes-action": "get",
"x-kubernetes-group-version-kind": {
"group": "networking.k8s.io",
"kind": "NetworkPolicy",
"version": "v1"
}
},
"parameters": [
{
"description": "name of the NetworkPolicy",
"in": "path",
"name": "name",
"required": true,
"type": "string",
"uniqueItems": true
},
{
"description": "object name and auth scope, such as for teams and projects",
"in": "path",
"name": "namespace",
"required": true,
"type": "string",
"uniqueItems": true
},
{
"description": "If 'true', then the output is pretty printed.",
"in": "query",
"name": "pretty",
"type": "string",
"uniqueItems": true
}
],
"patch": {
"consumes": [
"application/json-patch+json",
"application/merge-patch+json",
"application/strategic-merge-patch+json",
"application/apply-patch+yaml"
],
"description": "partially update status of the specified NetworkPolicy",
"operationId": "patchNetworkingV1NamespacedNetworkPolicyStatus",
"parameters": [
{
"in": "body",
"name": "body",
"required": true,
"schema": {
"$ref": "#/definitions/io.k8s.apimachinery.pkg.apis.meta.v1.Patch"
}
},
{
"description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed",
"in": "query",
"name": "dryRun",
"type": "string",
"uniqueItems": true
},
{
"description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).",
"in": "query",
"name": "fieldManager",
"type": "string",
"uniqueItems": true
},
{
"description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.",
"in": "query",
"name": "fieldValidation",
"type": "string",
"uniqueItems": true
},
{
"description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.",
"in": "query",
"name": "force",
"type": "boolean",
"uniqueItems": true
}
],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"401": {
"description": "Unauthorized"
}
},
"schemes": [
"https"
],
"tags": [
"networking_v1"
],
"x-kubernetes-action": "patch",
"x-kubernetes-group-version-kind": {
"group": "networking.k8s.io",
"kind": "NetworkPolicy",
"version": "v1"
}
},
"put": {
"consumes": [
"*/*"
],
"description": "replace status of the specified NetworkPolicy",
"operationId": "replaceNetworkingV1NamespacedNetworkPolicyStatus",
"parameters": [
{
"in": "body",
"name": "body",
"required": true,
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
{
"description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed",
"in": "query",
"name": "dryRun",
"type": "string",
"uniqueItems": true
},
{
"description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.",
"in": "query",
"name": "fieldManager",
"type": "string",
"uniqueItems": true
},
{
"description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.",
"in": "query",
"name": "fieldValidation",
"type": "string",
"uniqueItems": true
}
],
"produces": [
"application/json",
"application/yaml",
"application/vnd.kubernetes.protobuf"
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"401": {
"description": "Unauthorized"
}
},
"schemes": [
"https"
],
"tags": [
"networking_v1"
],
"x-kubernetes-action": "put",
"x-kubernetes-group-version-kind": {
"group": "networking.k8s.io",
"kind": "NetworkPolicy",
"version": "v1"
}
}
},
"/apis/networking.k8s.io/v1/networkpolicies": {
"get": {
"consumes": [

313
api/openapi-spec/v3/apis__networking.k8s.io__v1_openapi.json
View File

@@ -470,6 +470,11 @@
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicySpec",
"default": {},
"description": "Specification of the desired behavior for this NetworkPolicy."
},
"status": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicyStatus",
"default": {},
"description": "Status is the current state of the NetworkPolicy. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status"
}
},
"type": "object",
@@ -637,6 +642,26 @@
],
"type": "object"
},
"io.k8s.api.networking.v1.NetworkPolicyStatus": {
"description": "NetworkPolicyStatus describe the current state of the NetworkPolicy.",
"properties": {
"conditions": {
"description": "Conditions holds an array of metav1.Condition that describe the state of the NetworkPolicy. Current service state",
"items": {
"$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Condition",
"default": {}
},
"type": "array",
"x-kubernetes-list-map-keys": [
"type"
],
"x-kubernetes-list-type": "map",
"x-kubernetes-patch-merge-key": "type",
"x-kubernetes-patch-strategy": "merge"
}
},
"type": "object"
},
"io.k8s.api.networking.v1.ServiceBackendPort": {
"description": "ServiceBackendPort is the service port being referenced.",
"properties": {
@@ -759,6 +784,49 @@
}
]
},
"io.k8s.apimachinery.pkg.apis.meta.v1.Condition": {
"description": "Condition contains details for one aspect of the current state of this API Resource.",
"properties": {
"lastTransitionTime": {
"$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Time",
"default": {},
"description": "lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable."
},
"message": {
"default": "",
"description": "message is a human readable message indicating details about the transition. This may be an empty string.",
"type": "string"
},
"observedGeneration": {
"description": "observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.",
"format": "int64",
"type": "integer"
},
"reason": {
"default": "",
"description": "reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.",
"type": "string"
},
"status": {
"default": "",
"description": "status of the condition, one of True, False, Unknown.",
"type": "string"
},
"type": {
"default": "",
"description": "type of condition in CamelCase or in foo.example.com/CamelCase.",
"type": "string"
}
},
"required": [
"type",
"status",
"lastTransitionTime",
"reason",
"message"
],
"type": "object"
},
"io.k8s.apimachinery.pkg.apis.meta.v1.DeleteOptions": {
"description": "DeleteOptions may be provided when deleting an API object.",
"properties": {
@@ -4324,6 +4392,251 @@
]
}
},
"/apis/networking.k8s.io/v1/namespaces/{namespace}/networkpolicies/{name}/status": {
"get": {
"description": "read status of the specified NetworkPolicy",
"operationId": "readNetworkingV1NamespacedNetworkPolicyStatus",
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/vnd.kubernetes.protobuf": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/yaml": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
},
"description": "OK"
}
},
"tags": [
"networking_v1"
]
},
"parameters": [
{
"description": "name of the NetworkPolicy",
"in": "path",
"name": "name",
"required": true,
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "object name and auth scope, such as for teams and projects",
"in": "path",
"name": "namespace",
"required": true,
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "If 'true', then the output is pretty printed.",
"in": "query",
"name": "pretty",
"schema": {
"type": "string",
"uniqueItems": true
}
}
],
"patch": {
"description": "partially update status of the specified NetworkPolicy",
"operationId": "patchNetworkingV1NamespacedNetworkPolicyStatus",
"parameters": [
{
"description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed",
"in": "query",
"name": "dryRun",
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "Force is going to \"force\" Apply requests. It means user will re-acquire conflicting fields owned by other people. Force flag must be unset for non-apply patch requests.",
"in": "query",
"name": "force",
"schema": {
"type": "boolean",
"uniqueItems": true
}
},
{
"description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint. This field is required for apply requests (application/apply-patch) but optional for non-apply patch types (JsonPatch, MergePatch, StrategicMergePatch).",
"in": "query",
"name": "fieldManager",
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.",
"in": "query",
"name": "fieldValidation",
"schema": {
"type": "string",
"uniqueItems": true
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.apimachinery.pkg.apis.meta.v1.Patch"
}
}
}
},
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/vnd.kubernetes.protobuf": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/yaml": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
},
"description": "OK"
},
"201": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/vnd.kubernetes.protobuf": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/yaml": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
},
"description": "Created"
}
},
"tags": [
"networking_v1"
]
},
"put": {
"description": "replace status of the specified NetworkPolicy",
"operationId": "replaceNetworkingV1NamespacedNetworkPolicyStatus",
"parameters": [
{
"description": "When present, indicates that modifications should not be persisted. An invalid or unrecognized dryRun directive will result in an error response and no further processing of the request. Valid values are: - All: all dry run stages will be processed",
"in": "query",
"name": "dryRun",
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "fieldManager is a name associated with the actor or entity that is making these changes. The value must be less than or 128 characters long, and only contain printable characters, as defined by https://golang.org/pkg/unicode/#IsPrint.",
"in": "query",
"name": "fieldManager",
"schema": {
"type": "string",
"uniqueItems": true
}
},
{
"description": "fieldValidation instructs the server on how to handle objects in the request (POST/PUT/PATCH) containing unknown or duplicate fields, provided that the `ServerSideFieldValidation` feature gate is also enabled. Valid values are: - Ignore: This will ignore any unknown fields that are silently dropped from the object, and will ignore all but the last duplicate field that the decoder encounters. This is the default behavior prior to v1.23 and is the default behavior when the `ServerSideFieldValidation` feature gate is disabled. - Warn: This will send a warning via the standard warning response header for each unknown field that is dropped from the object, and for each duplicate field that is encountered. The request will still succeed if there are no other errors, and will only persist the last of any duplicate fields. This is the default when the `ServerSideFieldValidation` feature gate is enabled. - Strict: This will fail the request with a BadRequest error if any unknown fields would be dropped from the object, or if any duplicate fields are present. The error returned from the server will contain all unknown and duplicate fields encountered.",
"in": "query",
"name": "fieldValidation",
"schema": {
"type": "string",
"uniqueItems": true
}
}
],
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
}
},
"responses": {
"200": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/vnd.kubernetes.protobuf": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/yaml": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
},
"description": "OK"
},
"201": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/vnd.kubernetes.protobuf": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
},
"application/yaml": {
"schema": {
"$ref": "#/components/schemas/io.k8s.api.networking.v1.NetworkPolicy"
}
}
},
"description": "Created"
}
},
"tags": [
"networking_v1"
]
}
},
"/apis/networking.k8s.io/v1/networkpolicies": {
"get": {
"description": "list or watch objects of kind NetworkPolicy",