Fix omitempty/optional indicator on CABundle fields

2025-07-27 05:27:21 +00:00 · 2018-10-23 13:29:34 -04:00 · 2018-10-23 13:29:34 -04:00 · d00906f44e
commit d00906f44e
parent daf17e2aee
7 changed files with 17 additions and 16 deletions
--- a/pkg/apis/admissionregistration/types.go
+++ b/pkg/apis/admissionregistration/types.go
@ -328,9 +328,9 @@ type WebhookClientConfig struct {
 	// +optional
 	Service *ServiceReference
-	// `caBundle` is a PEM encoded CA bundle which will be used to validate
+	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
-	// the webhook's server certificate.
+	// If unspecified, system trust roots on the apiserver are used.
-	// Required.
+	// +optional
 	CABundle []byte
 }
--- a/pkg/apis/auditregistration/types.go
+++ b/pkg/apis/auditregistration/types.go
@ -173,9 +173,8 @@ type WebhookClientConfig struct {
 	// +optional
 	Service *ServiceReference
-	// `caBundle` is a PEM encoded CA bundle which will be used to validate
+	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
-	// the webhook's server certificate.
+	// If unspecified, system trust roots on the apiserver are used.
 	// defaults to the apiservers CA bundle for the endpoint type
 	// +optional
 	CABundle []byte
 }
--- a/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go
+++ b/staging/src/k8s.io/api/admissionregistration/v1beta1/types.go
@ -282,12 +282,12 @@ type WebhookClientConfig struct {
 	// Port 443 will be used if it is open, otherwise it is an error.
 	//
 	// +optional
-	Service *ServiceReference `json:"service" protobuf:"bytes,1,opt,name=service"`
+	Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,1,opt,name=service"`
-	// `caBundle` is a PEM encoded CA bundle which will be used to validate
+	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
-	// the webhook's server certificate.
+	// If unspecified, system trust roots on the apiserver are used.
-	// Required.
+	// +optional
-	CABundle []byte `json:"caBundle" protobuf:"bytes,2,opt,name=caBundle"`
+	CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,2,opt,name=caBundle"`
 }
 // ServiceReference holds a reference to Service.legacy.k8s.io
--- a/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go
+++ b/staging/src/k8s.io/api/auditregistration/v1alpha1/types.go
@ -169,13 +169,12 @@ type WebhookClientConfig struct {
 	// Port 443 will be used if it is open, otherwise it is an error.
 	//
 	// +optional
-	Service *ServiceReference `json:"service" protobuf:"bytes,2,opt,name=service"`
+	Service *ServiceReference `json:"service,omitempty" protobuf:"bytes,2,opt,name=service"`
-	// `caBundle` is a PEM encoded CA bundle which will be used to validate
+	// `caBundle` is a PEM encoded CA bundle which will be used to validate the webhook's server certificate.
-	// the webhook's server certificate.
+	// If unspecified, system trust roots on the apiserver are used.
 	// defaults to the apiservers CA bundle for the endpoint type
 	// +optional
-	CABundle []byte `json:"caBundle" protobuf:"bytes,3,opt,name=caBundle"`
+	CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,3,opt,name=caBundle"`
 }
 // ServiceReference holds a reference to Service.legacy.k8s.io
--- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go
+++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/types.go
@ -53,6 +53,7 @@ type APIServiceSpec struct {
 	// This is strongly discouraged.  You should use the CABundle instead.
 	InsecureSkipTLSVerify bool
 	// CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.
 	// If unspecified, system trust roots on the apiserver are used.
 	// +optional
 	CABundle []byte
--- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go
+++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1/types.go
@ -53,6 +53,7 @@ type APIServiceSpec struct {
 	// This is strongly discouraged.  You should use the CABundle instead.
 	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty" protobuf:"varint,4,opt,name=insecureSkipTLSVerify"`
 	// CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.
 	// If unspecified, system trust roots on the apiserver are used.
 	// +optional
 	CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,5,opt,name=caBundle"`
--- a/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go
+++ b/staging/src/k8s.io/kube-aggregator/pkg/apis/apiregistration/v1beta1/types.go
@ -53,6 +53,7 @@ type APIServiceSpec struct {
 	// This is strongly discouraged.  You should use the CABundle instead.
 	InsecureSkipTLSVerify bool `json:"insecureSkipTLSVerify,omitempty" protobuf:"varint,4,opt,name=insecureSkipTLSVerify"`
 	// CABundle is a PEM encoded CA bundle which will be used to validate an API server's serving certificate.
 	// If unspecified, system trust roots on the apiserver are used.
 	// +optional
 	CABundle []byte `json:"caBundle,omitempty" protobuf:"bytes,5,opt,name=caBundle"`