From d00906f44e30a44097be27a660518451b7d1d4c6 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Tue, 23 Oct 2018 13:29:34 -0400 Subject: [PATCH] Fix omitempty/optional indicator on CABundle fields --- pkg/apis/admissionregistration/types.go | 6 +++--- pkg/apis/auditregistration/types.go | 5 ++--- .../k8s.io/api/admissionregistration/v1beta1/types.go | 10 +++++----- .../src/k8s.io/api/auditregistration/v1alpha1/types.go | 9 ++++----- .../kube-aggregator/pkg/apis/apiregistration/types.go | 1 + .../pkg/apis/apiregistration/v1/types.go | 1 + .../pkg/apis/apiregistration/v1beta1/types.go | 1 + 7 files changed, 17 insertions(+), 16 deletions(-) diff --git a/pkg/apis/admissionregistration/types.go b/pkg/apis/admissionregistration/types.go index 511bdd96d1c..70b810ababa 100644 --- a/pkg/apis/admissionregistration/types.go +++ b/pkg/apis/admissionregistration/types.go @@ -328,9 +328,9 @@ type WebhookClientConfig struct { // +optional Service *ServiceReference - // `caBundle` is a PEM encoded CA bundle which will be used to validate - // the webhook's server certificate. - // Required. + // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. + // If unspecified, system trust roots on the apiserver are used. + // +optional CABundle []byte } diff --git a/pkg/apis/auditregistration/types.go b/pkg/apis/auditregistration/types.go index 8362483d21e..bc6ede7c3d6 100644 --- a/pkg/apis/auditregistration/types.go +++ b/pkg/apis/auditregistration/types.go @@ -173,9 +173,8 @@ type WebhookClientConfig struct { // +optional Service *ServiceReference - // `caBundle` is a PEM encoded CA bundle which will be used to validate - // the webhook's server certificate. - // defaults to the apiservers CA bundle for the endpoint type + // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. + // If unspecified, system trust roots on the apiserver are used. // +optional CABundle []byte } diff --git a/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go b/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go index 0b948ba1df9..1703ac71340 100644 --- a/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go +++ b/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go @@ -282,12 +282,12 @@ type WebhookClientConfig struct { // Port 443 will be used if it is open, otherwise it is an error. // // +optional - Service *ServiceReference `json:"service" protobuf:"bytes,1,opt,name=service"` + Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,1,opt,name=service"` - // `caBundle` is a PEM encoded CA bundle which will be used to validate - // the webhook's server certificate. - // Required. - CABundle []byte `json:"caBundle" protobuf:"bytes,2,opt,name=caBundle"` + // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. + // If unspecified, system trust roots on the apiserver are used. + // +optional + CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,2,opt,name=caBundle"` } // ServiceReference holds a reference to Service.legacy.k8s.io diff --git a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go index a7ef9d13fc5..a27d559a4e0 100644 --- a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go +++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go @@ -169,13 +169,12 @@ type WebhookClientConfig struct { // Port 443 will be used if it is open, otherwise it is an error. // // +optional - Service *ServiceReference `json:"service" protobuf:"bytes,2,opt,name=service"` + Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,2,opt,name=service"` - // `caBundle` is a PEM encoded CA bundle which will be used to validate - // the webhook's server certificate. - // defaults to the apiservers CA bundle for the endpoint type + // `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate. + // If unspecified, system trust roots on the apiserver are used. // +optional - CABundle []byte `json:"caBundle" protobuf:"bytes,3,opt,name=caBundle"` + CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,3,opt,name=caBundle"` } // ServiceReference holds a reference to Service.legacy.k8s.io diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go index 3f042211606..459edfe763c 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go @@ -53,6 +53,7 @@ type APIServiceSpec struct { // This is strongly discouraged. You should use the CABundle instead. InsecureSkipTLSVerify bool // CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. + // If unspecified, system trust roots on the apiserver are used. // +optional CABundle []byte diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go index ffaec409cb2..171ed303acc 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go @@ -53,6 +53,7 @@ type APIServiceSpec struct { // This is strongly discouraged. You should use the CABundle instead. InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty" protobuf:"varint,4,opt,name=insecureSkipTLSVerify"` // CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. + // If unspecified, system trust roots on the apiserver are used. // +optional CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,5,opt,name=caBundle"` diff --git a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go index 0d4ba49effe..a95c5642d9b 100644 --- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go +++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go @@ -53,6 +53,7 @@ type APIServiceSpec struct { // This is strongly discouraged. You should use the CABundle instead. InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty" protobuf:"varint,4,opt,name=insecureSkipTLSVerify"` // CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate. + // If unspecified, system trust roots on the apiserver are used. // +optional CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,5,opt,name=caBundle"`