Update upstream specifications to their latest version

Author: sebhoss

crd-catalog/DopplerHQ/kubernetes-operator/secrets.doppler.com/v1alpha1/dopplersecrets.yaml

@@ -121,7 +121,7 @@ spec:
                     type: "string"
                   type: "array"
                 tokenSecret:
-                  description: "The Kubernetes secret containing the Doppler service token"
+                  description: "The Kubernetes secret containing either a Doppler service token or OIDC configuration"
                   properties:
                     name:
                       description: "The name of the Secret resource"

crd-catalog/Kuadrant/dns-operator/kuadrant.io/v1alpha1/dnsrecords.yaml

@@ -180,10 +180,10 @@ spec:
                   rule: "!has(oldSelf.ownerID) || has(self.ownerID)"
                 - message: "OwnerID can't be set if it was previously unset"
                   rule: "has(oldSelf.ownerID) || !has(self.ownerID)"
-                - message: "Delegate can't be unset if it was previously set"
-                  rule: "!has(oldSelf.delegate) || has(self.delegate)"
-                - message: "Delegate can't be set if it was previously unset"
-                  rule: "has(oldSelf.delegate) || !has(self.delegate)"
+                - message: "delegate can't be set to true if unset"
+                  rule: "has(oldSelf.delegate) || !has(self.delegate) || self.delegate == false"
+                - message: "delegate can't be unset if true"
+                  rule: "!has(oldSelf.delegate) || oldSelf.delegate == false || has(self.delegate)"
                 - message: "delegate=true and providerRef are mutually exclusive"
                   rule: "!(has(self.providerRef) && has(self.delegate) && self.delegate == true)"
             status:

crd-catalog/Kuadrant/kuadrant-operator/kuadrant.io/v1/authpolicies.yaml

@@ -214,12 +214,18 @@ spec:
                                 description: "Authentication based on JWT tokens."
                                 properties:
                                   issuerUrl:
-                                    description: "URL of the issuer of the JWT.\nIf `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint\n(i.e. \"/.well-known/openid-configuration\") to this URL, to discover the OIDC configuration where to obtain\nthe \"jkws_uri\" claim from.\nThe value must coincide with the value of  the \"iss\" (issuer) claim of the discovered OpenID Connect configuration."
+                                    description: "URL of the OpenID Connect (OIDC) token issuer endpoint.\nUse it for automatically discovering the JWKS URL from an OpenID Connect Discovery endpoint (https://openid.net/specs/openid-connect-discovery-1_0.html).\nThe Well-Known Discovery path (i.e. \"/.well-known/openid-configuration\") is appended to this URL to fetch the OIDC configuration.\nOne of: jwksUrl, issuerUrl"
+                                    type: "string"
+                                  jwksUrl:
+                                    description: "URL of the JSON Web Key Set (JWKS) endpoint.\nUse it for non-OpenID Connect (OIDC) JWT authentication, where the JWKS URL is known beforehand.\nThe JSON Web Keys (JWK) obtained from this endpoint are automatically cached and the caching updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys).\nOne of: jwksUrl, issuerUrl"
                                     type: "string"
                                   ttl:
-                                    description: "Decides how long to wait before refreshing the JWKS (in seconds).\nIf omitted, Authorino will never refresh the JWKS."
+                                    description: "Decides how long the OIDC configuration will be cached.\nIf omitted or set to zero, Authorino will never refresh the OIDC configuration.\nThis configuration does not affect the caching of JSON Web Keys (JWK), which is always updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys)"
                                     type: "integer"
                                 type: "object"
+                                x-kubernetes-validations:
+                                  - message: "Use one of: jwksUrl, issuerUrl"
+                                    rule: "!(has(self.jwksUrl) && self.jwksUrl != '' && has(self.issuerUrl) && self.issuerUrl != '')"
                               kubernetesTokenReview:
                                 description: "Authentication by Kubernetes token review."
                                 properties:
@@ -1323,11 +1329,15 @@ spec:
                                 description: "OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig."
                                 properties:
                                   identitySource:
-                                    description: "The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC \"userinfo_endpoint\" claim."
+                                    description: "Name of an OIDC JWT authentication rule whose obtained configuration includes an \"userinfo_endpoint\" claim.\nOne of: identitySource, userInfoUrl"
+                                    type: "string"
+                                  userInfoUrl:
+                                    description: "The URL of the UserInfo endpoint.\nUse it for non-OIDC JWT authentication, where the UserInfo URL is known beforehand.\nOne of: identitySource, userInfoUrl"
                                     type: "string"
-                                required:
-                                  - "identitySource"
                                 type: "object"
+                                x-kubernetes-validations:
+                                  - message: "Use one of: identitySource, userInfoUrl"
+                                    rule: "!(has(self.identitySource) && self.identitySource != '' && has(self.userInfoUrl) && self.userInfoUrl != '')"
                               when:
                                 description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped."
                                 items:
@@ -1982,12 +1992,18 @@ spec:
                                 description: "Authentication based on JWT tokens."
                                 properties:
                                   issuerUrl:
-                                    description: "URL of the issuer of the JWT.\nIf `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint\n(i.e. \"/.well-known/openid-configuration\") to this URL, to discover the OIDC configuration where to obtain\nthe \"jkws_uri\" claim from.\nThe value must coincide with the value of  the \"iss\" (issuer) claim of the discovered OpenID Connect configuration."
+                                    description: "URL of the OpenID Connect (OIDC) token issuer endpoint.\nUse it for automatically discovering the JWKS URL from an OpenID Connect Discovery endpoint (https://openid.net/specs/openid-connect-discovery-1_0.html).\nThe Well-Known Discovery path (i.e. \"/.well-known/openid-configuration\") is appended to this URL to fetch the OIDC configuration.\nOne of: jwksUrl, issuerUrl"
+                                    type: "string"
+                                  jwksUrl:
+                                    description: "URL of the JSON Web Key Set (JWKS) endpoint.\nUse it for non-OpenID Connect (OIDC) JWT authentication, where the JWKS URL is known beforehand.\nThe JSON Web Keys (JWK) obtained from this endpoint are automatically cached and the caching updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys).\nOne of: jwksUrl, issuerUrl"
                                     type: "string"
                                   ttl:
-                                    description: "Decides how long to wait before refreshing the JWKS (in seconds).\nIf omitted, Authorino will never refresh the JWKS."
+                                    description: "Decides how long the OIDC configuration will be cached.\nIf omitted or set to zero, Authorino will never refresh the OIDC configuration.\nThis configuration does not affect the caching of JSON Web Keys (JWK), which is always updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys)"
                                     type: "integer"
                                 type: "object"
+                                x-kubernetes-validations:
+                                  - message: "Use one of: jwksUrl, issuerUrl"
+                                    rule: "!(has(self.jwksUrl) && self.jwksUrl != '' && has(self.issuerUrl) && self.issuerUrl != '')"
                               kubernetesTokenReview:
                                 description: "Authentication by Kubernetes token review."
                                 properties:
@@ -3091,11 +3107,15 @@ spec:
                                 description: "OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig."
                                 properties:
                                   identitySource:
-                                    description: "The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC \"userinfo_endpoint\" claim."
+                                    description: "Name of an OIDC JWT authentication rule whose obtained configuration includes an \"userinfo_endpoint\" claim.\nOne of: identitySource, userInfoUrl"
+                                    type: "string"
+                                  userInfoUrl:
+                                    description: "The URL of the UserInfo endpoint.\nUse it for non-OIDC JWT authentication, where the UserInfo URL is known beforehand.\nOne of: identitySource, userInfoUrl"
                                     type: "string"
-                                required:
-                                  - "identitySource"
                                 type: "object"
+                                x-kubernetes-validations:
+                                  - message: "Use one of: identitySource, userInfoUrl"
+                                    rule: "!(has(self.identitySource) && self.identitySource != '' && has(self.userInfoUrl) && self.userInfoUrl != '')"
                               when:
                                 description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped."
                                 items:
@@ -3747,12 +3767,18 @@ spec:
                             description: "Authentication based on JWT tokens."
                             properties:
                               issuerUrl:
-                                description: "URL of the issuer of the JWT.\nIf `jwksUrl` is omitted, Authorino will append the path to the OpenID Connect Well-Known Discovery endpoint\n(i.e. \"/.well-known/openid-configuration\") to this URL, to discover the OIDC configuration where to obtain\nthe \"jkws_uri\" claim from.\nThe value must coincide with the value of  the \"iss\" (issuer) claim of the discovered OpenID Connect configuration."
+                                description: "URL of the OpenID Connect (OIDC) token issuer endpoint.\nUse it for automatically discovering the JWKS URL from an OpenID Connect Discovery endpoint (https://openid.net/specs/openid-connect-discovery-1_0.html).\nThe Well-Known Discovery path (i.e. \"/.well-known/openid-configuration\") is appended to this URL to fetch the OIDC configuration.\nOne of: jwksUrl, issuerUrl"
+                                type: "string"
+                              jwksUrl:
+                                description: "URL of the JSON Web Key Set (JWKS) endpoint.\nUse it for non-OpenID Connect (OIDC) JWT authentication, where the JWKS URL is known beforehand.\nThe JSON Web Keys (JWK) obtained from this endpoint are automatically cached and the caching updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys).\nOne of: jwksUrl, issuerUrl"
                                 type: "string"
                               ttl:
-                                description: "Decides how long to wait before refreshing the JWKS (in seconds).\nIf omitted, Authorino will never refresh the JWKS."
+                                description: "Decides how long the OIDC configuration will be cached.\nIf omitted or set to zero, Authorino will never refresh the OIDC configuration.\nThis configuration does not affect the caching of JSON Web Keys (JWK), which is always updated whenever the kid of a JWT does not match any of the cached JWKs (https://openid.net/specs/openid-connect-core-1_0.html#RotateSigKeys)"
                                 type: "integer"
                             type: "object"
+                            x-kubernetes-validations:
+                              - message: "Use one of: jwksUrl, issuerUrl"
+                                rule: "!(has(self.jwksUrl) && self.jwksUrl != '' && has(self.issuerUrl) && self.issuerUrl != '')"
                           kubernetesTokenReview:
                             description: "Authentication by Kubernetes token review."
                             properties:
@@ -4856,11 +4882,15 @@ spec:
                             description: "OpendID Connect UserInfo linked to an OIDC authentication config specified in this same AuthConfig."
                             properties:
                               identitySource:
-                                description: "The name of an OIDC-enabled JWT authentication config whose OpenID Connect configuration discovered includes the OIDC \"userinfo_endpoint\" claim."
+                                description: "Name of an OIDC JWT authentication rule whose obtained configuration includes an \"userinfo_endpoint\" claim.\nOne of: identitySource, userInfoUrl"
+                                type: "string"
+                              userInfoUrl:
+                                description: "The URL of the UserInfo endpoint.\nUse it for non-OIDC JWT authentication, where the UserInfo URL is known beforehand.\nOne of: identitySource, userInfoUrl"
                                 type: "string"
-                            required:
-                              - "identitySource"
                             type: "object"
+                            x-kubernetes-validations:
+                              - message: "Use one of: identitySource, userInfoUrl"
+                                rule: "!(has(self.identitySource) && self.identitySource != '' && has(self.userInfoUrl) && self.userInfoUrl != '')"
                           when:
                             description: "Conditions for Authorino to enforce this config.\nIf omitted, the config will be enforced for all requests.\nIf present, all conditions must match for the config to be enforced; otherwise, the config will be skipped."
                             items:

crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml

@@ -827,6 +827,10 @@ spec:
                           description: "How often to perform the liveness probe."
                           format: "int32"
                           type: "integer"
+                        livenessPort:
+                          description: "The liveness port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         livenessProbe:
                           description: "The liveness probe path to use (default provided by the Catalog runtime used)."
                           type: "string"
@@ -856,6 +860,10 @@ spec:
                           description: "How often to perform the readiness probe."
                           format: "int32"
                           type: "integer"
+                        readinessPort:
+                          description: "The readiness port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         readinessProbe:
                           description: "The readiness probe path to use (default provided by the Catalog runtime used)."
                           type: "string"
@@ -885,6 +893,10 @@ spec:
                           description: "How often to perform the startup probe."
                           format: "int32"
                           type: "integer"
+                        startupPort:
+                          description: "The startup port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         startupProbe:
                           description: "The startup probe path to use (default provided by the Catalog runtime used)."
                           type: "string"
@@ -2504,6 +2516,10 @@ spec:
                           description: "How often to perform the liveness probe."
                           format: "int32"
                           type: "integer"
+                        livenessPort:
+                          description: "The liveness port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         livenessProbe:
                           description: "The liveness probe path to use (default provided by the Catalog runtime used)."
                           type: "string"
@@ -2533,6 +2549,10 @@ spec:
                           description: "How often to perform the readiness probe."
                           format: "int32"
                           type: "integer"
+                        readinessPort:
+                          description: "The readiness port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         readinessProbe:
                           description: "The readiness probe path to use (default provided by the Catalog runtime used)."
                           type: "string"
@@ -2562,6 +2582,10 @@ spec:
                           description: "How often to perform the startup probe."
                           format: "int32"
                           type: "integer"
+                        startupPort:
+                          description: "The startup port to use (default 8080)."
+                          format: "int32"
+                          type: "integer"
                         startupProbe:
                           description: "The startup probe path to use (default provided by the Catalog runtime used)."
                           type: "string"