diff --git a/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml b/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml index 607b85698d7..69dbe3a2f3b 100644 --- a/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-CustomNoUpgrade.crd.yaml @@ -59,6 +59,7 @@ spec: description: fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters. + format: byte maxLength: 8192 type: string fulcioSubject: @@ -93,6 +94,7 @@ spec: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: @@ -120,12 +122,14 @@ spec: description: keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string rekorKeyData: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: diff --git a/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml index c5129d7b4aa..834c03ae111 100644 --- a/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/0000_10_config-operator_01_clusterimagepolicy-TechPreviewNoUpgrade.crd.yaml @@ -59,6 +59,7 @@ spec: description: fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters. + format: byte maxLength: 8192 type: string fulcioSubject: @@ -93,6 +94,7 @@ spec: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: @@ -120,12 +122,14 @@ spec: description: keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string rekorKeyData: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: diff --git a/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml b/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml index a94542da448..642a19f78ce 100644 --- a/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml +++ b/config/v1alpha1/0000_10_config-operator_01_imagepolicy-CustomNoUpgrade.crd.yaml @@ -59,6 +59,7 @@ spec: description: fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters. + format: byte maxLength: 8192 type: string fulcioSubject: @@ -93,6 +94,7 @@ spec: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: @@ -120,12 +122,14 @@ spec: description: keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string rekorKeyData: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: diff --git a/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml b/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml index 11f72b17246..2f5ea8863e8 100644 --- a/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml +++ b/config/v1alpha1/0000_10_config-operator_01_imagepolicy-TechPreviewNoUpgrade.crd.yaml @@ -59,6 +59,7 @@ spec: description: fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters. + format: byte maxLength: 8192 type: string fulcioSubject: @@ -93,6 +94,7 @@ spec: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: @@ -120,12 +122,14 @@ spec: description: keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string rekorKeyData: description: rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters. + format: byte maxLength: 8192 type: string required: diff --git a/config/v1alpha1/types_image_policy.go b/config/v1alpha1/types_image_policy.go index b93f17c5da6..e9ec90902c0 100644 --- a/config/v1alpha1/types_image_policy.go +++ b/config/v1alpha1/types_image_policy.go @@ -96,12 +96,12 @@ type PublicKey struct { // KeyData must be at most 8192 characters. // +kubebuilder:validation:Required // +kubebuilder:validation:MaxLength=8192 - KeyData string `json:"keyData"` + KeyData []byte `json:"keyData"` // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. // rekorKeyData must be at most 8192 characters. // +optional // +kubebuilder:validation:MaxLength=8192 - RekorKeyData string `json:"rekorKeyData,omitempty"` + RekorKeyData []byte `json:"rekorKeyData,omitempty"` } // FulcioCAWithRekor defines the root of trust based on the Fulcio certificate and the Rekor public key. @@ -110,12 +110,12 @@ type FulcioCAWithRekor struct { // fulcioCAData must be at most 8192 characters. // +kubebuilder:validation:Required // +kubebuilder:validation:MaxLength=8192 - FulcioCAData string `json:"fulcioCAData"` + FulcioCAData []byte `json:"fulcioCAData"` // rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. // rekorKeyData must be at most 8192 characters. // +kubebuilder:validation:Required // +kubebuilder:validation:MaxLength=8192 - RekorKeyData string `json:"rekorKeyData"` + RekorKeyData []byte `json:"rekorKeyData"` // fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration. // +kubebuilder:validation:Required FulcioSubject PolicyFulcioSubject `json:"fulcioSubject,omitempty"` diff --git a/config/v1alpha1/zz_generated.deepcopy.go b/config/v1alpha1/zz_generated.deepcopy.go index 21b08cf3335..ab39b5b9154 100644 --- a/config/v1alpha1/zz_generated.deepcopy.go +++ b/config/v1alpha1/zz_generated.deepcopy.go @@ -230,6 +230,16 @@ func (in *EtcdBackupSpec) DeepCopy() *EtcdBackupSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FulcioCAWithRekor) DeepCopyInto(out *FulcioCAWithRekor) { *out = *in + if in.FulcioCAData != nil { + in, out := &in.FulcioCAData, &out.FulcioCAData + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.RekorKeyData != nil { + in, out := &in.RekorKeyData, &out.RekorKeyData + *out = make([]byte, len(*in)) + copy(*out, *in) + } out.FulcioSubject = in.FulcioSubject return } @@ -563,12 +573,12 @@ func (in *PolicyRootOfTrust) DeepCopyInto(out *PolicyRootOfTrust) { if in.PublicKey != nil { in, out := &in.PublicKey, &out.PublicKey *out = new(PublicKey) - **out = **in + (*in).DeepCopyInto(*out) } if in.FulcioCAWithRekor != nil { in, out := &in.FulcioCAWithRekor, &out.FulcioCAWithRekor *out = new(FulcioCAWithRekor) - **out = **in + (*in).DeepCopyInto(*out) } return } @@ -586,6 +596,16 @@ func (in *PolicyRootOfTrust) DeepCopy() *PolicyRootOfTrust { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *PublicKey) DeepCopyInto(out *PublicKey) { *out = *in + if in.KeyData != nil { + in, out := &in.KeyData, &out.KeyData + *out = make([]byte, len(*in)) + copy(*out, *in) + } + if in.RekorKeyData != nil { + in, out := &in.RekorKeyData, &out.RekorKeyData + *out = make([]byte, len(*in)) + copy(*out, *in) + } return } diff --git a/openapi/generated_openapi/zz_generated.openapi.go b/openapi/generated_openapi/zz_generated.openapi.go index bacc376fcde..03beb150163 100644 --- a/openapi/generated_openapi/zz_generated.openapi.go +++ b/openapi/generated_openapi/zz_generated.openapi.go @@ -19983,17 +19983,15 @@ func schema_openshift_api_config_v1alpha1_FulcioCAWithRekor(ref common.Reference "fulcioCAData": { SchemaProps: spec.SchemaProps{ Description: "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", - Default: "", Type: []string{"string"}, - Format: "", + Format: "byte", }, }, "rekorKeyData": { SchemaProps: spec.SchemaProps{ Description: "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - Default: "", Type: []string{"string"}, - Format: "", + Format: "byte", }, }, "fulcioSubject": { @@ -20577,16 +20575,15 @@ func schema_openshift_api_config_v1alpha1_PublicKey(ref common.ReferenceCallback "keyData": { SchemaProps: spec.SchemaProps{ Description: "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", - Default: "", Type: []string{"string"}, - Format: "", + Format: "byte", }, }, "rekorKeyData": { SchemaProps: spec.SchemaProps{ Description: "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", Type: []string{"string"}, - Format: "", + Format: "byte", }, }, }, diff --git a/openapi/openapi.json b/openapi/openapi.json index 08ea1fd0cff..a946257599a 100644 --- a/openapi/openapi.json +++ b/openapi/openapi.json @@ -10933,7 +10933,7 @@ "fulcioCAData": { "description": "fulcioCAData contains inline base64-encoded data for the PEM format fulcio CA. fulcioCAData must be at most 8192 characters.", "type": "string", - "default": "" + "format": "byte" }, "fulcioSubject": { "description": "fulcioSubject specifies OIDC issuer and the email of the Fulcio authentication configuration.", @@ -10943,7 +10943,7 @@ "rekorKeyData": { "description": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", "type": "string", - "default": "" + "format": "byte" } } }, @@ -11286,11 +11286,12 @@ "keyData": { "description": "keyData contains inline base64-encoded data for the PEM format public key. KeyData must be at most 8192 characters.", "type": "string", - "default": "" + "format": "byte" }, "rekorKeyData": { "description": "rekorKeyData contains inline base64-encoded data for the PEM format from the Rekor public key. rekorKeyData must be at most 8192 characters.", - "type": "string" + "type": "string", + "format": "byte" } } },