Remove openshift dep on api

Less deps the better! Could be problematic for projects importing CDI and openshift. Signed-off-by: Michael Henriksen <mhenriks@redhat.com>
mhenriks · Apr 8, 2024 · 53e2b84 · 53e2b84
1 parent eb6b76a
commit 53e2b84
Show file tree

Hide file tree

Showing 11 changed files with 677 additions and 114 deletions.
diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json
@@ -2869,29 +2869,6 @@
      }
     }
    },
-   "v1.CustomTLSProfile": {
-    "description": "CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.",
-    "type": "object",
-    "required": [
-     "ciphers",
-     "minTLSVersion"
-    ],
-    "properties": {
-     "ciphers": {
-      "description": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake.  Operators may remove entries their operands do not support.  For example, to use DES-CBC3-SHA  (yaml):\n\n  ciphers:\n    - DES-CBC3-SHA",
-      "type": "array",
-      "items": {
-       "type": "string",
-       "default": ""
-      }
-     },
-     "minTLSVersion": {
-      "description": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n  minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12",
-      "type": "string",
-      "default": ""
-     }
-    }
-   },
    "v1.DeleteOptions": {
     "description": "DeleteOptions may be provided when deleting an API object.",
     "type": "object",
@@ -2959,10 +2936,6 @@
      }
     }
    },
-   "v1.IntermediateTLSProfile": {
-    "description": "IntermediateTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29",
-    "type": "object"
-   },
    "v1.LabelSelector": {
     "description": "A label selector is a label query over a set of resources. The result of matchLabels and matchExpressions are ANDed. An empty label selector matches all objects. A null label selector matches no objects.",
     "type": "object",
@@ -3082,10 +3055,6 @@
      }
     }
    },
-   "v1.ModernTLSProfile": {
-    "description": "ModernTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility",
-    "type": "object"
-   },
    "v1.NodeAffinity": {
     "description": "Node affinity is a group of node affinity scheduling rules.",
     "type": "object",
@@ -3273,10 +3242,6 @@
      }
     }
    },
-   "v1.OldTLSProfile": {
-    "description": "OldTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility",
-    "type": "object"
-   },
    "v1.OwnerReference": {
     "description": "OwnerReference contains enough information to let you identify an owning object. An owning object must be in the same namespace as the dependent, or be cluster-scoped, so there is no namespace field.",
     "type": "object",
@@ -3657,44 +3622,6 @@
      }
     }
    },
-   "v1.TLSSecurityProfile": {
-    "description": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.",
-    "type": "object",
-    "properties": {
-     "custom": {
-      "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n  ciphers:\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n  minTLSVersion: VersionTLS11",
-      "$ref": "#/definitions/v1.CustomTLSProfile"
-     },
-     "intermediate": {
-      "description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES256-GCM-SHA384\n    - ECDHE-RSA-AES256-GCM-SHA384\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - DHE-RSA-AES128-GCM-SHA256\n    - DHE-RSA-AES256-GCM-SHA384\n  minTLSVersion: VersionTLS12",
-      "$ref": "#/definitions/v1.IntermediateTLSProfile"
-     },
-     "modern": {
-      "description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n  minTLSVersion: VersionTLS13\n\nNOTE: Currently unsupported.",
-      "$ref": "#/definitions/v1.ModernTLSProfile"
-     },
-     "old": {
-      "description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES256-GCM-SHA384\n    - ECDHE-RSA-AES256-GCM-SHA384\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - DHE-RSA-AES128-GCM-SHA256\n    - DHE-RSA-AES256-GCM-SHA384\n    - DHE-RSA-CHACHA20-POLY1305\n    - ECDHE-ECDSA-AES128-SHA256\n    - ECDHE-RSA-AES128-SHA256\n    - ECDHE-ECDSA-AES128-SHA\n    - ECDHE-RSA-AES128-SHA\n    - ECDHE-ECDSA-AES256-SHA384\n    - ECDHE-RSA-AES256-SHA384\n    - ECDHE-ECDSA-AES256-SHA\n    - ECDHE-RSA-AES256-SHA\n    - DHE-RSA-AES128-SHA256\n    - DHE-RSA-AES256-SHA256\n    - AES128-GCM-SHA256\n    - AES256-GCM-SHA384\n    - AES128-SHA256\n    - AES256-SHA256\n    - AES128-SHA\n    - AES256-SHA\n    - DES-CBC3-SHA\n  minTLSVersion: VersionTLS10",
-      "$ref": "#/definitions/v1.OldTLSProfile"
-     },
-     "type": {
-      "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure.  Depending on precisely which ciphers are available to a process, the list may be reduced.\n\nNote that the Modern profile is currently not supported because it is not yet well adopted by common software libraries.",
-      "type": "string",
-      "default": ""
-     }
-    },
-    "x-kubernetes-unions": [
-     {
-      "discriminator": "type",
-      "fields-to-discriminateBy": {
-       "custom": "Custom",
-       "intermediate": "Intermediate",
-       "modern": "Modern",
-       "old": "Old"
-      }
-     }
-    ]
-   },
    "v1.Time": {
     "description": "Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON.  Wrappers are provided for many of the factory methods that the time package offers.",
     "type": "string",
@@ -3990,7 +3917,7 @@
      },
      "tlsSecurityProfile": {
       "description": "TLSSecurityProfile is used by operators to apply cluster-wide TLS security settings to operands.",
-      "$ref": "#/definitions/v1.TLSSecurityProfile"
+      "$ref": "#/definitions/v1beta1.TLSSecurityProfile"
      },
      "uploadProxyURLOverride": {
       "description": "Override the URL used when uploading to a DataVolume",
@@ -4199,6 +4126,29 @@
      }
     }
    },
+   "v1beta1.CustomTLSProfile": {
+    "description": "CustomTLSProfile is a user-defined TLS security profile. Be extremely careful using a custom TLS profile as invalid configurations can be catastrophic.",
+    "type": "object",
+    "required": [
+     "ciphers",
+     "minTLSVersion"
+    ],
+    "properties": {
+     "ciphers": {
+      "description": "ciphers is used to specify the cipher algorithms that are negotiated during the TLS handshake.  Operators may remove entries their operands do not support.  For example, to use DES-CBC3-SHA  (yaml):\n\n  ciphers:\n    - DES-CBC3-SHA",
+      "type": "array",
+      "items": {
+       "type": "string",
+       "default": ""
+      }
+     },
+     "minTLSVersion": {
+      "description": "minTLSVersion is used to specify the minimal version of the TLS protocol that is negotiated during the TLS handshake. For example, to use TLS versions 1.1, 1.2 and 1.3 (yaml):\n\n  minTLSVersion: VersionTLS11\n\nNOTE: currently the highest minTLSVersion allowed is VersionTLS12",
+      "type": "string",
+      "default": ""
+     }
+    }
+   },
    "v1beta1.CustomizeComponents": {
     "description": "CustomizeComponents defines patches for components deployed by the CDI operator.",
     "type": "object",
@@ -5090,6 +5040,18 @@
      }
     }
    },
+   "v1beta1.IntermediateTLSProfile": {
+    "description": "IntermediateTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29",
+    "type": "object"
+   },
+   "v1beta1.ModernTLSProfile": {
+    "description": "ModernTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility",
+    "type": "object"
+   },
+   "v1beta1.OldTLSProfile": {
+    "description": "OldTLSProfile is a TLS security profile based on: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility",
+    "type": "object"
+   },
    "v1beta1.StorageSpec": {
     "description": "StorageSpec defines the Storage type specification",
     "type": "object",
@@ -5138,6 +5100,44 @@
      }
     }
    },
+   "v1beta1.TLSSecurityProfile": {
+    "description": "TLSSecurityProfile defines the schema for a TLS security profile. This object is used by operators to apply TLS security settings to operands.",
+    "type": "object",
+    "properties": {
+     "custom": {
+      "description": "custom is a user-defined TLS security profile. Be extremely careful using a custom profile as invalid configurations can be catastrophic. An example custom profile looks like this:\n\n  ciphers:\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n  minTLSVersion: VersionTLS11",
+      "$ref": "#/definitions/v1beta1.CustomTLSProfile"
+     },
+     "intermediate": {
+      "description": "intermediate is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES256-GCM-SHA384\n    - ECDHE-RSA-AES256-GCM-SHA384\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - DHE-RSA-AES128-GCM-SHA256\n    - DHE-RSA-AES256-GCM-SHA384\n  minTLSVersion: VersionTLS12",
+      "$ref": "#/definitions/v1beta1.IntermediateTLSProfile"
+     },
+     "modern": {
+      "description": "modern is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n  minTLSVersion: VersionTLS13\n\nNOTE: Currently unsupported.",
+      "$ref": "#/definitions/v1beta1.ModernTLSProfile"
+     },
+     "old": {
+      "description": "old is a TLS security profile based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility\n\nand looks like this (yaml):\n\n  ciphers:\n    - TLS_AES_128_GCM_SHA256\n    - TLS_AES_256_GCM_SHA384\n    - TLS_CHACHA20_POLY1305_SHA256\n    - ECDHE-ECDSA-AES128-GCM-SHA256\n    - ECDHE-RSA-AES128-GCM-SHA256\n    - ECDHE-ECDSA-AES256-GCM-SHA384\n    - ECDHE-RSA-AES256-GCM-SHA384\n    - ECDHE-ECDSA-CHACHA20-POLY1305\n    - ECDHE-RSA-CHACHA20-POLY1305\n    - DHE-RSA-AES128-GCM-SHA256\n    - DHE-RSA-AES256-GCM-SHA384\n    - DHE-RSA-CHACHA20-POLY1305\n    - ECDHE-ECDSA-AES128-SHA256\n    - ECDHE-RSA-AES128-SHA256\n    - ECDHE-ECDSA-AES128-SHA\n    - ECDHE-RSA-AES128-SHA\n    - ECDHE-ECDSA-AES256-SHA384\n    - ECDHE-RSA-AES256-SHA384\n    - ECDHE-ECDSA-AES256-SHA\n    - ECDHE-RSA-AES256-SHA\n    - DHE-RSA-AES128-SHA256\n    - DHE-RSA-AES256-SHA256\n    - AES128-GCM-SHA256\n    - AES256-GCM-SHA384\n    - AES128-SHA256\n    - AES256-SHA256\n    - AES128-SHA\n    - AES256-SHA\n    - DES-CBC3-SHA\n  minTLSVersion: VersionTLS10",
+      "$ref": "#/definitions/v1beta1.OldTLSProfile"
+     },
+     "type": {
+      "description": "type is one of Old, Intermediate, Modern or Custom. Custom provides the ability to specify individual TLS security profile parameters. Old, Intermediate and Modern are TLS security profiles based on:\n\nhttps://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations\n\nThe profiles are intent based, so they may change over time as new ciphers are developed and existing ciphers are found to be insecure.  Depending on precisely which ciphers are available to a process, the list may be reduced.\n\nNote that the Modern profile is currently not supported because it is not yet well adopted by common software libraries.",
+      "type": "string",
+      "default": ""
+     }
+    },
+    "x-kubernetes-unions": [
+     {
+      "discriminator": "type",
+      "fields-to-discriminateBy": {
+       "custom": "Custom",
+       "intermediate": "Intermediate",
+       "modern": "Modern",
+       "old": "Old"
+      }
+     }
+    ]
+   },
    "v1beta1.UploadTokenRequest": {
     "description": "UploadTokenRequest is the CR used to initiate a CDI upload",
     "type": "object",