Update godoc for pod and container security context (#1279)

Jonathan Yu · web-flow · commit 4d978d46b2c5 · 2023-09-05T11:22:23.000-04:00
* chore: update godoc for pod and container security context

Add detailed description of SecurityContext and PodSecurityContext
fields.

* make bundle

* re-run make api-docs
diff --git a/apis/v1alpha1/opentelemetrycollector_types.go b/apis/v1alpha1/opentelemetrycollector_types.go
@@ -123,10 +123,25 @@ type OpenTelemetryCollectorSpec struct {
 	//
 	// +optional
 	Autoscaler *AutoscalerSpec `json:"autoscaler,omitempty"`
-	// SecurityContext will be set as the container security context.
+	// SecurityContext configures the container security context for
+	// the opentelemetry-collector container.
+	//
+	// In deployment, daemonset, or statefulset mode, this controls
+	// the security context settings for the primary application
+	// container.
+	//
+	// In sidecar mode, this controls the security context for the
+	// injected sidecar container.
+	//
 	// +optional
 	SecurityContext *v1.SecurityContext `json:"securityContext,omitempty"`
-
+	// PodSecurityContext configures the pod security context for the
+	// opentelemetry-collector pod, when running as a deployment, daemonset,
+	// or statefulset.
+	//
+	// In sidecar mode, the opentelemetry-operator will ignore this setting.
+	//
+	// +optional
 	PodSecurityContext *v1.PodSecurityContext `json:"podSecurityContext,omitempty"`
 	// PodAnnotations is the set of annotations that will be attached to
 	// Collector and Target Allocator pods.
diff --git a/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml b/bundle/manifests/opentelemetry-operator.clusterserviceversion.yaml
@@ -31,7 +31,7 @@ metadata:
     categories: Logging & Tracing,Monitoring
     certified: "false"
     containerImage: ghcr.io/open-telemetry/opentelemetry-operator/opentelemetry-operator
-    createdAt: "2023-08-18T14:30:49Z"
+    createdAt: "2023-08-28T17:54:06Z"
     description: Provides the OpenTelemetry components, including the Collector
     operators.operatorframework.io/builder: operator-sdk-v1.29.0
     operators.operatorframework.io/project_layout: go.kubebuilder.io/v3
diff --git a/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml b/bundle/manifests/opentelemetry.io_opentelemetrycollectors.yaml
@@ -3703,9 +3703,9 @@ spec:
                   attached to Collector and Target Allocator pods.
                 type: object
               podSecurityContext:
-                description: PodSecurityContext holds pod-level security attributes
-                  and common container settings. Some fields are also present in container.securityContext.  Field
-                  values of container.
+                description: PodSecurityContext configures the pod security context
+                  for the opentelemetry-collector pod, when running as a deployment,
+                  daemonset, or statefulset.
                 properties:
                   fsGroup:
                     description: "A special supplemental group that applies to all
@@ -3928,8 +3928,8 @@ spec:
                     type: object
                 type: object
               securityContext:
-                description: SecurityContext will be set as the container security
-                  context.
+                description: SecurityContext configures the container security context
+                  for the opentelemetry-collector container.
                 properties:
                   allowPrivilegeEscalation:
                     description: AllowPrivilegeEscalation controls whether a process
diff --git a/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml b/config/crd/bases/opentelemetry.io_opentelemetrycollectors.yaml
@@ -3700,9 +3700,9 @@ spec:
                   attached to Collector and Target Allocator pods.
                 type: object
               podSecurityContext:
-                description: PodSecurityContext holds pod-level security attributes
-                  and common container settings. Some fields are also present in container.securityContext.  Field
-                  values of container.
+                description: PodSecurityContext configures the pod security context
+                  for the opentelemetry-collector pod, when running as a deployment,
+                  daemonset, or statefulset.
                 properties:
                   fsGroup:
                     description: "A special supplemental group that applies to all
@@ -3925,8 +3925,8 @@ spec:
                     type: object
                 type: object
               securityContext:
-                description: SecurityContext will be set as the container security
-                  context.
+                description: SecurityContext configures the container security context
+                  for the opentelemetry-collector container.
                 properties:
                   allowPrivilegeEscalation:
                     description: AllowPrivilegeEscalation controls whether a process
diff --git a/docs/api.md b/docs/api.md
@@ -3813,7 +3813,7 @@ OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector.
         <td><b><a href="#opentelemetrycollectorspecpodsecuritycontext">podSecurityContext</a></b></td>
         <td>object</td>
         <td>
-          PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.<br/>
+          PodSecurityContext configures the pod security context for the opentelemetry-collector pod, when running as a deployment, daemonset, or statefulset.<br/>
         </td>
         <td>false</td>
       </tr><tr>
@@ -3850,7 +3850,7 @@ OpenTelemetryCollectorSpec defines the desired state of OpenTelemetryCollector.
         <td><b><a href="#opentelemetrycollectorspecsecuritycontext">securityContext</a></b></td>
         <td>object</td>
         <td>
-          SecurityContext will be set as the container security context.<br/>
+          SecurityContext configures the container security context for the opentelemetry-collector container.<br/>
         </td>
         <td>false</td>
       </tr><tr>
@@ -11471,7 +11471,7 @@ Metrics defines the metrics configuration for operands.
 
 
 
-PodSecurityContext holds pod-level security attributes and common container settings. Some fields are also present in container.securityContext.  Field values of container.
+PodSecurityContext configures the pod security context for the opentelemetry-collector pod, when running as a deployment, daemonset, or statefulset.
 
 <table>
     <thead>
@@ -11870,7 +11870,7 @@ ResourceClaim references one entry in PodSpec.ResourceClaims.
 
 
 
-SecurityContext will be set as the container security context.
+SecurityContext configures the container security context for the opentelemetry-collector container.
 
 <table>
     <thead>
