Skip to content

Commit ca614f1

Browse files
barbacbdbarbacbd
committed
CORS-4184: Add STS and OAuth Service for GCP Endpoint Overrides
** These services were a bit unconventional. The STS service is not called directly in CCO but through a WIF template. The OAuth Service is also a bit unconventional, as it is never called directly but will still require a GCP endpoint override to ensure that the traffic does not go to the default google endpoint.
1 parent cc869c8 commit ca614f1

20 files changed

+70
-36
lines changed

config/v1/tests/infrastructures.config.openshift.io/GCPCustomAPIEndpoints.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,7 @@ tests:
213213
dnsType: PlatformDefault
214214
serviceEndpoints:
215215
- {name: "UnknownService", url: "https://compute-myendpoint1.p.googleapis.com"}
216-
expectedStatusError: "[status.platformStatus.gcp.serviceEndpoints[0].name: Unsupported value: \"UnknownService\": supported values: \"Compute\", \"Container\", \"CloudResourceManager\", \"DNS\", \"File\", \"IAM\", \"ServiceUsage\", \"Storage\", <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation"
216+
expectedStatusError: "[status.platformStatus.gcp.serviceEndpoints[0].name: Unsupported value: \"UnknownService\": supported values: \"Compute\", \"Container\", \"CloudResourceManager\", \"DNS\", \"File\", \"IAM\", \"OAuth\", \"ServiceUsage\", \"Storage\", \"STS\", <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]"
217217
- name: Service Endpoint End Slash
218218
initial: |
219219
apiVersion: config.openshift.io/v1

config/v1/tests/infrastructures.config.openshift.io/GCPCustomAPIEndpointsInstall.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -213,7 +213,7 @@ tests:
213213
dnsType: PlatformDefault
214214
serviceEndpoints:
215215
- {name: "UnknownService", url: "https://compute-myendpoint1.p.googleapis.com"}
216-
expectedStatusError: "[status.platformStatus.gcp.serviceEndpoints[0].name: Unsupported value: \"UnknownService\": supported values: \"Compute\", \"Container\", \"CloudResourceManager\", \"DNS\", \"File\", \"IAM\", \"ServiceUsage\", \"Storage\", <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation"
216+
expectedStatusError: "[status.platformStatus.gcp.serviceEndpoints[0].name: Unsupported value: \"UnknownService\": supported values: \"Compute\", \"Container\", \"CloudResourceManager\", \"DNS\", \"File\", \"IAM\", \"OAuth\", \"ServiceUsage\", \"Storage\", \"STS\", <nil>: Invalid value: \"null\": some validation rules were not checked because the object was invalid; correct the existing errors to complete validation]"
217217
- name: Service Endpoint End Slash
218218
initial: |
219219
apiVersion: config.openshift.io/v1

config/v1/types_infrastructure.go

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -650,7 +650,7 @@ const (
650650
)
651651

652652
// GCPServiceEndpointName is the name of the GCP Service Endpoint.
653-
// +kubebuilder:validation:Enum=Compute;Container;CloudResourceManager;DNS;File;IAM;ServiceUsage;Storage
653+
// +kubebuilder:validation:Enum=Compute;Container;CloudResourceManager;DNS;File;IAM;OAuth;ServiceUsage;Storage;STS
654654
type GCPServiceEndpointName string
655655

656656
const (
@@ -672,11 +672,17 @@ const (
672672
// GCPServiceEndpointNameIAM is the name used for the GCP IAM Service endpoint.
673673
GCPServiceEndpointNameIAM GCPServiceEndpointName = "IAM"
674674

675+
// GCPServiceEndpointNameOAuth is the name used for the GCP OAuth2 Service endpoint.
676+
GCPServiceEndpointNameOAuth GCPServiceEndpointName = "OAuth"
677+
675678
// GCPServiceEndpointNameServiceUsage is the name used for the GCP Service Usage Service endpoint.
676679
GCPServiceEndpointNameServiceUsage GCPServiceEndpointName = "ServiceUsage"
677680

678681
// GCPServiceEndpointNameStorage is the name used for the GCP Storage Service endpoint.
679682
GCPServiceEndpointNameStorage GCPServiceEndpointName = "Storage"
683+
684+
// GCPServiceEndpointNameSTS is the name used for the GCP STS Service endpoint.
685+
GCPServiceEndpointNameSTS GCPServiceEndpointName = "STS"
680686
)
681687

682688
// GCPServiceEndpoint store the configuration of a custom url to
@@ -767,10 +773,10 @@ type GCPPlatformStatus struct {
767773
// used when creating clients to interact with GCP services.
768774
// When not specified, the default endpoint for the GCP region will be used.
769775
// Only 1 endpoint override is permitted for each GCP service.
770-
// The maximum number of endpoint overrides allowed is 9.
776+
// The maximum number of endpoint overrides allowed is 10.
771777
// +listType=map
772778
// +listMapKey=name
773-
// +kubebuilder:validation:MaxItems=8
779+
// +kubebuilder:validation:MaxItems=10
774780
// +kubebuilder:validation:XValidation:rule="self.all(x, self.exists_one(y, x.name == y.name))",message="only 1 endpoint override is permitted per GCP service name"
775781
// +optional
776782
// +openshift:enable:FeatureGate=GCPCustomAPIEndpointsInstall

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-CustomNoUpgrade.crd.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1995,7 +1995,7 @@ spec:
19951995
used when creating clients to interact with GCP services.
19961996
When not specified, the default endpoint for the GCP region will be used.
19971997
Only 1 endpoint override is permitted for each GCP service.
1998-
The maximum number of endpoint overrides allowed is 9.
1998+
The maximum number of endpoint overrides allowed is 10.
19991999
items:
20002000
description: |-
20012001
GCPServiceEndpoint store the configuration of a custom url to
@@ -2018,8 +2018,10 @@ spec:
20182018
- DNS
20192019
- File
20202020
- IAM
2021+
- OAuth
20212022
- ServiceUsage
20222023
- Storage
2024+
- STS
20232025
type: string
20242026
url:
20252027
description: |-
@@ -2045,7 +2047,7 @@ spec:
20452047
- name
20462048
- url
20472049
type: object
2048-
maxItems: 8
2050+
maxItems: 10
20492051
type: array
20502052
x-kubernetes-list-map-keys:
20512053
- name

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-DevPreviewNoUpgrade.crd.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1995,7 +1995,7 @@ spec:
19951995
used when creating clients to interact with GCP services.
19961996
When not specified, the default endpoint for the GCP region will be used.
19971997
Only 1 endpoint override is permitted for each GCP service.
1998-
The maximum number of endpoint overrides allowed is 9.
1998+
The maximum number of endpoint overrides allowed is 10.
19991999
items:
20002000
description: |-
20012001
GCPServiceEndpoint store the configuration of a custom url to
@@ -2018,8 +2018,10 @@ spec:
20182018
- DNS
20192019
- File
20202020
- IAM
2021+
- OAuth
20212022
- ServiceUsage
20222023
- Storage
2024+
- STS
20232025
type: string
20242026
url:
20252027
description: |-
@@ -2045,7 +2047,7 @@ spec:
20452047
- name
20462048
- url
20472049
type: object
2048-
maxItems: 8
2050+
maxItems: 10
20492051
type: array
20502052
x-kubernetes-list-map-keys:
20512053
- name

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_infrastructures-TechPreviewNoUpgrade.crd.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1995,7 +1995,7 @@ spec:
19951995
used when creating clients to interact with GCP services.
19961996
When not specified, the default endpoint for the GCP region will be used.
19971997
Only 1 endpoint override is permitted for each GCP service.
1998-
The maximum number of endpoint overrides allowed is 9.
1998+
The maximum number of endpoint overrides allowed is 10.
19991999
items:
20002000
description: |-
20012001
GCPServiceEndpoint store the configuration of a custom url to
@@ -2018,8 +2018,10 @@ spec:
20182018
- DNS
20192019
- File
20202020
- IAM
2021+
- OAuth
20212022
- ServiceUsage
20222023
- Storage
2024+
- STS
20232025
type: string
20242026
url:
20252027
description: |-
@@ -2045,7 +2047,7 @@ spec:
20452047
- name
20462048
- url
20472049
type: object
2048-
maxItems: 8
2050+
maxItems: 10
20492051
type: array
20502052
x-kubernetes-list-map-keys:
20512053
- name

config/v1/zz_generated.featuregated-crd-manifests/infrastructures.config.openshift.io/GCPCustomAPIEndpointsInstall.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1587,7 +1587,7 @@ spec:
15871587
used when creating clients to interact with GCP services.
15881588
When not specified, the default endpoint for the GCP region will be used.
15891589
Only 1 endpoint override is permitted for each GCP service.
1590-
The maximum number of endpoint overrides allowed is 9.
1590+
The maximum number of endpoint overrides allowed is 10.
15911591
items:
15921592
description: |-
15931593
GCPServiceEndpoint store the configuration of a custom url to
@@ -1610,8 +1610,10 @@ spec:
16101610
- DNS
16111611
- File
16121612
- IAM
1613+
- OAuth
16131614
- ServiceUsage
16141615
- Storage
1616+
- STS
16151617
type: string
16161618
url:
16171619
description: |-
@@ -1637,7 +1639,7 @@ spec:
16371639
- name
16381640
- url
16391641
type: object
1640-
maxItems: 8
1642+
maxItems: 10
16411643
type: array
16421644
x-kubernetes-list-map-keys:
16431645
- name

config/v1/zz_generated.swagger_doc_generated.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-CustomNoUpgrade.crd.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2275,7 +2275,7 @@ spec:
22752275
used when creating clients to interact with GCP services.
22762276
When not specified, the default endpoint for the GCP region will be used.
22772277
Only 1 endpoint override is permitted for each GCP service.
2278-
The maximum number of endpoint overrides allowed is 9.
2278+
The maximum number of endpoint overrides allowed is 10.
22792279
items:
22802280
description: |-
22812281
GCPServiceEndpoint store the configuration of a custom url to
@@ -2298,8 +2298,10 @@ spec:
22982298
- DNS
22992299
- File
23002300
- IAM
2301+
- OAuth
23012302
- ServiceUsage
23022303
- Storage
2304+
- STS
23032305
type: string
23042306
url:
23052307
description: |-
@@ -2325,7 +2327,7 @@ spec:
23252327
- name
23262328
- url
23272329
type: object
2328-
maxItems: 8
2330+
maxItems: 10
23292331
type: array
23302332
x-kubernetes-list-map-keys:
23312333
- name

machineconfiguration/v1/zz_generated.crd-manifests/0000_80_machine-config_01_controllerconfigs-DevPreviewNoUpgrade.crd.yaml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2275,7 +2275,7 @@ spec:
22752275
used when creating clients to interact with GCP services.
22762276
When not specified, the default endpoint for the GCP region will be used.
22772277
Only 1 endpoint override is permitted for each GCP service.
2278-
The maximum number of endpoint overrides allowed is 9.
2278+
The maximum number of endpoint overrides allowed is 10.
22792279
items:
22802280
description: |-
22812281
GCPServiceEndpoint store the configuration of a custom url to
@@ -2298,8 +2298,10 @@ spec:
22982298
- DNS
22992299
- File
23002300
- IAM
2301+
- OAuth
23012302
- ServiceUsage
23022303
- Storage
2304+
- STS
23032305
type: string
23042306
url:
23052307
description: |-
@@ -2325,7 +2327,7 @@ spec:
23252327
- name
23262328
- url
23272329
type: object
2328-
maxItems: 8
2330+
maxItems: 10
23292331
type: array
23302332
x-kubernetes-list-map-keys:
23312333
- name

0 commit comments

Comments
 (0)