From f8fddc01b2129aefe35b32e1b9908968f0211bdd Mon Sep 17 00:00:00 2001 From: Rickard von Essen Date: Wed, 9 Oct 2024 11:10:47 +0200 Subject: [PATCH 1/5] Update Upjet to v1.4.1-0.20241007154751-5cdf36996e4a This includes PR 441 which fixes scraping of Refs which contains lists. See upjet v1.4.1-0.20241007154751-5cdf36996e4a Signed-off-by: Rickard von Essen --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 78221c8be..c3f463ca6 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( dario.cat/mergo v1.0.0 github.com/crossplane/crossplane-runtime v1.16.0-rc.2.0.20240510094504-3f697876fa57 github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79 - github.com/crossplane/upjet v1.4.1-0.20240911184956-3afbb7796d46 + github.com/crossplane/upjet v1.4.1-0.20241007154751-5cdf36996e4a github.com/hashicorp/terraform-json v0.22.1 github.com/hashicorp/terraform-plugin-sdk/v2 v2.33.0 github.com/hashicorp/terraform-provider-google v1.20.1-0.20240729180617-5093dfd2a5ea diff --git a/go.sum b/go.sum index 5cb96ba68..68adb3945 100644 --- a/go.sum +++ b/go.sum @@ -72,8 +72,8 @@ github.com/crossplane/crossplane-runtime v1.16.0-rc.2.0.20240510094504-3f697876f github.com/crossplane/crossplane-runtime v1.16.0-rc.2.0.20240510094504-3f697876fa57/go.mod h1:Pz2tdGVMF6KDGzHZOkvKro0nKc8EzK0sb/nSA7pH4Dc= github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79 h1:HigXs5tEQxWz0fcj8hzbU2UAZgEM7wPe0XRFOsrtF8Y= github.com/crossplane/crossplane-tools v0.0.0-20230925130601-628280f8bf79/go.mod h1:+e4OaFlOcmr0JvINHl/yvEYBrZawzTgj6pQumOH1SS0= -github.com/crossplane/upjet v1.4.1-0.20240911184956-3afbb7796d46 h1:2IH1YPTBrNmBj0Z1OCjEBTrQCuRaLutZbWLaswFeCFQ= -github.com/crossplane/upjet v1.4.1-0.20240911184956-3afbb7796d46/go.mod h1:wkdZf/Cvhr6PI30VdHIOjg4dX39Z5uijqnLWFk5PbGM= +github.com/crossplane/upjet v1.4.1-0.20241007154751-5cdf36996e4a h1:XC/M8NTYAQi9D8ixoSZEg2+BAJPDBx6fTeexdMtHyk0= +github.com/crossplane/upjet v1.4.1-0.20241007154751-5cdf36996e4a/go.mod h1:wkdZf/Cvhr6PI30VdHIOjg4dX39Z5uijqnLWFk5PbGM= github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= github.com/dave/jennifer v1.4.1 h1:XyqG6cn5RQsTj3qlWQTKlRGAyrTcsk1kUmWdZBzRjDw= From fca66b0259260fadb5a0b0ed232cf1b7f2988f71 Mon Sep 17 00:00:00 2001 From: Rickard von Essen Date: Wed, 9 Oct 2024 11:15:01 +0200 Subject: [PATCH 2/5] Regenerated resources Signed-off-by: Rickard von Essen --- .../v1beta2/zz_appconnection_types.go | 20 ++ .../v1beta2/zz_generated.deepcopy.go | 24 ++ .../v1beta2/zz_generated.resolvers.go | 39 +++ .../v1beta2/zz_generated.deepcopy.go | 48 +++ .../v1beta2/zz_generated.resolvers.go | 97 ++++++ .../v1beta2/zz_policy_types.go | 36 ++ .../v1beta1/zz_certificatemapentry_types.go | 25 +- .../v1beta1/zz_generated.deepcopy.go | 24 ++ .../v1beta1/zz_generated.resolvers.go | 43 ++- .../v1beta2/zz_certificate_types.go | 40 +++ .../v1beta2/zz_generated.deepcopy.go | 48 +++ .../v1beta2/zz_generated.resolvers.go | 115 +++++++ .../cloudrun/v1beta2/zz_generated.deepcopy.go | 48 +++ .../v1beta2/zz_generated.resolvers.go | 107 ++++++ apis/cloudrun/v1beta2/zz_v2job_types.go | 20 ++ apis/cloudrun/v1beta2/zz_v2service_types.go | 20 ++ apis/compute/v1beta1/zz_generated.deepcopy.go | 48 +++ .../compute/v1beta1/zz_generated.resolvers.go | 78 +++++ .../compute/v1beta1/zz_instancegroup_types.go | 20 ++ .../zz_interconnectattachment_types.go | 20 ++ apis/compute/v1beta2/zz_generated.deepcopy.go | 72 ++++ .../compute/v1beta2/zz_generated.resolvers.go | 128 +++++++ .../v1beta2/zz_instancetemplate_types.go | 20 ++ apis/compute/v1beta2/zz_routernat_types.go | 40 +++ .../osconfig/v1beta2/zz_generated.deepcopy.go | 25 ++ .../v1beta2/zz_generated.resolvers.go | 73 ++++ .../v1beta2/zz_patchdeployment_types.go | 20 ++ config/provider-metadata.yaml | 113 +++++++ .../beyondcorp/v1beta2/appconnection.yaml | 4 +- .../binaryauthorization/v1beta2/policy.yaml | 4 +- .../v1beta1/certificatemapentry.yaml | 16 +- .../v1beta2/certificate.yaml | 12 +- .../compute/v1beta2/instancetemplate.yaml | 4 +- ...ondcorp.gcp.upbound.io_appconnections.yaml | 158 +++++++++ ...authorization.gcp.upbound.io_policies.yaml | 316 ++++++++++++++++++ ....gcp.upbound.io_certificatemapentries.yaml | 163 ++++++++- ...temanager.gcp.upbound.io_certificates.yaml | 316 ++++++++++++++++++ .../crds/cloudrun.gcp.upbound.io_v2jobs.yaml | 158 +++++++++ .../cloudrun.gcp.upbound.io_v2services.yaml | 158 +++++++++ ...compute.gcp.upbound.io_instancegroups.yaml | 156 +++++++++ ...pute.gcp.upbound.io_instancetemplates.yaml | 158 +++++++++ ...cp.upbound.io_interconnectattachments.yaml | 156 +++++++++ .../compute.gcp.upbound.io_routernats.yaml | 314 +++++++++++++++++ ...onfig.gcp.upbound.io_patchdeployments.yaml | 158 +++++++++ 44 files changed, 3633 insertions(+), 29 deletions(-) create mode 100644 apis/certificatemanager/v1beta2/zz_generated.resolvers.go create mode 100644 apis/osconfig/v1beta2/zz_generated.resolvers.go diff --git a/apis/beyondcorp/v1beta2/zz_appconnection_types.go b/apis/beyondcorp/v1beta2/zz_appconnection_types.go index c5fce9c5c..98b80a7e8 100755 --- a/apis/beyondcorp/v1beta2/zz_appconnection_types.go +++ b/apis/beyondcorp/v1beta2/zz_appconnection_types.go @@ -20,8 +20,18 @@ type AppConnectionInitParameters struct { ApplicationEndpoint *ApplicationEndpointInitParameters `json:"applicationEndpoint,omitempty" tf:"application_endpoint,omitempty"` // List of AppConnectors that are authorised to be associated with this AppConnection + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/beyondcorp/v1beta2.AppConnector + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() Connectors []*string `json:"connectors,omitempty" tf:"connectors,omitempty"` + // References to AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsRefs []v1.Reference `json:"connectorsRefs,omitempty" tf:"-"` + + // Selector for a list of AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsSelector *v1.Selector `json:"connectorsSelector,omitempty" tf:"-"` + // An arbitrary user-provided name for the AppConnection. DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` @@ -104,9 +114,19 @@ type AppConnectionParameters struct { ApplicationEndpoint *ApplicationEndpointParameters `json:"applicationEndpoint,omitempty" tf:"application_endpoint,omitempty"` // List of AppConnectors that are authorised to be associated with this AppConnection + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/beyondcorp/v1beta2.AppConnector + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional Connectors []*string `json:"connectors,omitempty" tf:"connectors,omitempty"` + // References to AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsRefs []v1.Reference `json:"connectorsRefs,omitempty" tf:"-"` + + // Selector for a list of AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsSelector *v1.Selector `json:"connectorsSelector,omitempty" tf:"-"` + // An arbitrary user-provided name for the AppConnection. // +kubebuilder:validation:Optional DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` diff --git a/apis/beyondcorp/v1beta2/zz_generated.deepcopy.go b/apis/beyondcorp/v1beta2/zz_generated.deepcopy.go index 44ca4450e..8f5517f71 100644 --- a/apis/beyondcorp/v1beta2/zz_generated.deepcopy.go +++ b/apis/beyondcorp/v1beta2/zz_generated.deepcopy.go @@ -59,6 +59,18 @@ func (in *AppConnectionInitParameters) DeepCopyInto(out *AppConnectionInitParame } } } + if in.ConnectorsRefs != nil { + in, out := &in.ConnectorsRefs, &out.ConnectorsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ConnectorsSelector != nil { + in, out := &in.ConnectorsSelector, &out.ConnectorsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.DisplayName != nil { in, out := &in.DisplayName, &out.DisplayName *out = new(string) @@ -282,6 +294,18 @@ func (in *AppConnectionParameters) DeepCopyInto(out *AppConnectionParameters) { } } } + if in.ConnectorsRefs != nil { + in, out := &in.ConnectorsRefs, &out.ConnectorsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ConnectorsSelector != nil { + in, out := &in.ConnectorsSelector, &out.ConnectorsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.DisplayName != nil { in, out := &in.DisplayName, &out.DisplayName *out = new(string) diff --git a/apis/beyondcorp/v1beta2/zz_generated.resolvers.go b/apis/beyondcorp/v1beta2/zz_generated.resolvers.go index 254d8c4a3..6a2fce598 100644 --- a/apis/beyondcorp/v1beta2/zz_generated.resolvers.go +++ b/apis/beyondcorp/v1beta2/zz_generated.resolvers.go @@ -24,7 +24,27 @@ func (mg *AppConnection) ResolveReferences( // ResolveReferences of this AppConn r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta2", "AppConnector", "AppConnectorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Connectors), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.ConnectorsRefs, + Selector: mg.Spec.ForProvider.ConnectorsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Connectors") + } + mg.Spec.ForProvider.Connectors = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.ConnectorsRefs = mrsp.ResolvedReferences if mg.Spec.ForProvider.Gateway != nil { { @@ -47,6 +67,25 @@ func (mg *AppConnection) ResolveReferences( // ResolveReferences of this AppConn mg.Spec.ForProvider.Gateway.AppGatewayRef = rsp.ResolvedReference } + { + m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta2", "AppConnector", "AppConnectorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Connectors), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.ConnectorsRefs, + Selector: mg.Spec.InitProvider.ConnectorsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Connectors") + } + mg.Spec.InitProvider.Connectors = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.ConnectorsRefs = mrsp.ResolvedReferences + if mg.Spec.InitProvider.Gateway != nil { { m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta1", "AppGateway", "AppGatewayList") diff --git a/apis/binaryauthorization/v1beta2/zz_generated.deepcopy.go b/apis/binaryauthorization/v1beta2/zz_generated.deepcopy.go index c80294b9a..341753974 100644 --- a/apis/binaryauthorization/v1beta2/zz_generated.deepcopy.go +++ b/apis/binaryauthorization/v1beta2/zz_generated.deepcopy.go @@ -397,6 +397,18 @@ func (in *ClusterAdmissionRulesInitParameters) DeepCopyInto(out *ClusterAdmissio } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAdmissionRulesInitParameters. @@ -479,6 +491,18 @@ func (in *ClusterAdmissionRulesParameters) DeepCopyInto(out *ClusterAdmissionRul } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAdmissionRulesParameters. @@ -515,6 +539,18 @@ func (in *DefaultAdmissionRuleInitParameters) DeepCopyInto(out *DefaultAdmission } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultAdmissionRuleInitParameters. @@ -587,6 +623,18 @@ func (in *DefaultAdmissionRuleParameters) DeepCopyInto(out *DefaultAdmissionRule } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultAdmissionRuleParameters. diff --git a/apis/binaryauthorization/v1beta2/zz_generated.resolvers.go b/apis/binaryauthorization/v1beta2/zz_generated.resolvers.go index cea7c5624..5184f4710 100644 --- a/apis/binaryauthorization/v1beta2/zz_generated.resolvers.go +++ b/apis/binaryauthorization/v1beta2/zz_generated.resolvers.go @@ -71,3 +71,100 @@ func (mg *Attestor) ResolveReferences(ctx context.Context, c client.Reader) erro return nil } + +// ResolveReferences of this Policy. +func (mg *Policy) ResolveReferences(ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + + var mrsp reference.MultiResolutionResponse + var err error + + for i3 := 0; i3 < len(mg.Spec.ForProvider.ClusterAdmissionRules); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs, + Selector: mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy") + } + mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + if mg.Spec.ForProvider.DefaultAdmissionRule != nil { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsByRefs, + Selector: mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsBy") + } + mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.DefaultAdmissionRule.RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.ClusterAdmissionRules); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs, + Selector: mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy") + } + mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + if mg.Spec.InitProvider.DefaultAdmissionRule != nil { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsByRefs, + Selector: mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsBy") + } + mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.DefaultAdmissionRule.RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + + return nil +} diff --git a/apis/binaryauthorization/v1beta2/zz_policy_types.go b/apis/binaryauthorization/v1beta2/zz_policy_types.go index 3b9281988..05a21a48e 100755 --- a/apis/binaryauthorization/v1beta2/zz_policy_types.go +++ b/apis/binaryauthorization/v1beta2/zz_policy_types.go @@ -62,8 +62,17 @@ type ClusterAdmissionRulesInitParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type ClusterAdmissionRulesObservation struct { @@ -115,9 +124,18 @@ type ClusterAdmissionRulesParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +kubebuilder:validation:Optional // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type DefaultAdmissionRuleInitParameters struct { @@ -138,8 +156,17 @@ type DefaultAdmissionRuleInitParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type DefaultAdmissionRuleObservation struct { @@ -184,9 +211,18 @@ type DefaultAdmissionRuleParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +kubebuilder:validation:Optional // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type PolicyInitParameters struct { diff --git a/apis/certificatemanager/v1beta1/zz_certificatemapentry_types.go b/apis/certificatemanager/v1beta1/zz_certificatemapentry_types.go index 63def50a0..4438a38c7 100755 --- a/apis/certificatemanager/v1beta1/zz_certificatemapentry_types.go +++ b/apis/certificatemanager/v1beta1/zz_certificatemapentry_types.go @@ -18,8 +18,18 @@ type CertificateMapEntryInitParameters struct { // A set of Certificates defines for the given hostname. // There can be defined up to fifteen certificates in each Certificate Map Entry. // Each certificate must match pattern projects//locations//certificates/*. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta2.Certificate + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() Certificates []*string `json:"certificates,omitempty" tf:"certificates,omitempty"` + // References to Certificate in certificatemanager to populate certificates. + // +kubebuilder:validation:Optional + CertificatesRefs []v1.Reference `json:"certificatesRefs,omitempty" tf:"-"` + + // Selector for a list of Certificate in certificatemanager to populate certificates. + // +kubebuilder:validation:Optional + CertificatesSelector *v1.Selector `json:"certificatesSelector,omitempty" tf:"-"` + // A human-readable description of the resource. Description *string `json:"description,omitempty" tf:"description,omitempty"` @@ -104,9 +114,19 @@ type CertificateMapEntryParameters struct { // A set of Certificates defines for the given hostname. // There can be defined up to fifteen certificates in each Certificate Map Entry. // Each certificate must match pattern projects//locations//certificates/*. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta2.Certificate + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional Certificates []*string `json:"certificates,omitempty" tf:"certificates,omitempty"` + // References to Certificate in certificatemanager to populate certificates. + // +kubebuilder:validation:Optional + CertificatesRefs []v1.Reference `json:"certificatesRefs,omitempty" tf:"-"` + + // Selector for a list of Certificate in certificatemanager to populate certificates. + // +kubebuilder:validation:Optional + CertificatesSelector *v1.Selector `json:"certificatesSelector,omitempty" tf:"-"` + // A human-readable description of the resource. // +kubebuilder:validation:Optional Description *string `json:"description,omitempty" tf:"description,omitempty"` @@ -183,9 +203,8 @@ type CertificateMapEntryStatus struct { type CertificateMapEntry struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` - // +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.certificates) || (has(self.initProvider) && has(self.initProvider.certificates))",message="spec.forProvider.certificates is a required parameter" - Spec CertificateMapEntrySpec `json:"spec"` - Status CertificateMapEntryStatus `json:"status,omitempty"` + Spec CertificateMapEntrySpec `json:"spec"` + Status CertificateMapEntryStatus `json:"status,omitempty"` } // +kubebuilder:object:root=true diff --git a/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go b/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go index 136dfa4e0..4115b78b8 100644 --- a/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go +++ b/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go @@ -265,6 +265,18 @@ func (in *CertificateMapEntryInitParameters) DeepCopyInto(out *CertificateMapEnt } } } + if in.CertificatesRefs != nil { + in, out := &in.CertificatesRefs, &out.CertificatesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CertificatesSelector != nil { + in, out := &in.CertificatesSelector, &out.CertificatesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Description != nil { in, out := &in.Description, &out.Description *out = new(string) @@ -478,6 +490,18 @@ func (in *CertificateMapEntryParameters) DeepCopyInto(out *CertificateMapEntryPa } } } + if in.CertificatesRefs != nil { + in, out := &in.CertificatesRefs, &out.CertificatesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.CertificatesSelector != nil { + in, out := &in.CertificatesSelector, &out.CertificatesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Description != nil { in, out := &in.Description, &out.Description *out = new(string) diff --git a/apis/certificatemanager/v1beta1/zz_generated.resolvers.go b/apis/certificatemanager/v1beta1/zz_generated.resolvers.go index 79eaca2ba..d9d03ae39 100644 --- a/apis/certificatemanager/v1beta1/zz_generated.resolvers.go +++ b/apis/certificatemanager/v1beta1/zz_generated.resolvers.go @@ -9,8 +9,10 @@ package v1beta1 import ( "context" reference "github.com/crossplane/crossplane-runtime/pkg/reference" - xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + resource "github.com/crossplane/upjet/pkg/resource" errors "github.com/pkg/errors" + + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" apisresolver "github.com/upbound/provider-gcp/internal/apis" client "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -22,7 +24,27 @@ func (mg *CertificateMapEntry) ResolveReferences( // ResolveReferences of this C r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta2", "Certificate", "CertificateList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Certificates), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.CertificatesRefs, + Selector: mg.Spec.ForProvider.CertificatesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Certificates") + } + mg.Spec.ForProvider.Certificates = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.CertificatesRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "CertificateMap", "CertificateMapList") if err != nil { @@ -42,6 +64,25 @@ func (mg *CertificateMapEntry) ResolveReferences( // ResolveReferences of this C } mg.Spec.ForProvider.Map = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.MapRef = rsp.ResolvedReference + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta2", "Certificate", "CertificateList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Certificates), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.CertificatesRefs, + Selector: mg.Spec.InitProvider.CertificatesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Certificates") + } + mg.Spec.InitProvider.Certificates = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.CertificatesRefs = mrsp.ResolvedReferences return nil } diff --git a/apis/certificatemanager/v1beta2/zz_certificate_types.go b/apis/certificatemanager/v1beta2/zz_certificate_types.go index cdd8bd6e6..5d374a52f 100755 --- a/apis/certificatemanager/v1beta2/zz_certificate_types.go +++ b/apis/certificatemanager/v1beta2/zz_certificate_types.go @@ -178,12 +178,32 @@ type CertificateParameters struct { type ManagedInitParameters struct { // Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() DNSAuthorizations []*string `json:"dnsAuthorizations,omitempty" tf:"dns_authorizations,omitempty"` + // References to DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsRefs []v1.Reference `json:"dnsAuthorizationsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsSelector *v1.Selector `json:"dnsAuthorizationsSelector,omitempty" tf:"-"` + // The domains for which a managed SSL certificate will be generated. // Wildcard domains are only supported with DNS challenge resolution + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("domain",false) Domains []*string `json:"domains,omitempty" tf:"domains,omitempty"` + // References to DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsRefs []v1.Reference `json:"domainsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsSelector *v1.Selector `json:"domainsSelector,omitempty" tf:"-"` + // The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. // If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. // Either issuanceConfig or dnsAuthorizations should be specificed, but not both. @@ -223,14 +243,34 @@ type ManagedObservation struct { type ManagedParameters struct { // Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional DNSAuthorizations []*string `json:"dnsAuthorizations,omitempty" tf:"dns_authorizations,omitempty"` + // References to DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsRefs []v1.Reference `json:"dnsAuthorizationsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsSelector *v1.Selector `json:"dnsAuthorizationsSelector,omitempty" tf:"-"` + // The domains for which a managed SSL certificate will be generated. // Wildcard domains are only supported with DNS challenge resolution + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("domain",false) // +kubebuilder:validation:Optional Domains []*string `json:"domains,omitempty" tf:"domains,omitempty"` + // References to DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsRefs []v1.Reference `json:"domainsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsSelector *v1.Selector `json:"domainsSelector,omitempty" tf:"-"` + // The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. // If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. // Either issuanceConfig or dnsAuthorizations should be specificed, but not both. diff --git a/apis/certificatemanager/v1beta2/zz_generated.deepcopy.go b/apis/certificatemanager/v1beta2/zz_generated.deepcopy.go index 03358b854..c80f0d917 100644 --- a/apis/certificatemanager/v1beta2/zz_generated.deepcopy.go +++ b/apis/certificatemanager/v1beta2/zz_generated.deepcopy.go @@ -401,6 +401,18 @@ func (in *ManagedInitParameters) DeepCopyInto(out *ManagedInitParameters) { } } } + if in.DNSAuthorizationsRefs != nil { + in, out := &in.DNSAuthorizationsRefs, &out.DNSAuthorizationsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DNSAuthorizationsSelector != nil { + in, out := &in.DNSAuthorizationsSelector, &out.DNSAuthorizationsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Domains != nil { in, out := &in.Domains, &out.Domains *out = make([]*string, len(*in)) @@ -412,6 +424,18 @@ func (in *ManagedInitParameters) DeepCopyInto(out *ManagedInitParameters) { } } } + if in.DomainsRefs != nil { + in, out := &in.DomainsRefs, &out.DomainsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DomainsSelector != nil { + in, out := &in.DomainsSelector, &out.DomainsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.IssuanceConfig != nil { in, out := &in.IssuanceConfig, &out.IssuanceConfig *out = new(string) @@ -504,6 +528,18 @@ func (in *ManagedParameters) DeepCopyInto(out *ManagedParameters) { } } } + if in.DNSAuthorizationsRefs != nil { + in, out := &in.DNSAuthorizationsRefs, &out.DNSAuthorizationsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DNSAuthorizationsSelector != nil { + in, out := &in.DNSAuthorizationsSelector, &out.DNSAuthorizationsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Domains != nil { in, out := &in.Domains, &out.Domains *out = make([]*string, len(*in)) @@ -515,6 +551,18 @@ func (in *ManagedParameters) DeepCopyInto(out *ManagedParameters) { } } } + if in.DomainsRefs != nil { + in, out := &in.DomainsRefs, &out.DomainsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DomainsSelector != nil { + in, out := &in.DomainsSelector, &out.DomainsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.IssuanceConfig != nil { in, out := &in.IssuanceConfig, &out.IssuanceConfig *out = new(string) diff --git a/apis/certificatemanager/v1beta2/zz_generated.resolvers.go b/apis/certificatemanager/v1beta2/zz_generated.resolvers.go new file mode 100644 index 000000000..1e8b599b8 --- /dev/null +++ b/apis/certificatemanager/v1beta2/zz_generated.resolvers.go @@ -0,0 +1,115 @@ +// SPDX-FileCopyrightText: 2024 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 +// Code generated by angryjet. DO NOT EDIT. +// Code transformed by upjet. DO NOT EDIT. + +package v1beta2 + +import ( + "context" + reference "github.com/crossplane/crossplane-runtime/pkg/reference" + resource "github.com/crossplane/upjet/pkg/resource" + errors "github.com/pkg/errors" + + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + apisresolver "github.com/upbound/provider-gcp/internal/apis" + client "sigs.k8s.io/controller-runtime/pkg/client" +) + +func (mg *Certificate) ResolveReferences( // ResolveReferences of this Certificate. + ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + + var mrsp reference.MultiResolutionResponse + var err error + + if mg.Spec.ForProvider.Managed != nil { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Managed.DNSAuthorizations), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.Managed.DNSAuthorizationsRefs, + Selector: mg.Spec.ForProvider.Managed.DNSAuthorizationsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Managed.DNSAuthorizations") + } + mg.Spec.ForProvider.Managed.DNSAuthorizations = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Managed.DNSAuthorizationsRefs = mrsp.ResolvedReferences + + } + if mg.Spec.ForProvider.Managed != nil { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Managed.Domains), + Extract: resource.ExtractParamPath("domain", false), + References: mg.Spec.ForProvider.Managed.DomainsRefs, + Selector: mg.Spec.ForProvider.Managed.DomainsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Managed.Domains") + } + mg.Spec.ForProvider.Managed.Domains = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Managed.DomainsRefs = mrsp.ResolvedReferences + + } + if mg.Spec.InitProvider.Managed != nil { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Managed.DNSAuthorizations), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.Managed.DNSAuthorizationsRefs, + Selector: mg.Spec.InitProvider.Managed.DNSAuthorizationsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Managed.DNSAuthorizations") + } + mg.Spec.InitProvider.Managed.DNSAuthorizations = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Managed.DNSAuthorizationsRefs = mrsp.ResolvedReferences + + } + if mg.Spec.InitProvider.Managed != nil { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Managed.Domains), + Extract: resource.ExtractParamPath("domain", false), + References: mg.Spec.InitProvider.Managed.DomainsRefs, + Selector: mg.Spec.InitProvider.Managed.DomainsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Managed.Domains") + } + mg.Spec.InitProvider.Managed.Domains = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Managed.DomainsRefs = mrsp.ResolvedReferences + + } + + return nil +} diff --git a/apis/cloudrun/v1beta2/zz_generated.deepcopy.go b/apis/cloudrun/v1beta2/zz_generated.deepcopy.go index b536ca61e..47bf8790c 100644 --- a/apis/cloudrun/v1beta2/zz_generated.deepcopy.go +++ b/apis/cloudrun/v1beta2/zz_generated.deepcopy.go @@ -102,6 +102,18 @@ func (in *CloudSQLInstanceInitParameters) DeepCopyInto(out *CloudSQLInstanceInit } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudSQLInstanceInitParameters. @@ -154,6 +166,18 @@ func (in *CloudSQLInstanceParameters) DeepCopyInto(out *CloudSQLInstanceParamete } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudSQLInstanceParameters. @@ -10665,6 +10689,18 @@ func (in *VolumesCloudSQLInstanceInitParameters) DeepCopyInto(out *VolumesCloudS } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumesCloudSQLInstanceInitParameters. @@ -10717,6 +10753,18 @@ func (in *VolumesCloudSQLInstanceParameters) DeepCopyInto(out *VolumesCloudSQLIn } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumesCloudSQLInstanceParameters. diff --git a/apis/cloudrun/v1beta2/zz_generated.resolvers.go b/apis/cloudrun/v1beta2/zz_generated.resolvers.go index 6893f6467..5e51929c4 100644 --- a/apis/cloudrun/v1beta2/zz_generated.resolvers.go +++ b/apis/cloudrun/v1beta2/zz_generated.resolvers.go @@ -9,6 +9,7 @@ package v1beta2 import ( "context" reference "github.com/crossplane/crossplane-runtime/pkg/reference" + resource "github.com/crossplane/upjet/pkg/resource" errors "github.com/pkg/errors" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" @@ -379,6 +380,7 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error if mg.Spec.ForProvider.Template != nil { @@ -412,6 +414,33 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { } } } + if mg.Spec.ForProvider.Template != nil { + if mg.Spec.ForProvider.Template.Template != nil { + for i5 := 0; i5 < len(mg.Spec.ForProvider.Template.Template.Volumes); i5++ { + if mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance != nil { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesRefs, + Selector: mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances") + } + mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesRefs = mrsp.ResolvedReferences + + } + } + } + } if mg.Spec.ForProvider.Template != nil { if mg.Spec.ForProvider.Template.Template != nil { for i5 := 0; i5 < len(mg.Spec.ForProvider.Template.Template.Volumes); i5++ { @@ -470,6 +499,33 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { } } } + if mg.Spec.InitProvider.Template != nil { + if mg.Spec.InitProvider.Template.Template != nil { + for i5 := 0; i5 < len(mg.Spec.InitProvider.Template.Template.Volumes); i5++ { + if mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance != nil { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesRefs, + Selector: mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances") + } + mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Template.Template.Volumes[i5].CloudSQLInstance.InstancesRefs = mrsp.ResolvedReferences + + } + } + } + } if mg.Spec.InitProvider.Template != nil { if mg.Spec.InitProvider.Template.Template != nil { for i5 := 0; i5 < len(mg.Spec.InitProvider.Template.Template.Volumes); i5++ { @@ -508,6 +564,7 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error if mg.Spec.ForProvider.Template != nil { @@ -539,6 +596,31 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err } } } + if mg.Spec.ForProvider.Template != nil { + for i4 := 0; i4 < len(mg.Spec.ForProvider.Template.Volumes); i4++ { + if mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance != nil { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.InstancesRefs, + Selector: mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.Instances") + } + mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Template.Volumes[i4].CloudSQLInstance.InstancesRefs = mrsp.ResolvedReferences + + } + } + } if mg.Spec.ForProvider.Template != nil { for i4 := 0; i4 < len(mg.Spec.ForProvider.Template.Volumes); i4++ { if mg.Spec.ForProvider.Template.Volumes[i4].Gcs != nil { @@ -618,6 +700,31 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err } } } + if mg.Spec.InitProvider.Template != nil { + for i4 := 0; i4 < len(mg.Spec.InitProvider.Template.Volumes); i4++ { + if mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance != nil { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.InstancesRefs, + Selector: mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.Instances") + } + mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Template.Volumes[i4].CloudSQLInstance.InstancesRefs = mrsp.ResolvedReferences + + } + } + } if mg.Spec.InitProvider.Template != nil { for i4 := 0; i4 < len(mg.Spec.InitProvider.Template.Volumes); i4++ { if mg.Spec.InitProvider.Template.Volumes[i4].Gcs != nil { diff --git a/apis/cloudrun/v1beta2/zz_v2job_types.go b/apis/cloudrun/v1beta2/zz_v2job_types.go index 75c99b5fe..3ae619e57 100755 --- a/apis/cloudrun/v1beta2/zz_v2job_types.go +++ b/apis/cloudrun/v1beta2/zz_v2job_types.go @@ -45,7 +45,17 @@ type BinaryAuthorizationParameters struct { type CloudSQLInstanceInitParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type CloudSQLInstanceObservation struct { @@ -57,8 +67,18 @@ type CloudSQLInstanceObservation struct { type CloudSQLInstanceParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +kubebuilder:validation:Optional Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type ContainersEnvInitParameters struct { diff --git a/apis/cloudrun/v1beta2/zz_v2service_types.go b/apis/cloudrun/v1beta2/zz_v2service_types.go index 28c605701..ad78cf5ce 100755 --- a/apis/cloudrun/v1beta2/zz_v2service_types.go +++ b/apis/cloudrun/v1beta2/zz_v2service_types.go @@ -1825,8 +1825,18 @@ type VPCAccessNetworkInterfacesParameters struct { type VolumesCloudSQLInstanceInitParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type VolumesCloudSQLInstanceObservation struct { @@ -1839,9 +1849,19 @@ type VolumesCloudSQLInstanceObservation struct { type VolumesCloudSQLInstanceParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +kubebuilder:validation:Optional // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type VolumesSecretItemsInitParameters struct { diff --git a/apis/compute/v1beta1/zz_generated.deepcopy.go b/apis/compute/v1beta1/zz_generated.deepcopy.go index 883528cc3..734dc72ca 100644 --- a/apis/compute/v1beta1/zz_generated.deepcopy.go +++ b/apis/compute/v1beta1/zz_generated.deepcopy.go @@ -23665,6 +23665,18 @@ func (in *InstanceGroupInitParameters) DeepCopyInto(out *InstanceGroupInitParame } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.NamedPort != nil { in, out := &in.NamedPort, &out.NamedPort *out = make([]NamedPortInitParameters, len(*in)) @@ -24654,6 +24666,18 @@ func (in *InstanceGroupParameters) DeepCopyInto(out *InstanceGroupParameters) { } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.NamedPort != nil { in, out := &in.NamedPort, &out.NamedPort *out = make([]NamedPortParameters, len(*in)) @@ -29301,6 +29325,18 @@ func (in *InterconnectAttachmentInitParameters) DeepCopyInto(out *InterconnectAt } } } + if in.IpsecInternalAddressesRefs != nil { + in, out := &in.IpsecInternalAddressesRefs, &out.IpsecInternalAddressesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IpsecInternalAddressesSelector != nil { + in, out := &in.IpsecInternalAddressesSelector, &out.IpsecInternalAddressesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Mtu != nil { in, out := &in.Mtu, &out.Mtu *out = new(string) @@ -29614,6 +29650,18 @@ func (in *InterconnectAttachmentParameters) DeepCopyInto(out *InterconnectAttach } } } + if in.IpsecInternalAddressesRefs != nil { + in, out := &in.IpsecInternalAddressesRefs, &out.IpsecInternalAddressesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.IpsecInternalAddressesSelector != nil { + in, out := &in.IpsecInternalAddressesSelector, &out.IpsecInternalAddressesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Mtu != nil { in, out := &in.Mtu, &out.Mtu *out = new(string) diff --git a/apis/compute/v1beta1/zz_generated.resolvers.go b/apis/compute/v1beta1/zz_generated.resolvers.go index c3a0cdec4..f2a491047 100644 --- a/apis/compute/v1beta1/zz_generated.resolvers.go +++ b/apis/compute/v1beta1/zz_generated.resolvers.go @@ -1881,7 +1881,27 @@ func (mg *InstanceGroup) ResolveReferences(ctx context.Context, c client.Reader) r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.InstancesRefs, + Selector: mg.Spec.ForProvider.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Instances") + } + mg.Spec.ForProvider.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.InstancesRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Network", "NetworkList") if err != nil { @@ -1901,6 +1921,25 @@ func (mg *InstanceGroup) ResolveReferences(ctx context.Context, c client.Reader) } mg.Spec.ForProvider.Network = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.NetworkRef = rsp.ResolvedReference + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.InstancesRefs, + Selector: mg.Spec.InitProvider.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Instances") + } + mg.Spec.InitProvider.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.InstancesRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Network", "NetworkList") if err != nil { @@ -2298,7 +2337,27 @@ func (mg *InterconnectAttachment) ResolveReferences(ctx context.Context, c clien r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.IpsecInternalAddresses), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.ForProvider.IpsecInternalAddressesRefs, + Selector: mg.Spec.ForProvider.IpsecInternalAddressesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.IpsecInternalAddresses") + } + mg.Spec.ForProvider.IpsecInternalAddresses = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.IpsecInternalAddressesRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Router", "RouterList") if err != nil { @@ -2318,6 +2377,25 @@ func (mg *InterconnectAttachment) ResolveReferences(ctx context.Context, c clien } mg.Spec.ForProvider.Router = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.RouterRef = rsp.ResolvedReference + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.IpsecInternalAddresses), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.InitProvider.IpsecInternalAddressesRefs, + Selector: mg.Spec.InitProvider.IpsecInternalAddressesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.IpsecInternalAddresses") + } + mg.Spec.InitProvider.IpsecInternalAddresses = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.IpsecInternalAddressesRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Router", "RouterList") if err != nil { diff --git a/apis/compute/v1beta1/zz_instancegroup_types.go b/apis/compute/v1beta1/zz_instancegroup_types.go index 67aa096e9..925c5b8fa 100755 --- a/apis/compute/v1beta1/zz_instancegroup_types.go +++ b/apis/compute/v1beta1/zz_instancegroup_types.go @@ -21,9 +21,19 @@ type InstanceGroupInitParameters struct { // The list of instances in the group, in self_link format. // When adding instances they must all be in the same network and zone as the instance group. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // The named port configuration. See the section below // for details on configuration. Structure is documented below. NamedPort []NamedPortInitParameters `json:"namedPort,omitempty" tf:"named_port,omitempty"` @@ -96,10 +106,20 @@ type InstanceGroupParameters struct { // The list of instances in the group, in self_link format. // When adding instances they must all be in the same network and zone as the instance group. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // The named port configuration. See the section below // for details on configuration. Structure is documented below. // +kubebuilder:validation:Optional diff --git a/apis/compute/v1beta1/zz_interconnectattachment_types.go b/apis/compute/v1beta1/zz_interconnectattachment_types.go index 8d9db8ebf..eb8618873 100755 --- a/apis/compute/v1beta1/zz_interconnectattachment_types.go +++ b/apis/compute/v1beta1/zz_interconnectattachment_types.go @@ -72,8 +72,18 @@ type InterconnectAttachmentInitParameters struct { // encryption option as IPSEC, later on when creating HA VPN gateway on this // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) IpsecInternalAddresses []*string `json:"ipsecInternalAddresses,omitempty" tf:"ipsec_internal_addresses,omitempty"` + // References to Address in compute to populate ipsecInternalAddresses. + // +kubebuilder:validation:Optional + IpsecInternalAddressesRefs []v1.Reference `json:"ipsecInternalAddressesRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate ipsecInternalAddresses. + // +kubebuilder:validation:Optional + IpsecInternalAddressesSelector *v1.Selector `json:"ipsecInternalAddressesSelector,omitempty" tf:"-"` + // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. Mtu *string `json:"mtu,omitempty" tf:"mtu,omitempty"` @@ -339,9 +349,19 @@ type InterconnectAttachmentParameters struct { // encryption option as IPSEC, later on when creating HA VPN gateway on this // interconnect attachment, the HA VPN gateway's IP address will be // allocated from regional external IP address pool. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +kubebuilder:validation:Optional IpsecInternalAddresses []*string `json:"ipsecInternalAddresses,omitempty" tf:"ipsec_internal_addresses,omitempty"` + // References to Address in compute to populate ipsecInternalAddresses. + // +kubebuilder:validation:Optional + IpsecInternalAddressesRefs []v1.Reference `json:"ipsecInternalAddressesRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate ipsecInternalAddresses. + // +kubebuilder:validation:Optional + IpsecInternalAddressesSelector *v1.Selector `json:"ipsecInternalAddressesSelector,omitempty" tf:"-"` + // Maximum Transmission Unit (MTU), in bytes, of packets passing through // this interconnect attachment. Currently, only 1440 and 1500 are allowed. If not specified, the value will default to 1440. // +kubebuilder:validation:Optional diff --git a/apis/compute/v1beta2/zz_generated.deepcopy.go b/apis/compute/v1beta2/zz_generated.deepcopy.go index 1f1232223..0396c7015 100644 --- a/apis/compute/v1beta2/zz_generated.deepcopy.go +++ b/apis/compute/v1beta2/zz_generated.deepcopy.go @@ -192,6 +192,18 @@ func (in *ActionInitParameters) DeepCopyInto(out *ActionInitParameters) { } } } + if in.SourceNATActiveIpsRefs != nil { + in, out := &in.SourceNATActiveIpsRefs, &out.SourceNATActiveIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SourceNATActiveIpsSelector != nil { + in, out := &in.SourceNATActiveIpsSelector, &out.SourceNATActiveIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.SourceNATDrainIps != nil { in, out := &in.SourceNATDrainIps, &out.SourceNATDrainIps *out = make([]*string, len(*in)) @@ -266,6 +278,18 @@ func (in *ActionParameters) DeepCopyInto(out *ActionParameters) { } } } + if in.SourceNATActiveIpsRefs != nil { + in, out := &in.SourceNATActiveIpsRefs, &out.SourceNATActiveIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SourceNATActiveIpsSelector != nil { + in, out := &in.SourceNATActiveIpsSelector, &out.SourceNATActiveIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.SourceNATDrainIps != nil { in, out := &in.SourceNATDrainIps, &out.SourceNATDrainIps *out = make([]*string, len(*in)) @@ -21407,6 +21431,18 @@ func (in *InstanceTemplateDiskInitParameters) DeepCopyInto(out *InstanceTemplate } } } + if in.ResourcePoliciesRefs != nil { + in, out := &in.ResourcePoliciesRefs, &out.ResourcePoliciesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResourcePoliciesSelector != nil { + in, out := &in.ResourcePoliciesSelector, &out.ResourcePoliciesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Source != nil { in, out := &in.Source, &out.Source *out = new(string) @@ -21693,6 +21729,18 @@ func (in *InstanceTemplateDiskParameters) DeepCopyInto(out *InstanceTemplateDisk } } } + if in.ResourcePoliciesRefs != nil { + in, out := &in.ResourcePoliciesRefs, &out.ResourcePoliciesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResourcePoliciesSelector != nil { + in, out := &in.ResourcePoliciesSelector, &out.ResourcePoliciesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Source != nil { in, out := &in.Source, &out.Source *out = new(string) @@ -49857,6 +49905,18 @@ func (in *RouterNATInitParameters) DeepCopyInto(out *RouterNATInitParameters) { } } } + if in.NATIpsRefs != nil { + in, out := &in.NATIpsRefs, &out.NATIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.NATIpsSelector != nil { + in, out := &in.NATIpsSelector, &out.NATIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Project != nil { in, out := &in.Project, &out.Project *out = new(string) @@ -50243,6 +50303,18 @@ func (in *RouterNATParameters) DeepCopyInto(out *RouterNATParameters) { } } } + if in.NATIpsRefs != nil { + in, out := &in.NATIpsRefs, &out.NATIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.NATIpsSelector != nil { + in, out := &in.NATIpsSelector, &out.NATIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Project != nil { in, out := &in.Project, &out.Project *out = new(string) diff --git a/apis/compute/v1beta2/zz_generated.resolvers.go b/apis/compute/v1beta2/zz_generated.resolvers.go index dc59372d0..5c181eabd 100644 --- a/apis/compute/v1beta2/zz_generated.resolvers.go +++ b/apis/compute/v1beta2/zz_generated.resolvers.go @@ -1421,8 +1421,30 @@ func (mg *InstanceTemplate) ResolveReferences(ctx context.Context, c client.Read r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + for i3 := 0; i3 < len(mg.Spec.ForProvider.Disk); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "ResourcePolicy", "ResourcePolicyList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Disk[i3].ResourcePolicies), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.Disk[i3].ResourcePoliciesRefs, + Selector: mg.Spec.ForProvider.Disk[i3].ResourcePoliciesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Disk[i3].ResourcePolicies") + } + mg.Spec.ForProvider.Disk[i3].ResourcePolicies = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Disk[i3].ResourcePoliciesRefs = mrsp.ResolvedReferences + + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Disk); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Disk", "DiskList") @@ -1506,6 +1528,27 @@ func (mg *InstanceTemplate) ResolveReferences(ctx context.Context, c client.Read mg.Spec.ForProvider.ServiceAccount.Email = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ServiceAccount.EmailRef = rsp.ResolvedReference + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Disk); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "ResourcePolicy", "ResourcePolicyList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Disk[i3].ResourcePolicies), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.Disk[i3].ResourcePoliciesRefs, + Selector: mg.Spec.InitProvider.Disk[i3].ResourcePoliciesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Disk[i3].ResourcePolicies") + } + mg.Spec.InitProvider.Disk[i3].ResourcePolicies = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Disk[i3].ResourcePoliciesRefs = mrsp.ResolvedReferences + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Disk); i3++ { { @@ -3264,7 +3307,27 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.NATIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.ForProvider.NATIpsRefs, + Selector: mg.Spec.ForProvider.NATIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.NATIps") + } + mg.Spec.ForProvider.NATIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.NATIpsRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Router", "RouterList") if err != nil { @@ -3285,6 +3348,29 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.Router = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.RouterRef = rsp.ResolvedReference + for i3 := 0; i3 < len(mg.Spec.ForProvider.Rules); i3++ { + if mg.Spec.ForProvider.Rules[i3].Action != nil { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIpsRefs, + Selector: mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIps") + } + mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Rules[i3].Action.SourceNATActiveIpsRefs = mrsp.ResolvedReferences + + } + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Subnetwork); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Subnetwork", "SubnetworkList") @@ -3306,6 +3392,48 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.Subnetwork[i3].NameRef = rsp.ResolvedReference } + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.NATIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.InitProvider.NATIpsRefs, + Selector: mg.Spec.InitProvider.NATIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.NATIps") + } + mg.Spec.InitProvider.NATIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.NATIpsRefs = mrsp.ResolvedReferences + + for i3 := 0; i3 < len(mg.Spec.InitProvider.Rules); i3++ { + if mg.Spec.InitProvider.Rules[i3].Action != nil { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIpsRefs, + Selector: mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIps") + } + mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Rules[i3].Action.SourceNATActiveIpsRefs = mrsp.ResolvedReferences + + } + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Subnetwork); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Subnetwork", "SubnetworkList") diff --git a/apis/compute/v1beta2/zz_instancetemplate_types.go b/apis/compute/v1beta2/zz_instancetemplate_types.go index dac63831e..c05dfc311 100755 --- a/apis/compute/v1beta2/zz_instancetemplate_types.go +++ b/apis/compute/v1beta2/zz_instancetemplate_types.go @@ -236,8 +236,18 @@ type InstanceTemplateDiskInitParameters struct { ResourceManagerTags map[string]*string `json:"resourceManagerTags,omitempty" tf:"resource_manager_tags,omitempty"` // - A list (short name or id) of resource policies to attach to this disk for automatic snapshot creations. Currently a max of 1 resource policy is supported. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.ResourcePolicy + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() ResourcePolicies []*string `json:"resourcePolicies,omitempty" tf:"resource_policies,omitempty"` + // References to ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesRefs []v1.Reference `json:"resourcePoliciesRefs,omitempty" tf:"-"` + + // Selector for a list of ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesSelector *v1.Selector `json:"resourcePoliciesSelector,omitempty" tf:"-"` + // The name (not self_link) // of the disk (such as those managed by google_compute_disk) to attach. // ~> Note: Either source, source_image, or source_snapshot is required in a disk block unless the disk type is local-ssd. Check the API docs for details. @@ -441,9 +451,19 @@ type InstanceTemplateDiskParameters struct { ResourceManagerTags map[string]*string `json:"resourceManagerTags,omitempty" tf:"resource_manager_tags,omitempty"` // - A list (short name or id) of resource policies to attach to this disk for automatic snapshot creations. Currently a max of 1 resource policy is supported. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.ResourcePolicy + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional ResourcePolicies []*string `json:"resourcePolicies,omitempty" tf:"resource_policies,omitempty"` + // References to ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesRefs []v1.Reference `json:"resourcePoliciesRefs,omitempty" tf:"-"` + + // Selector for a list of ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesSelector *v1.Selector `json:"resourcePoliciesSelector,omitempty" tf:"-"` + // The name (not self_link) // of the disk (such as those managed by google_compute_disk) to attach. // ~> Note: Either source, source_image, or source_snapshot is required in a disk block unless the disk type is local-ssd. Check the API docs for details. diff --git a/apis/compute/v1beta2/zz_routernat_types.go b/apis/compute/v1beta2/zz_routernat_types.go index 11cf845e9..ffed45276 100755 --- a/apis/compute/v1beta2/zz_routernat_types.go +++ b/apis/compute/v1beta2/zz_routernat_types.go @@ -18,9 +18,19 @@ type ActionInitParameters struct { // A list of URLs of the IP resources used for this NAT rule. // These IP addresses must be valid static external IP addresses assigned to the project. // This field is used for public NAT. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +listType=set SourceNATActiveIps []*string `json:"sourceNatActiveIps,omitempty" tf:"source_nat_active_ips,omitempty"` + // References to Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsRefs []v1.Reference `json:"sourceNatActiveIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsSelector *v1.Selector `json:"sourceNatActiveIpsSelector,omitempty" tf:"-"` + // A list of URLs of the IP resources to be drained. // These IPs must be valid static external IPs that have been assigned to the NAT. // These IPs should be used for updating/patching a NAT rule only. @@ -50,10 +60,20 @@ type ActionParameters struct { // A list of URLs of the IP resources used for this NAT rule. // These IP addresses must be valid static external IP addresses assigned to the project. // This field is used for public NAT. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +kubebuilder:validation:Optional // +listType=set SourceNATActiveIps []*string `json:"sourceNatActiveIps,omitempty" tf:"source_nat_active_ips,omitempty"` + // References to Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsRefs []v1.Reference `json:"sourceNatActiveIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsSelector *v1.Selector `json:"sourceNatActiveIpsSelector,omitempty" tf:"-"` + // A list of URLs of the IP resources to be drained. // These IPs must be valid static external IPs that have been assigned to the NAT. // These IPs should be used for updating/patching a NAT rule only. @@ -116,9 +136,19 @@ type RouterNATInitParameters struct { // Self-links of NAT IPs. Only valid if natIpAllocateOption // is set to MANUAL_ONLY. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +listType=set NATIps []*string `json:"natIps,omitempty" tf:"nat_ips,omitempty"` + // References to Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsRefs []v1.Reference `json:"natIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsSelector *v1.Selector `json:"natIpsSelector,omitempty" tf:"-"` + // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `json:"project,omitempty" tf:"project,omitempty"` @@ -363,10 +393,20 @@ type RouterNATParameters struct { // Self-links of NAT IPs. Only valid if natIpAllocateOption // is set to MANUAL_ONLY. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +kubebuilder:validation:Optional // +listType=set NATIps []*string `json:"natIps,omitempty" tf:"nat_ips,omitempty"` + // References to Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsRefs []v1.Reference `json:"natIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsSelector *v1.Selector `json:"natIpsSelector,omitempty" tf:"-"` + // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. // +kubebuilder:validation:Optional diff --git a/apis/osconfig/v1beta2/zz_generated.deepcopy.go b/apis/osconfig/v1beta2/zz_generated.deepcopy.go index 6e8e58210..52986a5f8 100644 --- a/apis/osconfig/v1beta2/zz_generated.deepcopy.go +++ b/apis/osconfig/v1beta2/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1beta2 import ( + "github.com/crossplane/crossplane-runtime/apis/common/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -3802,6 +3803,18 @@ func (in *PatchDeploymentInstanceFilterInitParameters) DeepCopyInto(out *PatchDe } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Zones != nil { in, out := &in.Zones, &out.Zones *out = make([]*string, len(*in)) @@ -3922,6 +3935,18 @@ func (in *PatchDeploymentInstanceFilterParameters) DeepCopyInto(out *PatchDeploy } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Zones != nil { in, out := &in.Zones, &out.Zones *out = make([]*string, len(*in)) diff --git a/apis/osconfig/v1beta2/zz_generated.resolvers.go b/apis/osconfig/v1beta2/zz_generated.resolvers.go new file mode 100644 index 000000000..5ed1ac075 --- /dev/null +++ b/apis/osconfig/v1beta2/zz_generated.resolvers.go @@ -0,0 +1,73 @@ +// SPDX-FileCopyrightText: 2024 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 +// Code generated by angryjet. DO NOT EDIT. +// Code transformed by upjet. DO NOT EDIT. + +package v1beta2 + +import ( + "context" + reference "github.com/crossplane/crossplane-runtime/pkg/reference" + resource "github.com/crossplane/upjet/pkg/resource" + errors "github.com/pkg/errors" + + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + apisresolver "github.com/upbound/provider-gcp/internal/apis" + client "sigs.k8s.io/controller-runtime/pkg/client" +) + +func (mg *PatchDeployment) ResolveReferences( // ResolveReferences of this PatchDeployment. + ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + + var mrsp reference.MultiResolutionResponse + var err error + + if mg.Spec.ForProvider.InstanceFilter != nil { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.InstanceFilter.Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.InstanceFilter.InstancesRefs, + Selector: mg.Spec.ForProvider.InstanceFilter.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.InstanceFilter.Instances") + } + mg.Spec.ForProvider.InstanceFilter.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.InstanceFilter.InstancesRefs = mrsp.ResolvedReferences + + } + if mg.Spec.InitProvider.InstanceFilter != nil { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.InstanceFilter.Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.InstanceFilter.InstancesRefs, + Selector: mg.Spec.InitProvider.InstanceFilter.InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.InstanceFilter.Instances") + } + mg.Spec.InitProvider.InstanceFilter.Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.InstanceFilter.InstancesRefs = mrsp.ResolvedReferences + + } + + return nil +} diff --git a/apis/osconfig/v1beta2/zz_patchdeployment_types.go b/apis/osconfig/v1beta2/zz_patchdeployment_types.go index 2825467dd..156ee5bd8 100755 --- a/apis/osconfig/v1beta2/zz_patchdeployment_types.go +++ b/apis/osconfig/v1beta2/zz_patchdeployment_types.go @@ -598,8 +598,18 @@ type PatchDeploymentInstanceFilterInitParameters struct { // Targets any of the VM instances specified. Instances are specified by their URI in the form zones/{{zone}}/instances/{{instance_name}}, // projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}, or // https://www.googleapis.com/compute/v1/projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` } @@ -645,9 +655,19 @@ type PatchDeploymentInstanceFilterParameters struct { // Targets any of the VM instances specified. Instances are specified by their URI in the form zones/{{zone}}/instances/{{instance_name}}, // projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}, or // https://www.googleapis.com/compute/v1/projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. // +kubebuilder:validation:Optional Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` diff --git a/config/provider-metadata.yaml b/config/provider-metadata.yaml index 62f2814d6..fb89c711e 100644 --- a/config/provider-metadata.yaml +++ b/config/provider-metadata.yaml @@ -962,6 +962,8 @@ resources: "group_key": "${trimprefix(google_cloud_identity_group.group.id, \"groups/\")}", "organization_id": "123456789" } + references: + access_levels: google_access_context_manager_access_level.access_level_id_for_user_access_binding.name dependencies: google_access_context_manager_access_level.access_level_id_for_user_access_binding: |- { @@ -1167,6 +1169,7 @@ resources: "title": "%s" } references: + status.access_levels: google_access_context_manager_access_level.access-level.name status.ingress_policies.ingress_from.sources.access_level: google_access_context_manager_access_level.test-access.name dependencies: google_access_context_manager_access_level.access-level: |- @@ -10857,6 +10860,8 @@ resources: "name": "my-app-connection", "type": "TCP_PROXY" } + references: + connectors: google_beyondcorp_app_connector.app_connector.id dependencies: google_beyondcorp_app_connector.app_connector: |- { @@ -10902,6 +10907,7 @@ resources: "type": "TCP_PROXY" } references: + connectors: google_beyondcorp_app_connector.app_connector.id gateway.app_gateway: google_beyondcorp_app_gateway.app_gateway.id dependencies: google_beyondcorp_app_connector.app_connector: |- @@ -16283,6 +16289,7 @@ resources: ] } references: + all_updates_rule.monitoring_notification_channels: google_monitoring_notification_channel.notification_channel.id billing_account: data.google_billing_account.account.id dependencies: google_monitoring_notification_channel.notification_channel: |- @@ -16948,6 +16955,8 @@ resources: } ] } + references: + cluster_admission_rules.require_attestations_by: google_binary_authorization_attestor.attestor.name dependencies: google_binary_authorization_attestor.attestor: |- { @@ -16985,6 +16994,8 @@ resources: ], "global_policy_evaluation_mode": "ENABLE" } + references: + default_admission_rule.require_attestations_by: google_binary_authorization_attestor.attestor.name dependencies: google_binary_authorization_attestor.attestor: |- { @@ -17329,6 +17340,9 @@ resources: "name": "dns-cert", "scope": "EDGE_CACHE" } + references: + managed.dns_authorizations: google_certificate_manager_dns_authorization.instance.id + managed.domains: google_certificate_manager_dns_authorization.instance.domain dependencies: google_certificate_manager_dns_authorization.instance: |- { @@ -17593,6 +17607,9 @@ resources: "name": "dns-cert", "scope": "ALL_REGIONS" } + references: + managed.dns_authorizations: google_certificate_manager_dns_authorization.instance.id + managed.domains: google_certificate_manager_dns_authorization.instance.domain dependencies: google_certificate_manager_dns_authorization.instance: |- { @@ -17623,6 +17640,9 @@ resources: ], "name": "dns-cert" } + references: + managed.dns_authorizations: google_certificate_manager_dns_authorization.instance.id + managed.domains: google_certificate_manager_dns_authorization.instance.domain dependencies: google_certificate_manager_dns_authorization.instance: |- { @@ -18051,6 +18071,7 @@ resources: "name": "cert-map-entry" } references: + certificates: google_certificate_manager_certificate.certificate.id map: google_certificate_manager_certificate_map.certificate_map.name dependencies: google_certificate_manager_certificate.certificate: |- @@ -19624,6 +19645,8 @@ resources: } ] } + references: + lifecycle.ignore_changes: metadata.0.annotations - name: default manifest: |- { @@ -19714,6 +19737,7 @@ resources: ] } references: + lifecycle.ignore_changes: metadata[0].annotations["run.googleapis.com/launch-stage"] provider: google-beta argumentDocs: autoscaling.knative.dev/maxScale: |- @@ -20500,6 +20524,8 @@ resources: } ] } + references: + lifecycle.ignore_changes: launch_stage - name: default manifest: |- { @@ -20558,6 +20584,7 @@ resources: } references: template.template.containers.env.value_source.secret_key_ref.secret: google_secret_manager_secret.secret.secret_id + template.template.volumes.cloud_sql_instance.instances: google_sql_database_instance.instance.connection_name dependencies: google_secret_manager_secret.secret: |- { @@ -21469,6 +21496,7 @@ resources: } references: template.containers.env.value_source.secret_key_ref.secret: google_secret_manager_secret.secret.secret_id + template.volumes.cloud_sql_instance.instances: google_sql_database_instance.instance.connection_name dependencies: google_secret_manager_secret.secret: |- { @@ -30854,6 +30882,8 @@ resources: ], "name": "backend-service" } + references: + health_checks: google_compute_http_health_check.default.id dependencies: google_compute_http_health_check.default: |- { @@ -30889,6 +30919,8 @@ resources: ], "name": "backend-service" } + references: + health_checks: google_compute_http_health_check.default.id dependencies: google_compute_http_health_check.default: |- { @@ -30962,6 +30994,8 @@ resources: ], "name": "backend-service" } + references: + health_checks: google_compute_http_health_check.default.id dependencies: google_compute_http_health_check.default: |- { @@ -30997,6 +31031,8 @@ resources: ], "name": "backend-service" } + references: + health_checks: google_compute_http_health_check.default.id dependencies: google_compute_http_health_check.default: |- { @@ -31017,6 +31053,7 @@ resources: "provider": "${google-beta}" } references: + health_checks: google_compute_health_check.health_check.id provider: google-beta dependencies: google_compute_health_check.health_check: |- @@ -31067,6 +31104,7 @@ resources: "session_affinity": "HTTP_COOKIE" } references: + health_checks: google_compute_health_check.health_check.id provider: google-beta dependencies: google_compute_health_check.health_check: |- @@ -31126,6 +31164,8 @@ resources: "load_balancing_scheme": "EXTERNAL_MANAGED", "name": "backend-service" } + references: + health_checks: google_compute_health_check.default.id dependencies: google_compute_health_check.default: |- { @@ -33038,6 +33078,7 @@ resources: } references: firewall_policy: google_compute_firewall_policy.default.name + match.dest_address_groups: google_network_security_address_group.basic_global_networksecurity_address_group.id dependencies: google_compute_firewall_policy.default: |- { @@ -38189,6 +38230,8 @@ resources: ], "zone": "us-central1-a" } + references: + instances: google_compute_instance.test.id - name: staging_group manifest: |- { @@ -38213,6 +38256,8 @@ resources: ], "zone": "us-central1-c" } + references: + instances: google_compute_instance.staging_vm.id dependencies: google_compute_backend_service.staging_service: |- { @@ -38332,6 +38377,7 @@ resources: } references: auto_healing_policies.health_check: google_compute_health_check.autohealing.id + target_pools: google_compute_target_pool.appserver.id version.instance_template: google_compute_instance_template.appserver.self_link_unique dependencies: google_compute_health_check.autohealing: |- @@ -38863,6 +38909,7 @@ resources: ] } references: + disk.resource_policies: google_compute_resource_policy.daily_backup.id disk.source: google_compute_disk.foobar.name service_account.email: google_service_account.default.email dependencies: @@ -39568,6 +39615,7 @@ resources: "type": "PARTNER" } references: + ipsec_internal_addresses: google_compute_address.address.self_link router: google_compute_router.router.id dependencies: google_compute_address.address: |- @@ -40315,6 +40363,10 @@ resources: "${google_compute_subnetwork.default.self_link}" ] } + references: + producer_accept_lists: google_project.accepted_producer_project.project_id + producer_reject_lists: google_project.rejected_producer_project.project_id + subnetworks: google_compute_subnetwork.default.self_link dependencies: google_compute_network.default: |- { @@ -40356,6 +40408,7 @@ resources: } references: provider: google-beta + subnetworks: google_compute_subnetwork.default.id dependencies: google_compute_instance.default: |- { @@ -41026,6 +41079,7 @@ resources: } references: firewall_policy: google_compute_network_firewall_policy.basic_network_firewall_policy.name + match.src_address_groups: google_network_security_address_group.basic_global_networksecurity_address_group.id dependencies: google_compute_network.basic_network: |- { @@ -43016,6 +43070,8 @@ resources: "region": "us-central1", "session_affinity": "CLIENT_IP" } + references: + health_checks: google_compute_health_check.default.id dependencies: google_compute_health_check.default: |- { @@ -43066,6 +43122,7 @@ resources: "region": "us-central1" } references: + health_checks: google_compute_region_health_check.default.id provider: google-beta dependencies: google_compute_region_health_check.default: |- @@ -43091,6 +43148,8 @@ resources: "protocol": "HTTP", "region": "us-central1" } + references: + health_checks: google_compute_health_check.health_check.id dependencies: google_compute_health_check.health_check: |- { @@ -43114,6 +43173,7 @@ resources: "region": "us-central1" } references: + health_checks: google_compute_region_health_check.health_check.id provider: google-beta dependencies: google_compute_region_health_check.health_check: |- @@ -43139,6 +43199,8 @@ resources: "protocol": "TCP", "region": "us-central1" } + references: + health_checks: google_compute_region_health_check.health_check.id dependencies: google_compute_region_health_check.health_check: |- { @@ -43188,6 +43250,8 @@ resources: "region": "us-central1", "session_affinity": "HTTP_COOKIE" } + references: + health_checks: google_compute_health_check.health_check.id dependencies: google_compute_health_check.health_check: |- { @@ -43219,6 +43283,7 @@ resources: } references: backend.group: google_compute_region_instance_group_manager.rigm.instance_group + health_checks: google_compute_region_health_check.default.id dependencies: google_compute_instance_template.instance_template: |- { @@ -43301,6 +43366,7 @@ resources: "session_affinity": "CLIENT_IP" } references: + health_checks: google_compute_region_health_check.health_check.id provider: google-beta dependencies: google_compute_region_health_check.health_check: |- @@ -45201,6 +45267,7 @@ resources: } references: auto_healing_policies.health_check: google_compute_health_check.autohealing.id + target_pools: google_compute_target_pool.appserver.id version.instance_template: google_compute_instance_template.appserver.self_link_unique dependencies: google_compute_health_check.autohealing: |- @@ -45454,6 +45521,7 @@ resources: ] } references: + disk.resource_policies: google_compute_resource_policy.daily_backup.id disk.source: google_compute_region_disk.foobar.self_link service_account.email: google_service_account.default.email dependencies: @@ -46664,6 +46732,7 @@ resources: } references: firewall_policy: google_compute_region_network_firewall_policy.basic_regional_network_firewall_policy.name + match.src_address_groups: google_network_security_address_group.basic_regional_networksecurity_address_group.id dependencies: google_compute_network.basic_network: |- { @@ -48056,6 +48125,7 @@ resources: "url_map": "${google_compute_region_url_map.default.id}" } references: + ssl_certificates: google_compute_region_ssl_certificate.default.id url_map: google_compute_region_url_map.default.id dependencies: google_compute_region_backend_service.default: |- @@ -48130,6 +48200,7 @@ resources: references: provider: google-beta server_tls_policy: google_network_security_server_tls_policy.default.id + ssl_certificates: google_compute_region_ssl_certificate.default.id url_map: google_compute_region_url_map.default.id dependencies: google_certificate_manager_trust_config.default: |- @@ -52093,8 +52164,10 @@ resources: ] } references: + nat_ips: google_compute_address.addr1.self_link region: google_compute_router.router.region router: google_compute_router.router.name + rules.action.source_nat_active_ips: google_compute_address.addr2.self_link subnetwork.name: google_compute_subnetwork.subnet.id dependencies: google_compute_address.addr1: |- @@ -52169,6 +52242,7 @@ resources: provider: google-beta region: google_compute_router.router.region router: google_compute_router.router.name + rules.action.source_nat_active_ranges: google_compute_subnetwork.subnet.self_link subnetwork.name: google_compute_subnetwork.subnet.id dependencies: google_compute_network.net: |- @@ -52648,6 +52722,8 @@ resources: "router": "${google_compute_router.router.name}" } references: + export_policies: google_compute_router_route_policy.rp-export.name + import_policies: google_compute_router_route_policy.rp-import.name interface: google_compute_router_interface.router_interface.name provider: google-beta region: google_compute_router.router.region @@ -53979,6 +54055,7 @@ resources: "target_service": "${google_compute_forwarding_rule.psc_ilb_target_service.id}" } references: + nat_subnets: google_compute_subnetwork.psc_ilb_nat.id target_service: google_compute_forwarding_rule.psc_ilb_target_service.id dependencies: google_compute_address.psc_ilb_consumer_address: |- @@ -54073,6 +54150,7 @@ resources: "target_service": "${google_compute_forwarding_rule.psc_ilb_target_service.id}" } references: + nat_subnets: google_compute_subnetwork.psc_ilb_nat.id target_service: google_compute_forwarding_rule.psc_ilb_target_service.id dependencies: google_compute_address.psc_ilb_consumer_address: |- @@ -54161,6 +54239,7 @@ resources: } references: consumer_accept_lists.network_url: google_compute_network.psc_ilb_consumer_network.self_link + nat_subnets: google_compute_subnetwork.psc_ilb_nat.id target_service: google_compute_forwarding_rule.psc_ilb_target_service.id dependencies: google_compute_address.psc_ilb_consumer_address: |- @@ -54269,6 +54348,7 @@ resources: "target_service": "${google_compute_forwarding_rule.psc_ilb_target_service.id}" } references: + nat_subnets: google_compute_subnetwork.psc_ilb_nat.id target_service: google_compute_forwarding_rule.psc_ilb_target_service.id dependencies: google_compute_forwarding_rule.psc_ilb_target_service: |- @@ -55730,6 +55810,7 @@ resources: "url_map": "${google_compute_url_map.default.id}" } references: + ssl_certificates: google_compute_ssl_certificate.default.id url_map: google_compute_url_map.default.id dependencies: google_compute_backend_service.default: |- @@ -55794,6 +55875,7 @@ resources: "url_map": "${google_compute_url_map.default.id}" } references: + ssl_certificates: google_compute_ssl_certificate.default.id url_map: google_compute_url_map.default.id dependencies: google_compute_backend_service.default: |- @@ -55862,6 +55944,7 @@ resources: references: provider: google-beta server_tls_policy: google_network_security_server_tls_policy.default.id + ssl_certificates: google_compute_ssl_certificate.default.id url_map: google_compute_url_map.default.id dependencies: google_certificate_manager_trust_config.default: |- @@ -56351,6 +56434,8 @@ resources: ], "name": "instance-pool" } + references: + health_checks: google_compute_http_health_check.default.name dependencies: google_compute_http_health_check.default: |- { @@ -56413,6 +56498,7 @@ resources: } references: backend_service: google_compute_backend_service.default.id + ssl_certificates: google_compute_ssl_certificate.default.id dependencies: google_compute_backend_service.default: |- { @@ -81339,6 +81425,7 @@ resources: "location": "${google_discovery_engine_data_store.test_data_store.location}" } references: + data_store_ids: google_discovery_engine_data_store.test_data_store.data_store_id location: google_discovery_engine_data_store.test_data_store.location dependencies: google_discovery_engine_data_store.test_data_store: |- @@ -81632,6 +81719,7 @@ resources: ] } references: + data_store_ids: google_discovery_engine_data_store.basic.data_store_id location: google_discovery_engine_data_store.basic.location dependencies: google_discovery_engine_data_store.basic: |- @@ -82370,6 +82458,7 @@ resources: } references: managed_zone: google_dns_managed_zone.prod.name + rrdatas: google_compute_instance.frontend.network_interface[0].access_config[0].nat_ip dependencies: google_compute_instance.frontend: |- { @@ -82967,6 +83056,7 @@ resources: "version": "${google_document_ai_processor.processor.id}/processorVersions/stable" } references: + lifecycle.ignore_changes: version processor: google_document_ai_processor.processor.id dependencies: google_document_ai_processor.processor: |- @@ -87643,6 +87733,8 @@ resources: "project": "my-project-name", "ruleset_name": "projects/my-project-name/rulesets/${google_firebaserules_ruleset.firestore.name}" } + references: + lifecycle.replace_triggered_by: google_firebaserules_ruleset.firestore dependencies: google_firebaserules_ruleset.firestore: |- { @@ -87674,6 +87766,7 @@ resources: "ruleset_name": "projects/my-project-name/rulesets/${google_firebaserules_ruleset.storage.name}" } references: + lifecycle.replace_triggered_by: google_firebaserules_ruleset.storage provider: google-beta dependencies: google_firebase_storage_bucket.bucket: |- @@ -109696,6 +109789,7 @@ resources: } references: network: google_compute_network.producer_net.id + psc_config.subnetworks: google_compute_subnetwork.producer_subnet.id dependencies: google_compute_network.producer_net: |- { @@ -113869,6 +113963,7 @@ resources: "type": "SECURE_WEB_GATEWAY" } references: + certificate_urls: google_certificate_manager_certificate.default.id gateway_security_policy: google_network_security_gateway_security_policy.default.id network: google_compute_network.default.id subnetwork: google_compute_subnetwork.default.id @@ -113948,6 +114043,7 @@ resources: "type": "SECURE_WEB_GATEWAY" } references: + certificate_urls: google_certificate_manager_certificate.default.id gateway_security_policy: google_network_security_gateway_security_policy.default.id network: google_compute_network.default.id subnetwork: google_compute_subnetwork.default.id @@ -114027,6 +114123,7 @@ resources: "type": "SECURE_WEB_GATEWAY" } references: + certificate_urls: google_certificate_manager_certificate.default.id gateway_security_policy: google_network_security_gateway_security_policy.default.id network: google_compute_network.default.id subnetwork: google_compute_subnetwork.default.id @@ -114825,6 +114922,7 @@ resources: ] } references: + meshes: google_network_services_mesh.default.id provider: google-beta dependencies: google_network_services_mesh.default: |- @@ -115240,6 +115338,7 @@ resources: } references: extension_chains.extensions.service: google_compute_region_backend_service.callouts_backend.self_link + forwarding_rules: google_compute_forwarding_rule.default.self_link dependencies: google_compute_firewall.fw_iap: |- { @@ -115699,6 +115798,7 @@ resources: } references: extension_chains.extensions.service: google_compute_region_backend_service.callouts_backend.self_link + forwarding_rules: google_compute_forwarding_rule.default.self_link dependencies: google_compute_firewall.fw_iap: |- { @@ -116510,6 +116610,7 @@ resources: ] } references: + meshes: google_network_services_mesh.default.id provider: google-beta rules.action.destinations.service_name: google_compute_backend_service.default.id dependencies: @@ -116573,6 +116674,7 @@ resources: ] } references: + gateways: google_network_services_gateway.default.id provider: google-beta rules.action.destinations.service_name: google_compute_backend_service.default.id dependencies: @@ -116794,6 +116896,7 @@ resources: ] } references: + meshes: google_network_services_mesh.default.id provider: google-beta rules.action.destinations.service_name: google_compute_backend_service.default.id dependencies: @@ -116857,6 +116960,7 @@ resources: ] } references: + gateways: google_network_services_gateway.default.id provider: google-beta rules.action.destinations.service_name: google_compute_backend_service.default.id dependencies: @@ -118779,6 +118883,7 @@ resources: "provider": "${google-beta}" } references: + assignment.instances: google_compute_instance.foobar.id provider: google-beta dependencies: google_compute_instance.foobar: |- @@ -119960,6 +120065,8 @@ resources: } ] } + references: + instance_filter.instances: google_compute_instance.foobar.id dependencies: google_compute_instance.foobar: |- { @@ -131286,6 +131393,7 @@ resources: } references: network: google_compute_network.peering_network.id + reserved_peering_ranges: google_compute_global_address.private_ip_alloc.name dependencies: google_compute_global_address.private_ip_alloc: |- { @@ -135646,6 +135754,7 @@ resources: "region": "us-central1" } references: + dedicated_serving_endpoint.private_service_connect_config.project_allowlist: data.google_project.project.number provider: google - name: featureonlinestore manifest: |- @@ -135869,6 +135978,7 @@ resources: references: feature_online_store: google_vertex_ai_feature_online_store.featureonlinestore.name feature_registry_source.feature_groups.feature_group_id: google_vertex_ai_feature_group.sample_feature_group.name + feature_registry_source.feature_groups.feature_ids: google_vertex_ai_feature_group_feature.sample_feature.name dependencies: google_bigquery_dataset.sample_dataset: |- { @@ -135967,6 +136077,7 @@ resources: references: feature_online_store: google_vertex_ai_feature_online_store.featureonlinestore.name feature_registry_source.feature_groups.feature_group_id: google_vertex_ai_feature_group.sample_feature_group.name + feature_registry_source.feature_groups.feature_ids: google_vertex_ai_feature_group_feature.sample_feature.name feature_registry_source.project_number: data.google_project.test_project.number project: google_project.project.project_id dependencies: @@ -137173,6 +137284,8 @@ resources: ], "region": "us-central1" } + references: + private_service_connect_config.project_allowlist: data.google_project.project.number - name: index_endpoint manifest: |- { diff --git a/examples-generated/beyondcorp/v1beta2/appconnection.yaml b/examples-generated/beyondcorp/v1beta2/appconnection.yaml index c8e5ed111..5b901566b 100644 --- a/examples-generated/beyondcorp/v1beta2/appconnection.yaml +++ b/examples-generated/beyondcorp/v1beta2/appconnection.yaml @@ -11,8 +11,8 @@ spec: applicationEndpoint: - host: foo-host port: 8080 - connectors: - - ${google_beyondcorp_app_connector.app_connector.id} + connectorsRefs: + - name: app_connector name: my-app-connection type: TCP_PROXY diff --git a/examples-generated/binaryauthorization/v1beta2/policy.yaml b/examples-generated/binaryauthorization/v1beta2/policy.yaml index a0927fed1..58749d40c 100644 --- a/examples-generated/binaryauthorization/v1beta2/policy.yaml +++ b/examples-generated/binaryauthorization/v1beta2/policy.yaml @@ -14,8 +14,8 @@ spec: - cluster: us-central1-a.prod-cluster enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG evaluationMode: REQUIRE_ATTESTATION - requireAttestationsBy: - - ${google_binary_authorization_attestor.attestor.name} + requireAttestationsByRefs: + - name: attestor defaultAdmissionRule: - enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG evaluationMode: ALWAYS_ALLOW diff --git a/examples-generated/certificatemanager/v1beta1/certificatemapentry.yaml b/examples-generated/certificatemanager/v1beta1/certificatemapentry.yaml index 38e03fc20..bfc0f104b 100644 --- a/examples-generated/certificatemanager/v1beta1/certificatemapentry.yaml +++ b/examples-generated/certificatemanager/v1beta1/certificatemapentry.yaml @@ -8,8 +8,8 @@ metadata: name: default spec: forProvider: - certificates: - - ${google_certificate_manager_certificate.certificate.id} + certificatesRefs: + - name: certificate description: My acceptance test certificate map entry labels: acc-test: true @@ -33,12 +33,12 @@ spec: forProvider: description: The default cert managed: - - dnsAuthorizations: - - ${google_certificate_manager_dns_authorization.instance.id} - - ${google_certificate_manager_dns_authorization.instance2.id} - domains: - - ${google_certificate_manager_dns_authorization.instance.domain} - - ${google_certificate_manager_dns_authorization.instance2.domain} + - dnsAuthorizationsRefs: + - name: instance + - name: instance2 + domainsRefs: + - name: instance + - name: instance2 scope: DEFAULT --- diff --git a/examples-generated/certificatemanager/v1beta2/certificate.yaml b/examples-generated/certificatemanager/v1beta2/certificate.yaml index 9edd93339..0fb2f3329 100644 --- a/examples-generated/certificatemanager/v1beta2/certificate.yaml +++ b/examples-generated/certificatemanager/v1beta2/certificate.yaml @@ -12,12 +12,12 @@ spec: labels: env: test managed: - - dnsAuthorizations: - - ${google_certificate_manager_dns_authorization.instance.id} - - ${google_certificate_manager_dns_authorization.instance2.id} - domains: - - ${google_certificate_manager_dns_authorization.instance.domain} - - ${google_certificate_manager_dns_authorization.instance2.domain} + - dnsAuthorizationsRefs: + - name: instance + - name: instance2 + domainsRefs: + - name: instance + - name: instance2 scope: EDGE_CACHE --- diff --git a/examples-generated/compute/v1beta2/instancetemplate.yaml b/examples-generated/compute/v1beta2/instancetemplate.yaml index 888e720f8..89c8ef6af 100644 --- a/examples-generated/compute/v1beta2/instancetemplate.yaml +++ b/examples-generated/compute/v1beta2/instancetemplate.yaml @@ -13,8 +13,8 @@ spec: disk: - autoDelete: true boot: true - resourcePolicies: - - ${google_compute_resource_policy.daily_backup.id} + resourcePoliciesRefs: + - name: daily_backup sourceImage: debian-cloud/debian-11 - autoDelete: false boot: false diff --git a/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml b/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml index 9a59e9528..66085f769 100644 --- a/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml +++ b/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml @@ -781,6 +781,85 @@ spec: items: type: string type: array + connectorsRefs: + description: References to AppConnector in beyondcorp to populate + connectors. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + connectorsSelector: + description: Selector for a list of AppConnector in beyondcorp + to populate connectors. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object displayName: description: An arbitrary user-provided name for the AppConnection. type: string @@ -931,6 +1010,85 @@ spec: items: type: string type: array + connectorsRefs: + description: References to AppConnector in beyondcorp to populate + connectors. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + connectorsSelector: + description: Selector for a list of AppConnector in beyondcorp + to populate connectors. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object displayName: description: An arbitrary user-provided name for the AppConnection. type: string diff --git a/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml b/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml index d8c0b4607..6357044cb 100644 --- a/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml +++ b/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml @@ -751,6 +751,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array defaultAdmissionRule: @@ -783,6 +862,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object description: description: A descriptive comment. @@ -867,6 +1025,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array defaultAdmissionRule: @@ -899,6 +1136,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object description: description: A descriptive comment. diff --git a/package/crds/certificatemanager.gcp.upbound.io_certificatemapentries.yaml b/package/crds/certificatemanager.gcp.upbound.io_certificatemapentries.yaml index 587b717f6..a0c0b8e0b 100644 --- a/package/crds/certificatemanager.gcp.upbound.io_certificatemapentries.yaml +++ b/package/crds/certificatemanager.gcp.upbound.io_certificatemapentries.yaml @@ -82,6 +82,85 @@ spec: items: type: string type: array + certificatesRefs: + description: References to Certificate in certificatemanager to + populate certificates. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + certificatesSelector: + description: Selector for a list of Certificate in certificatemanager + to populate certificates. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object description: description: A human-readable description of the resource. type: string @@ -211,6 +290,85 @@ spec: items: type: string type: array + certificatesRefs: + description: References to Certificate in certificatemanager to + populate certificates. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + certificatesSelector: + description: Selector for a list of Certificate in certificatemanager + to populate certificates. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object description: description: A human-readable description of the resource. type: string @@ -406,11 +564,6 @@ spec: required: - forProvider type: object - x-kubernetes-validations: - - message: spec.forProvider.certificates is a required parameter - rule: '!(''*'' in self.managementPolicies || ''Create'' in self.managementPolicies - || ''Update'' in self.managementPolicies) || has(self.forProvider.certificates) - || (has(self.initProvider) && has(self.initProvider.certificates))' status: description: CertificateMapEntryStatus defines the observed state of CertificateMapEntry. properties: diff --git a/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml b/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml index b475c61e8..638be98b5 100644 --- a/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml +++ b/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml @@ -821,6 +821,85 @@ spec: items: type: string type: array + dnsAuthorizationsRefs: + description: References to DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + dnsAuthorizationsSelector: + description: Selector for a list of DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object domains: description: |- The domains for which a managed SSL certificate will be generated. @@ -828,6 +907,85 @@ spec: items: type: string type: array + domainsRefs: + description: References to DNSAuthorization in certificatemanager + to populate domains. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + domainsSelector: + description: Selector for a list of DNSAuthorization in certificatemanager + to populate domains. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object issuanceConfig: description: |- The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. @@ -961,6 +1119,85 @@ spec: items: type: string type: array + dnsAuthorizationsRefs: + description: References to DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + dnsAuthorizationsSelector: + description: Selector for a list of DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object domains: description: |- The domains for which a managed SSL certificate will be generated. @@ -968,6 +1205,85 @@ spec: items: type: string type: array + domainsRefs: + description: References to DNSAuthorization in certificatemanager + to populate domains. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + domainsSelector: + description: Selector for a list of DNSAuthorization in certificatemanager + to populate domains. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object issuanceConfig: description: |- The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. diff --git a/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml b/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml index 6062865c2..c3f4412cf 100644 --- a/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml +++ b/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml @@ -2539,6 +2539,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object + with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object name: description: Volume's name. @@ -3101,6 +3180,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object + with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object name: description: Volume's name. diff --git a/package/crds/cloudrun.gcp.upbound.io_v2services.yaml b/package/crds/cloudrun.gcp.upbound.io_v2services.yaml index 209532e75..5c0d61988 100644 --- a/package/crds/cloudrun.gcp.upbound.io_v2services.yaml +++ b/package/crds/cloudrun.gcp.upbound.io_v2services.yaml @@ -3740,6 +3740,85 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to DatabaseInstance in sql + to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object gcs: description: |- @@ -4632,6 +4711,85 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to DatabaseInstance in sql + to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object gcs: description: |- diff --git a/package/crds/compute.gcp.upbound.io_instancegroups.yaml b/package/crds/compute.gcp.upbound.io_instancegroups.yaml index b4eb13877..ecc0897fb 100644 --- a/package/crds/compute.gcp.upbound.io_instancegroups.yaml +++ b/package/crds/compute.gcp.upbound.io_instancegroups.yaml @@ -86,6 +86,84 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to Instance in compute to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute to populate + instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object namedPort: description: |- The named port configuration. See the section below @@ -219,6 +297,84 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to Instance in compute to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute to populate + instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object namedPort: description: |- The named port configuration. See the section below diff --git a/package/crds/compute.gcp.upbound.io_instancetemplates.yaml b/package/crds/compute.gcp.upbound.io_instancetemplates.yaml index 966ce6223..bd0bb6718 100644 --- a/package/crds/compute.gcp.upbound.io_instancetemplates.yaml +++ b/package/crds/compute.gcp.upbound.io_instancetemplates.yaml @@ -3056,6 +3056,85 @@ spec: items: type: string type: array + resourcePoliciesRefs: + description: References to ResourcePolicy in compute to + populate resourcePolicies. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + resourcePoliciesSelector: + description: Selector for a list of ResourcePolicy in compute + to populate resourcePolicies. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object source: description: |- The name (not self_link) @@ -3973,6 +4052,85 @@ spec: items: type: string type: array + resourcePoliciesRefs: + description: References to ResourcePolicy in compute to + populate resourcePolicies. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + resourcePoliciesSelector: + description: Selector for a list of ResourcePolicy in compute + to populate resourcePolicies. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object source: description: |- The name (not self_link) diff --git a/package/crds/compute.gcp.upbound.io_interconnectattachments.yaml b/package/crds/compute.gcp.upbound.io_interconnectattachments.yaml index 7f5d30ed9..74ab65318 100644 --- a/package/crds/compute.gcp.upbound.io_interconnectattachments.yaml +++ b/package/crds/compute.gcp.upbound.io_interconnectattachments.yaml @@ -143,6 +143,84 @@ spec: items: type: string type: array + ipsecInternalAddressesRefs: + description: References to Address in compute to populate ipsecInternalAddresses. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + ipsecInternalAddressesSelector: + description: Selector for a list of Address in compute to populate + ipsecInternalAddresses. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object mtu: description: |- Maximum Transmission Unit (MTU), in bytes, of packets passing through @@ -352,6 +430,84 @@ spec: items: type: string type: array + ipsecInternalAddressesRefs: + description: References to Address in compute to populate ipsecInternalAddresses. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + ipsecInternalAddressesSelector: + description: Selector for a list of Address in compute to populate + ipsecInternalAddresses. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object mtu: description: |- Maximum Transmission Unit (MTU), in bytes, of packets passing through diff --git a/package/crds/compute.gcp.upbound.io_routernats.yaml b/package/crds/compute.gcp.upbound.io_routernats.yaml index 17bcdce0d..77fc7959e 100644 --- a/package/crds/compute.gcp.upbound.io_routernats.yaml +++ b/package/crds/compute.gcp.upbound.io_routernats.yaml @@ -1327,6 +1327,84 @@ spec: type: string type: array x-kubernetes-list-type: set + natIpsRefs: + description: References to Address in compute to populate natIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + natIpsSelector: + description: Selector for a list of Address in compute to populate + natIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object project: description: |- The ID of the project in which the resource belongs. @@ -1433,6 +1511,85 @@ spec: type: string type: array x-kubernetes-list-type: set + sourceNatActiveIpsRefs: + description: References to Address in compute to populate + sourceNatActiveIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + sourceNatActiveIpsSelector: + description: Selector for a list of Address in compute + to populate sourceNatActiveIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object sourceNatDrainIps: description: |- A list of URLs of the IP resources to be drained. @@ -1702,6 +1859,84 @@ spec: type: string type: array x-kubernetes-list-type: set + natIpsRefs: + description: References to Address in compute to populate natIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + natIpsSelector: + description: Selector for a list of Address in compute to populate + natIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object project: description: |- The ID of the project in which the resource belongs. @@ -1727,6 +1962,85 @@ spec: type: string type: array x-kubernetes-list-type: set + sourceNatActiveIpsRefs: + description: References to Address in compute to populate + sourceNatActiveIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + sourceNatActiveIpsSelector: + description: Selector for a list of Address in compute + to populate sourceNatActiveIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object sourceNatDrainIps: description: |- A list of URLs of the IP resources to be drained. diff --git a/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml b/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml index 474ba66fc..76e08e0c0 100644 --- a/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml +++ b/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml @@ -2199,6 +2199,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to Instance in compute to populate + instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute to + populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object zones: description: Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. @@ -2723,6 +2802,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to Instance in compute to populate + instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute to + populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object zones: description: Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. From 9456c735227aa54d6587760b0236850dc0b88b5d Mon Sep 17 00:00:00 2001 From: Rickard von Essen Date: Wed, 9 Oct 2024 12:03:43 +0200 Subject: [PATCH 3/5] Update examples Signed-off-by: Rickard von Essen --- .../beyondcorp/v1beta2/appconnection.yaml | 10 +-- .../binaryauthorization/v1beta2/policy.yaml | 12 +-- .../v1beta1/certificatemapentry.yaml | 16 ++-- .../v1beta2/certificate.yaml | 34 +++++++-- .../compute/v1beta2/instancetemplate.yaml | 74 ++++++++++++++++++- 5 files changed, 115 insertions(+), 31 deletions(-) diff --git a/examples/beyondcorp/v1beta2/appconnection.yaml b/examples/beyondcorp/v1beta2/appconnection.yaml index f37ece311..5eee4849d 100644 --- a/examples/beyondcorp/v1beta2/appconnection.yaml +++ b/examples/beyondcorp/v1beta2/appconnection.yaml @@ -14,10 +14,10 @@ metadata: spec: forProvider: applicationEndpoint: - host: foo-host + - host: foo-host port: 8080 - connectors: - - projects/${project.project_id}/locations/us-central1/appConnectors/app-connector + connectorsRefs: + - name: app_connector gateway: appGateway: app-gateway name: my-app-connection @@ -37,8 +37,8 @@ metadata: spec: forProvider: principalInfo: - serviceAccount: - emailSelector: + - serviceAccount: + - emailSelector: matchLabels: testing.upbound.io/example-name: service_account region: us-central1 diff --git a/examples/binaryauthorization/v1beta2/policy.yaml b/examples/binaryauthorization/v1beta2/policy.yaml index ffe0a5cf2..015cf5bae 100644 --- a/examples/binaryauthorization/v1beta2/policy.yaml +++ b/examples/binaryauthorization/v1beta2/policy.yaml @@ -18,10 +18,10 @@ spec: - cluster: us-central1-a.prod-cluster enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG evaluationMode: REQUIRE_ATTESTATION - requireAttestationsBy: - - attestor + requireAttestationsByRefs: + - name: attestor defaultAdmissionRule: - enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG + - enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG evaluationMode: ALWAYS_ALLOW --- @@ -37,7 +37,7 @@ metadata: spec: forProvider: attestationAuthorityNote: - noteReferenceSelector: + - noteReferenceSelector: matchLabels: testing.upbound.io/example-name: note @@ -54,5 +54,5 @@ metadata: spec: forProvider: attestationAuthority: - hint: - humanReadableName: My attestor + - hint: + - humanReadableName: My attestor diff --git a/examples/certificatemanager/v1beta1/certificatemapentry.yaml b/examples/certificatemanager/v1beta1/certificatemapentry.yaml index 4237274db..5f7695d99 100644 --- a/examples/certificatemanager/v1beta1/certificatemapentry.yaml +++ b/examples/certificatemanager/v1beta1/certificatemapentry.yaml @@ -13,8 +13,8 @@ metadata: name: default spec: forProvider: - certificates: - - projects/official-provider-testing/locations/global/certificates/certificate + certificatesRefs: + - name: certificate description: My acceptance test certificate map entry labels: acc-test: "true" @@ -39,12 +39,12 @@ spec: forProvider: description: The default cert managed: - - dnsAuthorizations: - - projects/official-provider-testing/locations/global/dnsAuthorizations/instance - - projects/official-provider-testing/locations/global/dnsAuthorizations/instance2 - domains: - - subdomain2.hashicorptest.com - - subdomain.hashicorptest.com + - dnsAuthorizationsRefs: + - name: instance + - name: instance2 + domainsRefs: + - name: instance + - name: instance2 scope: DEFAULT --- diff --git a/examples/certificatemanager/v1beta2/certificate.yaml b/examples/certificatemanager/v1beta2/certificate.yaml index 1865baf98..afdc14f15 100644 --- a/examples/certificatemanager/v1beta2/certificate.yaml +++ b/examples/certificatemanager/v1beta2/certificate.yaml @@ -7,8 +7,7 @@ kind: Certificate metadata: annotations: meta.upbound.io/example-id: certificatemanager/v1beta2/certificate - upjet.upbound.io/manual-intervention: Certificate requires a real DNS authorization - ID + upjet.upbound.io/manual-intervention: Certificate requires a real DNS authorization ID labels: testing.upbound.io/example-name: default name: default @@ -16,11 +15,15 @@ spec: forProvider: description: The default cert location: global + labels: + env: test managed: - dnsAuthorizations: - - projects/official-provider-testing/locations/global/dnsAuthorizations/default - domains: - - subdomain.hashicorptest.com + - dnsAuthorizationsRefs: + - name: instance + - name: instance2 + domainsRefs: + - name: instance + - name: instance2 scope: DEFAULT --- @@ -31,9 +34,24 @@ metadata: annotations: meta.upbound.io/example-id: certificatemanager/v1beta2/certificate labels: - testing.upbound.io/example-name: default - name: default + testing.upbound.io/example-name: instance + name: instance spec: forProvider: description: The default dnss domain: subdomain.hashicorptest.com + +--- + +apiVersion: certificatemanager.gcp.upbound.io/v1beta1 +kind: DNSAuthorization +metadata: + annotations: + meta.upbound.io/example-id: certificatemanager/v1beta2/certificate + labels: + testing.upbound.io/example-name: instance2 + name: instance2 +spec: + forProvider: + description: The default dnss + domain: subdomain2.hashicorptest.com diff --git a/examples/compute/v1beta2/instancetemplate.yaml b/examples/compute/v1beta2/instancetemplate.yaml index 372b47e23..1c862eda5 100644 --- a/examples/compute/v1beta2/instancetemplate.yaml +++ b/examples/compute/v1beta2/instancetemplate.yaml @@ -17,18 +17,84 @@ spec: disk: - autoDelete: false boot: true + resourcePoliciesRefs: + - name: daily_backup sourceImage: debian-cloud/debian-11 + - autoDelete: false + boot: false + sourceSelector: + matchLabels: + testing.upbound.io/example-name: foobar instanceDescription: Description assigned to instances labels: - environment: dev + foo: bar machineType: e2-medium metadata: - environment: dev + foo: bar + name: appserver-template networkInterface: - - network: default + - networkSelector: + matchLabels: + testing.upbound.io/example-name: example scheduling: - automaticRestart: true + - automaticRestart: true onHostMaintenance: MIGRATE + serviceAccount: + - emailSelector: + matchLabels: + testing.upbound.io/example-name: default + scopes: + - cloud-platform tags: - foo - bar + +--- + +apiVersion: compute.gcp.upbound.io/v1beta2 +kind: Disk +metadata: + annotations: + meta.upbound.io/example-id: compute/v1beta2/instancetemplate + labels: + testing.upbound.io/example-name: foobar + name: foobar +spec: + forProvider: + image: debian-12-bookworm-v20240910 + size: 10 + type: pd-ssd + zone: us-central1-a + +--- + +apiVersion: compute.gcp.upbound.io/v1beta2 +kind: ResourcePolicy +metadata: + annotations: + meta.upbound.io/example-id: compute/v1beta2/instancetemplate + labels: + testing.upbound.io/example-name: daily_backup + name: daily-backup +spec: + forProvider: + region: us-central1 + snapshotSchedulePolicy: + - schedule: + - dailySchedule: + - daysInCycle: 1 + startTime: "04:00" + +--- + +apiVersion: cloudplatform.gcp.upbound.io/v1beta1 +kind: ServiceAccount +metadata: + annotations: + meta.upbound.io/example-id: compute/v1beta2/instancetemplate + labels: + testing.upbound.io/example-name: default + name: default +spec: + forProvider: + displayName: Service Account From 8003724038c55d2d4584f812eef7610d919af1ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fatih=20T=C3=BCrken?= Date: Tue, 22 Oct 2024 21:50:53 +0300 Subject: [PATCH 4/5] Backport api changes from v1beta2 to v1beta1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fatih Türken --- .../v1beta1/zz_appconnection_types.go | 20 ++ .../v1beta1/zz_generated.deepcopy.go | 24 ++ .../v1beta1/zz_generated.resolvers.go | 39 +++ .../v1beta1/zz_generated.deepcopy.go | 48 +++ .../v1beta1/zz_generated.resolvers.go | 97 ++++++ .../v1beta1/zz_policy_types.go | 36 ++ .../v1beta1/zz_certificate_types.go | 40 +++ .../v1beta1/zz_generated.deepcopy.go | 48 +++ .../v1beta1/zz_generated.resolvers.go | 99 +++++- .../cloudrun/v1beta1/zz_generated.deepcopy.go | 48 +++ .../v1beta1/zz_generated.resolvers.go | 107 ++++++ apis/cloudrun/v1beta1/zz_v2job_types.go | 20 ++ apis/cloudrun/v1beta1/zz_v2service_types.go | 20 ++ apis/compute/v1beta1/zz_generated.deepcopy.go | 72 ++++ .../compute/v1beta1/zz_generated.resolvers.go | 128 +++++++ .../v1beta1/zz_instancetemplate_types.go | 20 ++ apis/compute/v1beta1/zz_routernat_types.go | 40 +++ .../osconfig/v1beta1/zz_generated.deepcopy.go | 25 ++ .../v1beta1/zz_generated.resolvers.go | 73 ++++ .../v1beta1/zz_patchdeployment_types.go | 20 ++ ...ondcorp.gcp.upbound.io_appconnections.yaml | 158 +++++++++ ...authorization.gcp.upbound.io_policies.yaml | 316 ++++++++++++++++++ ...temanager.gcp.upbound.io_certificates.yaml | 316 ++++++++++++++++++ .../crds/cloudrun.gcp.upbound.io_v2jobs.yaml | 162 +++++++++ .../cloudrun.gcp.upbound.io_v2services.yaml | 158 +++++++++ ...pute.gcp.upbound.io_instancetemplates.yaml | 158 +++++++++ .../compute.gcp.upbound.io_routernats.yaml | 314 +++++++++++++++++ ...onfig.gcp.upbound.io_patchdeployments.yaml | 158 +++++++++ 28 files changed, 2763 insertions(+), 1 deletion(-) create mode 100644 apis/osconfig/v1beta1/zz_generated.resolvers.go diff --git a/apis/beyondcorp/v1beta1/zz_appconnection_types.go b/apis/beyondcorp/v1beta1/zz_appconnection_types.go index ae96eb422..80d84ec27 100755 --- a/apis/beyondcorp/v1beta1/zz_appconnection_types.go +++ b/apis/beyondcorp/v1beta1/zz_appconnection_types.go @@ -20,8 +20,18 @@ type AppConnectionInitParameters struct { ApplicationEndpoint []ApplicationEndpointInitParameters `json:"applicationEndpoint,omitempty" tf:"application_endpoint,omitempty"` // List of AppConnectors that are authorised to be associated with this AppConnection + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/beyondcorp/v1beta2.AppConnector + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() Connectors []*string `json:"connectors,omitempty" tf:"connectors,omitempty"` + // References to AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsRefs []v1.Reference `json:"connectorsRefs,omitempty" tf:"-"` + + // Selector for a list of AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsSelector *v1.Selector `json:"connectorsSelector,omitempty" tf:"-"` + // An arbitrary user-provided name for the AppConnection. DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` @@ -104,9 +114,19 @@ type AppConnectionParameters struct { ApplicationEndpoint []ApplicationEndpointParameters `json:"applicationEndpoint,omitempty" tf:"application_endpoint,omitempty"` // List of AppConnectors that are authorised to be associated with this AppConnection + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/beyondcorp/v1beta2.AppConnector + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional Connectors []*string `json:"connectors,omitempty" tf:"connectors,omitempty"` + // References to AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsRefs []v1.Reference `json:"connectorsRefs,omitempty" tf:"-"` + + // Selector for a list of AppConnector in beyondcorp to populate connectors. + // +kubebuilder:validation:Optional + ConnectorsSelector *v1.Selector `json:"connectorsSelector,omitempty" tf:"-"` + // An arbitrary user-provided name for the AppConnection. // +kubebuilder:validation:Optional DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"` diff --git a/apis/beyondcorp/v1beta1/zz_generated.deepcopy.go b/apis/beyondcorp/v1beta1/zz_generated.deepcopy.go index 771c30ce5..acf6071e3 100644 --- a/apis/beyondcorp/v1beta1/zz_generated.deepcopy.go +++ b/apis/beyondcorp/v1beta1/zz_generated.deepcopy.go @@ -116,6 +116,18 @@ func (in *AppConnectionInitParameters) DeepCopyInto(out *AppConnectionInitParame } } } + if in.ConnectorsRefs != nil { + in, out := &in.ConnectorsRefs, &out.ConnectorsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ConnectorsSelector != nil { + in, out := &in.ConnectorsSelector, &out.ConnectorsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.DisplayName != nil { in, out := &in.DisplayName, &out.DisplayName *out = new(string) @@ -347,6 +359,18 @@ func (in *AppConnectionParameters) DeepCopyInto(out *AppConnectionParameters) { } } } + if in.ConnectorsRefs != nil { + in, out := &in.ConnectorsRefs, &out.ConnectorsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ConnectorsSelector != nil { + in, out := &in.ConnectorsSelector, &out.ConnectorsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.DisplayName != nil { in, out := &in.DisplayName, &out.DisplayName *out = new(string) diff --git a/apis/beyondcorp/v1beta1/zz_generated.resolvers.go b/apis/beyondcorp/v1beta1/zz_generated.resolvers.go index caf6bdda3..3be091667 100644 --- a/apis/beyondcorp/v1beta1/zz_generated.resolvers.go +++ b/apis/beyondcorp/v1beta1/zz_generated.resolvers.go @@ -24,7 +24,27 @@ func (mg *AppConnection) ResolveReferences( // ResolveReferences of this AppConn r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta2", "AppConnector", "AppConnectorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Connectors), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.ConnectorsRefs, + Selector: mg.Spec.ForProvider.ConnectorsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Connectors") + } + mg.Spec.ForProvider.Connectors = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.ConnectorsRefs = mrsp.ResolvedReferences for i3 := 0; i3 < len(mg.Spec.ForProvider.Gateway); i3++ { { @@ -47,6 +67,25 @@ func (mg *AppConnection) ResolveReferences( // ResolveReferences of this AppConn mg.Spec.ForProvider.Gateway[i3].AppGatewayRef = rsp.ResolvedReference } + { + m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta2", "AppConnector", "AppConnectorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Connectors), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.ConnectorsRefs, + Selector: mg.Spec.InitProvider.ConnectorsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Connectors") + } + mg.Spec.InitProvider.Connectors = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.ConnectorsRefs = mrsp.ResolvedReferences + for i3 := 0; i3 < len(mg.Spec.InitProvider.Gateway); i3++ { { m, l, err = apisresolver.GetManagedResource("beyondcorp.gcp.upbound.io", "v1beta1", "AppGateway", "AppGatewayList") diff --git a/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go b/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go index fc6f292d7..d82f2ba86 100644 --- a/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go +++ b/apis/binaryauthorization/v1beta1/zz_generated.deepcopy.go @@ -403,6 +403,18 @@ func (in *ClusterAdmissionRulesInitParameters) DeepCopyInto(out *ClusterAdmissio } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAdmissionRulesInitParameters. @@ -485,6 +497,18 @@ func (in *ClusterAdmissionRulesParameters) DeepCopyInto(out *ClusterAdmissionRul } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAdmissionRulesParameters. @@ -521,6 +545,18 @@ func (in *DefaultAdmissionRuleInitParameters) DeepCopyInto(out *DefaultAdmission } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultAdmissionRuleInitParameters. @@ -593,6 +629,18 @@ func (in *DefaultAdmissionRuleParameters) DeepCopyInto(out *DefaultAdmissionRule } } } + if in.RequireAttestationsByRefs != nil { + in, out := &in.RequireAttestationsByRefs, &out.RequireAttestationsByRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.RequireAttestationsBySelector != nil { + in, out := &in.RequireAttestationsBySelector, &out.RequireAttestationsBySelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DefaultAdmissionRuleParameters. diff --git a/apis/binaryauthorization/v1beta1/zz_generated.resolvers.go b/apis/binaryauthorization/v1beta1/zz_generated.resolvers.go index 3bddb9c34..97f85fdd5 100644 --- a/apis/binaryauthorization/v1beta1/zz_generated.resolvers.go +++ b/apis/binaryauthorization/v1beta1/zz_generated.resolvers.go @@ -71,3 +71,100 @@ func (mg *Attestor) ResolveReferences(ctx context.Context, c client.Reader) erro return nil } + +// ResolveReferences of this Policy. +func (mg *Policy) ResolveReferences(ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + + var mrsp reference.MultiResolutionResponse + var err error + + for i3 := 0; i3 < len(mg.Spec.ForProvider.ClusterAdmissionRules); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs, + Selector: mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy") + } + mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.ForProvider.DefaultAdmissionRule); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsByRefs, + Selector: mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsBy") + } + mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.DefaultAdmissionRule[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.ClusterAdmissionRules); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs, + Selector: mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy") + } + mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.ClusterAdmissionRules[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.DefaultAdmissionRule); i3++ { + { + m, l, err = apisresolver.GetManagedResource("binaryauthorization.gcp.upbound.io", "v1beta2", "Attestor", "AttestorList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsBy), + Extract: reference.ExternalName(), + References: mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsByRefs, + Selector: mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsBySelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsBy") + } + mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsBy = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.DefaultAdmissionRule[i3].RequireAttestationsByRefs = mrsp.ResolvedReferences + + } + + return nil +} diff --git a/apis/binaryauthorization/v1beta1/zz_policy_types.go b/apis/binaryauthorization/v1beta1/zz_policy_types.go index c167cb23c..5917061e4 100755 --- a/apis/binaryauthorization/v1beta1/zz_policy_types.go +++ b/apis/binaryauthorization/v1beta1/zz_policy_types.go @@ -62,8 +62,17 @@ type ClusterAdmissionRulesInitParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type ClusterAdmissionRulesObservation struct { @@ -115,9 +124,18 @@ type ClusterAdmissionRulesParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +kubebuilder:validation:Optional // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type DefaultAdmissionRuleInitParameters struct { @@ -138,8 +156,17 @@ type DefaultAdmissionRuleInitParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type DefaultAdmissionRuleObservation struct { @@ -184,9 +211,18 @@ type DefaultAdmissionRuleParameters struct { // request must be able to read the attestor resource. // Note: this field must be non-empty when the evaluation_mode field // specifies REQUIRE_ATTESTATION, otherwise it must be empty. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/binaryauthorization/v1beta2.Attestor // +kubebuilder:validation:Optional // +listType=set RequireAttestationsBy []*string `json:"requireAttestationsBy,omitempty" tf:"require_attestations_by,omitempty"` + + // References to Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsByRefs []v1.Reference `json:"requireAttestationsByRefs,omitempty" tf:"-"` + + // Selector for a list of Attestor in binaryauthorization to populate requireAttestationsBy. + // +kubebuilder:validation:Optional + RequireAttestationsBySelector *v1.Selector `json:"requireAttestationsBySelector,omitempty" tf:"-"` } type PolicyInitParameters struct { diff --git a/apis/certificatemanager/v1beta1/zz_certificate_types.go b/apis/certificatemanager/v1beta1/zz_certificate_types.go index 8096fcfc6..31c0c5581 100755 --- a/apis/certificatemanager/v1beta1/zz_certificate_types.go +++ b/apis/certificatemanager/v1beta1/zz_certificate_types.go @@ -178,12 +178,32 @@ type CertificateParameters struct { type ManagedInitParameters struct { // Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() DNSAuthorizations []*string `json:"dnsAuthorizations,omitempty" tf:"dns_authorizations,omitempty"` + // References to DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsRefs []v1.Reference `json:"dnsAuthorizationsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsSelector *v1.Selector `json:"dnsAuthorizationsSelector,omitempty" tf:"-"` + // The domains for which a managed SSL certificate will be generated. // Wildcard domains are only supported with DNS challenge resolution + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("domain",false) Domains []*string `json:"domains,omitempty" tf:"domains,omitempty"` + // References to DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsRefs []v1.Reference `json:"domainsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsSelector *v1.Selector `json:"domainsSelector,omitempty" tf:"-"` + // The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. // If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. // Either issuanceConfig or dnsAuthorizations should be specificed, but not both. @@ -223,14 +243,34 @@ type ManagedObservation struct { type ManagedParameters struct { // Authorizations that will be used for performing domain authorization. Either issuanceConfig or dnsAuthorizations should be specificed, but not both. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional DNSAuthorizations []*string `json:"dnsAuthorizations,omitempty" tf:"dns_authorizations,omitempty"` + // References to DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsRefs []v1.Reference `json:"dnsAuthorizationsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate dnsAuthorizations. + // +kubebuilder:validation:Optional + DNSAuthorizationsSelector *v1.Selector `json:"dnsAuthorizationsSelector,omitempty" tf:"-"` + // The domains for which a managed SSL certificate will be generated. // Wildcard domains are only supported with DNS challenge resolution + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/certificatemanager/v1beta1.DNSAuthorization + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("domain",false) // +kubebuilder:validation:Optional Domains []*string `json:"domains,omitempty" tf:"domains,omitempty"` + // References to DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsRefs []v1.Reference `json:"domainsRefs,omitempty" tf:"-"` + + // Selector for a list of DNSAuthorization in certificatemanager to populate domains. + // +kubebuilder:validation:Optional + DomainsSelector *v1.Selector `json:"domainsSelector,omitempty" tf:"-"` + // The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. // If this field is not set, the certificates will instead be publicly signed as documented at https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs#caa. // Either issuanceConfig or dnsAuthorizations should be specificed, but not both. diff --git a/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go b/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go index 4115b78b8..d7636430f 100644 --- a/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go +++ b/apis/certificatemanager/v1beta1/zz_generated.deepcopy.go @@ -1544,6 +1544,18 @@ func (in *ManagedInitParameters) DeepCopyInto(out *ManagedInitParameters) { } } } + if in.DNSAuthorizationsRefs != nil { + in, out := &in.DNSAuthorizationsRefs, &out.DNSAuthorizationsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DNSAuthorizationsSelector != nil { + in, out := &in.DNSAuthorizationsSelector, &out.DNSAuthorizationsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Domains != nil { in, out := &in.Domains, &out.Domains *out = make([]*string, len(*in)) @@ -1555,6 +1567,18 @@ func (in *ManagedInitParameters) DeepCopyInto(out *ManagedInitParameters) { } } } + if in.DomainsRefs != nil { + in, out := &in.DomainsRefs, &out.DomainsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DomainsSelector != nil { + in, out := &in.DomainsSelector, &out.DomainsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.IssuanceConfig != nil { in, out := &in.IssuanceConfig, &out.IssuanceConfig *out = new(string) @@ -1647,6 +1671,18 @@ func (in *ManagedParameters) DeepCopyInto(out *ManagedParameters) { } } } + if in.DNSAuthorizationsRefs != nil { + in, out := &in.DNSAuthorizationsRefs, &out.DNSAuthorizationsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DNSAuthorizationsSelector != nil { + in, out := &in.DNSAuthorizationsSelector, &out.DNSAuthorizationsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Domains != nil { in, out := &in.Domains, &out.Domains *out = make([]*string, len(*in)) @@ -1658,6 +1694,18 @@ func (in *ManagedParameters) DeepCopyInto(out *ManagedParameters) { } } } + if in.DomainsRefs != nil { + in, out := &in.DomainsRefs, &out.DomainsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.DomainsSelector != nil { + in, out := &in.DomainsSelector, &out.DomainsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.IssuanceConfig != nil { in, out := &in.IssuanceConfig, &out.IssuanceConfig *out = new(string) diff --git a/apis/certificatemanager/v1beta1/zz_generated.resolvers.go b/apis/certificatemanager/v1beta1/zz_generated.resolvers.go index d9d03ae39..320d8c939 100644 --- a/apis/certificatemanager/v1beta1/zz_generated.resolvers.go +++ b/apis/certificatemanager/v1beta1/zz_generated.resolvers.go @@ -17,12 +17,109 @@ import ( client "sigs.k8s.io/controller-runtime/pkg/client" ) -func (mg *CertificateMapEntry) ResolveReferences( // ResolveReferences of this CertificateMapEntry. +func (mg *Certificate) ResolveReferences( // ResolveReferences of this Certificate. ctx context.Context, c client.Reader) error { var m xpresource.Managed var l xpresource.ManagedList r := reference.NewAPIResolver(c, mg) + var mrsp reference.MultiResolutionResponse + var err error + + for i3 := 0; i3 < len(mg.Spec.ForProvider.Managed); i3++ { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Managed[i3].DNSAuthorizations), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.Managed[i3].DNSAuthorizationsRefs, + Selector: mg.Spec.ForProvider.Managed[i3].DNSAuthorizationsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Managed[i3].DNSAuthorizations") + } + mg.Spec.ForProvider.Managed[i3].DNSAuthorizations = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Managed[i3].DNSAuthorizationsRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.ForProvider.Managed); i3++ { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Managed[i3].Domains), + Extract: resource.ExtractParamPath("domain", false), + References: mg.Spec.ForProvider.Managed[i3].DomainsRefs, + Selector: mg.Spec.ForProvider.Managed[i3].DomainsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Managed[i3].Domains") + } + mg.Spec.ForProvider.Managed[i3].Domains = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Managed[i3].DomainsRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Managed); i3++ { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Managed[i3].DNSAuthorizations), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.Managed[i3].DNSAuthorizationsRefs, + Selector: mg.Spec.InitProvider.Managed[i3].DNSAuthorizationsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Managed[i3].DNSAuthorizations") + } + mg.Spec.InitProvider.Managed[i3].DNSAuthorizations = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Managed[i3].DNSAuthorizationsRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Managed); i3++ { + { + m, l, err = apisresolver.GetManagedResource("certificatemanager.gcp.upbound.io", "v1beta1", "DNSAuthorization", "DNSAuthorizationList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Managed[i3].Domains), + Extract: resource.ExtractParamPath("domain", false), + References: mg.Spec.InitProvider.Managed[i3].DomainsRefs, + Selector: mg.Spec.InitProvider.Managed[i3].DomainsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Managed[i3].Domains") + } + mg.Spec.InitProvider.Managed[i3].Domains = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Managed[i3].DomainsRefs = mrsp.ResolvedReferences + + } + + return nil +} + +// ResolveReferences of this CertificateMapEntry. +func (mg *CertificateMapEntry) ResolveReferences(ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + var rsp reference.ResolutionResponse var mrsp reference.MultiResolutionResponse var err error diff --git a/apis/cloudrun/v1beta1/zz_generated.deepcopy.go b/apis/cloudrun/v1beta1/zz_generated.deepcopy.go index f24b19246..07fc83e6e 100644 --- a/apis/cloudrun/v1beta1/zz_generated.deepcopy.go +++ b/apis/cloudrun/v1beta1/zz_generated.deepcopy.go @@ -102,6 +102,18 @@ func (in *CloudSQLInstanceInitParameters) DeepCopyInto(out *CloudSQLInstanceInit } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudSQLInstanceInitParameters. @@ -154,6 +166,18 @@ func (in *CloudSQLInstanceParameters) DeepCopyInto(out *CloudSQLInstanceParamete } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudSQLInstanceParameters. @@ -10965,6 +10989,18 @@ func (in *VolumesCloudSQLInstanceInitParameters) DeepCopyInto(out *VolumesCloudS } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumesCloudSQLInstanceInitParameters. @@ -11017,6 +11053,18 @@ func (in *VolumesCloudSQLInstanceParameters) DeepCopyInto(out *VolumesCloudSQLIn } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new VolumesCloudSQLInstanceParameters. diff --git a/apis/cloudrun/v1beta1/zz_generated.resolvers.go b/apis/cloudrun/v1beta1/zz_generated.resolvers.go index b446fa6e5..004c68826 100644 --- a/apis/cloudrun/v1beta1/zz_generated.resolvers.go +++ b/apis/cloudrun/v1beta1/zz_generated.resolvers.go @@ -9,6 +9,7 @@ package v1beta1 import ( "context" reference "github.com/crossplane/crossplane-runtime/pkg/reference" + resource "github.com/crossplane/upjet/pkg/resource" errors "github.com/pkg/errors" xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" @@ -379,6 +380,7 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { @@ -412,6 +414,33 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { } } } + for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { + for i4 := 0; i4 < len(mg.Spec.ForProvider.Template[i3].Template); i4++ { + for i5 := 0; i5 < len(mg.Spec.ForProvider.Template[i3].Template[i4].Volumes); i5++ { + for i6 := 0; i6 < len(mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance); i6++ { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesRefs, + Selector: mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances") + } + mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesRefs = mrsp.ResolvedReferences + + } + } + } + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { for i4 := 0; i4 < len(mg.Spec.ForProvider.Template[i3].Template); i4++ { for i5 := 0; i5 < len(mg.Spec.ForProvider.Template[i3].Template[i4].Volumes); i5++ { @@ -470,6 +499,33 @@ func (mg *V2Job) ResolveReferences(ctx context.Context, c client.Reader) error { } } } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Template); i3++ { + for i4 := 0; i4 < len(mg.Spec.InitProvider.Template[i3].Template); i4++ { + for i5 := 0; i5 < len(mg.Spec.InitProvider.Template[i3].Template[i4].Volumes); i5++ { + for i6 := 0; i6 < len(mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance); i6++ { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesRefs, + Selector: mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances") + } + mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Template[i3].Template[i4].Volumes[i5].CloudSQLInstance[i6].InstancesRefs = mrsp.ResolvedReferences + + } + } + } + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Template); i3++ { for i4 := 0; i4 < len(mg.Spec.InitProvider.Template[i3].Template); i4++ { for i5 := 0; i5 < len(mg.Spec.InitProvider.Template[i3].Template[i4].Volumes); i5++ { @@ -508,6 +564,7 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { @@ -539,6 +596,31 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err } } } + for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { + for i4 := 0; i4 < len(mg.Spec.ForProvider.Template[i3].Volumes); i4++ { + for i5 := 0; i5 < len(mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance); i5++ { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesRefs, + Selector: mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances") + } + mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesRefs = mrsp.ResolvedReferences + + } + } + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Template); i3++ { for i4 := 0; i4 < len(mg.Spec.ForProvider.Template[i3].Volumes); i4++ { for i5 := 0; i5 < len(mg.Spec.ForProvider.Template[i3].Volumes[i4].Gcs); i5++ { @@ -618,6 +700,31 @@ func (mg *V2Service) ResolveReferences(ctx context.Context, c client.Reader) err } } } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Template); i3++ { + for i4 := 0; i4 < len(mg.Spec.InitProvider.Template[i3].Volumes); i4++ { + for i5 := 0; i5 < len(mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance); i5++ { + { + m, l, err = apisresolver.GetManagedResource("sql.gcp.upbound.io", "v1beta2", "DatabaseInstance", "DatabaseInstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances), + Extract: resource.ExtractParamPath("connection_name", true), + References: mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesRefs, + Selector: mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances") + } + mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Template[i3].Volumes[i4].CloudSQLInstance[i5].InstancesRefs = mrsp.ResolvedReferences + + } + } + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Template); i3++ { for i4 := 0; i4 < len(mg.Spec.InitProvider.Template[i3].Volumes); i4++ { for i5 := 0; i5 < len(mg.Spec.InitProvider.Template[i3].Volumes[i4].Gcs); i5++ { diff --git a/apis/cloudrun/v1beta1/zz_v2job_types.go b/apis/cloudrun/v1beta1/zz_v2job_types.go index 76af017b5..602969b0e 100755 --- a/apis/cloudrun/v1beta1/zz_v2job_types.go +++ b/apis/cloudrun/v1beta1/zz_v2job_types.go @@ -45,7 +45,17 @@ type BinaryAuthorizationParameters struct { type CloudSQLInstanceInitParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type CloudSQLInstanceObservation struct { @@ -57,8 +67,18 @@ type CloudSQLInstanceObservation struct { type CloudSQLInstanceParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +kubebuilder:validation:Optional Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type ContainersEnvInitParameters struct { diff --git a/apis/cloudrun/v1beta1/zz_v2service_types.go b/apis/cloudrun/v1beta1/zz_v2service_types.go index 8396cb9ff..398c27899 100755 --- a/apis/cloudrun/v1beta1/zz_v2service_types.go +++ b/apis/cloudrun/v1beta1/zz_v2service_types.go @@ -1822,8 +1822,18 @@ type VPCAccessNetworkInterfacesParameters struct { type VolumesCloudSQLInstanceInitParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type VolumesCloudSQLInstanceObservation struct { @@ -1836,9 +1846,19 @@ type VolumesCloudSQLInstanceObservation struct { type VolumesCloudSQLInstanceParameters struct { // The Cloud SQL instance connection names, as can be found in https://console.cloud.google.com/sql/instances. Visit https://cloud.google.com/sql/docs/mysql/connect-run for more information on how to connect Cloud SQL and Cloud Run. Format: {project}:{location}:{instance} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/sql/v1beta2.DatabaseInstance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("connection_name",true) // +kubebuilder:validation:Optional // +listType=set Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + + // References to DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of DatabaseInstance in sql to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` } type VolumesSecretItemsInitParameters struct { diff --git a/apis/compute/v1beta1/zz_generated.deepcopy.go b/apis/compute/v1beta1/zz_generated.deepcopy.go index 734dc72ca..dc3cd219f 100644 --- a/apis/compute/v1beta1/zz_generated.deepcopy.go +++ b/apis/compute/v1beta1/zz_generated.deepcopy.go @@ -192,6 +192,18 @@ func (in *ActionInitParameters) DeepCopyInto(out *ActionInitParameters) { } } } + if in.SourceNATActiveIpsRefs != nil { + in, out := &in.SourceNATActiveIpsRefs, &out.SourceNATActiveIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SourceNATActiveIpsSelector != nil { + in, out := &in.SourceNATActiveIpsSelector, &out.SourceNATActiveIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.SourceNATDrainIps != nil { in, out := &in.SourceNATDrainIps, &out.SourceNATDrainIps *out = make([]*string, len(*in)) @@ -266,6 +278,18 @@ func (in *ActionParameters) DeepCopyInto(out *ActionParameters) { } } } + if in.SourceNATActiveIpsRefs != nil { + in, out := &in.SourceNATActiveIpsRefs, &out.SourceNATActiveIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.SourceNATActiveIpsSelector != nil { + in, out := &in.SourceNATActiveIpsSelector, &out.SourceNATActiveIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.SourceNATDrainIps != nil { in, out := &in.SourceNATDrainIps, &out.SourceNATDrainIps *out = make([]*string, len(*in)) @@ -26520,6 +26544,18 @@ func (in *InstanceTemplateDiskInitParameters) DeepCopyInto(out *InstanceTemplate } } } + if in.ResourcePoliciesRefs != nil { + in, out := &in.ResourcePoliciesRefs, &out.ResourcePoliciesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResourcePoliciesSelector != nil { + in, out := &in.ResourcePoliciesSelector, &out.ResourcePoliciesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Source != nil { in, out := &in.Source, &out.Source *out = new(string) @@ -26818,6 +26854,18 @@ func (in *InstanceTemplateDiskParameters) DeepCopyInto(out *InstanceTemplateDisk } } } + if in.ResourcePoliciesRefs != nil { + in, out := &in.ResourcePoliciesRefs, &out.ResourcePoliciesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.ResourcePoliciesSelector != nil { + in, out := &in.ResourcePoliciesSelector, &out.ResourcePoliciesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Source != nil { in, out := &in.Source, &out.Source *out = new(string) @@ -61647,6 +61695,18 @@ func (in *RouterNATInitParameters) DeepCopyInto(out *RouterNATInitParameters) { } } } + if in.NATIpsRefs != nil { + in, out := &in.NATIpsRefs, &out.NATIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.NATIpsSelector != nil { + in, out := &in.NATIpsSelector, &out.NATIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Project != nil { in, out := &in.Project, &out.Project *out = new(string) @@ -62037,6 +62097,18 @@ func (in *RouterNATParameters) DeepCopyInto(out *RouterNATParameters) { } } } + if in.NATIpsRefs != nil { + in, out := &in.NATIpsRefs, &out.NATIpsRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.NATIpsSelector != nil { + in, out := &in.NATIpsSelector, &out.NATIpsSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Project != nil { in, out := &in.Project, &out.Project *out = new(string) diff --git a/apis/compute/v1beta1/zz_generated.resolvers.go b/apis/compute/v1beta1/zz_generated.resolvers.go index f2a491047..f043d29da 100644 --- a/apis/compute/v1beta1/zz_generated.resolvers.go +++ b/apis/compute/v1beta1/zz_generated.resolvers.go @@ -2156,8 +2156,30 @@ func (mg *InstanceTemplate) ResolveReferences(ctx context.Context, c client.Read r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + for i3 := 0; i3 < len(mg.Spec.ForProvider.Disk); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "ResourcePolicy", "ResourcePolicyList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Disk[i3].ResourcePolicies), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.Disk[i3].ResourcePoliciesRefs, + Selector: mg.Spec.ForProvider.Disk[i3].ResourcePoliciesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Disk[i3].ResourcePolicies") + } + mg.Spec.ForProvider.Disk[i3].ResourcePolicies = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Disk[i3].ResourcePoliciesRefs = mrsp.ResolvedReferences + + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Disk); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Disk", "DiskList") @@ -2241,6 +2263,27 @@ func (mg *InstanceTemplate) ResolveReferences(ctx context.Context, c client.Read mg.Spec.ForProvider.ServiceAccount[i3].Email = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.ServiceAccount[i3].EmailRef = rsp.ResolvedReference + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.Disk); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "ResourcePolicy", "ResourcePolicyList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Disk[i3].ResourcePolicies), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.Disk[i3].ResourcePoliciesRefs, + Selector: mg.Spec.InitProvider.Disk[i3].ResourcePoliciesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Disk[i3].ResourcePolicies") + } + mg.Spec.InitProvider.Disk[i3].ResourcePolicies = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Disk[i3].ResourcePoliciesRefs = mrsp.ResolvedReferences + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Disk); i3++ { { @@ -5100,7 +5143,27 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err r := reference.NewAPIResolver(c, mg) var rsp reference.ResolutionResponse + var mrsp reference.MultiResolutionResponse var err error + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.NATIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.ForProvider.NATIpsRefs, + Selector: mg.Spec.ForProvider.NATIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.NATIps") + } + mg.Spec.ForProvider.NATIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.NATIpsRefs = mrsp.ResolvedReferences { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Router", "RouterList") if err != nil { @@ -5121,6 +5184,29 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.Router = reference.ToPtrValue(rsp.ResolvedValue) mg.Spec.ForProvider.RouterRef = rsp.ResolvedReference + for i3 := 0; i3 < len(mg.Spec.ForProvider.Rules); i3++ { + for i4 := 0; i4 < len(mg.Spec.ForProvider.Rules[i3].Action); i4++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIpsRefs, + Selector: mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIps") + } + mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.Rules[i3].Action[i4].SourceNATActiveIpsRefs = mrsp.ResolvedReferences + + } + } for i3 := 0; i3 < len(mg.Spec.ForProvider.Subnetwork); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Subnetwork", "SubnetworkList") @@ -5142,6 +5228,48 @@ func (mg *RouterNAT) ResolveReferences(ctx context.Context, c client.Reader) err mg.Spec.ForProvider.Subnetwork[i3].NameRef = rsp.ResolvedReference } + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.NATIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.InitProvider.NATIpsRefs, + Selector: mg.Spec.InitProvider.NATIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.NATIps") + } + mg.Spec.InitProvider.NATIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.NATIpsRefs = mrsp.ResolvedReferences + + for i3 := 0; i3 < len(mg.Spec.InitProvider.Rules); i3++ { + for i4 := 0; i4 < len(mg.Spec.InitProvider.Rules[i3].Action); i4++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Address", "AddressList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIps), + Extract: resource.ExtractParamPath("self_link", true), + References: mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIpsRefs, + Selector: mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIpsSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIps") + } + mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIps = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.Rules[i3].Action[i4].SourceNATActiveIpsRefs = mrsp.ResolvedReferences + + } + } for i3 := 0; i3 < len(mg.Spec.InitProvider.Subnetwork); i3++ { { m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta1", "Subnetwork", "SubnetworkList") diff --git a/apis/compute/v1beta1/zz_instancetemplate_types.go b/apis/compute/v1beta1/zz_instancetemplate_types.go index dfe8ccc8b..827ff8269 100755 --- a/apis/compute/v1beta1/zz_instancetemplate_types.go +++ b/apis/compute/v1beta1/zz_instancetemplate_types.go @@ -236,8 +236,18 @@ type InstanceTemplateDiskInitParameters struct { ResourceManagerTags map[string]*string `json:"resourceManagerTags,omitempty" tf:"resource_manager_tags,omitempty"` // - A list (short name or id) of resource policies to attach to this disk for automatic snapshot creations. Currently a max of 1 resource policy is supported. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.ResourcePolicy + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() ResourcePolicies []*string `json:"resourcePolicies,omitempty" tf:"resource_policies,omitempty"` + // References to ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesRefs []v1.Reference `json:"resourcePoliciesRefs,omitempty" tf:"-"` + + // Selector for a list of ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesSelector *v1.Selector `json:"resourcePoliciesSelector,omitempty" tf:"-"` + // The name (not self_link) // of the disk (such as those managed by google_compute_disk) to attach. // ~> Note: Either source, source_image, or source_snapshot is required in a disk block unless the disk type is local-ssd. Check the API docs for details. @@ -441,9 +451,19 @@ type InstanceTemplateDiskParameters struct { ResourceManagerTags map[string]*string `json:"resourceManagerTags,omitempty" tf:"resource_manager_tags,omitempty"` // - A list (short name or id) of resource policies to attach to this disk for automatic snapshot creations. Currently a max of 1 resource policy is supported. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.ResourcePolicy + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional ResourcePolicies []*string `json:"resourcePolicies,omitempty" tf:"resource_policies,omitempty"` + // References to ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesRefs []v1.Reference `json:"resourcePoliciesRefs,omitempty" tf:"-"` + + // Selector for a list of ResourcePolicy in compute to populate resourcePolicies. + // +kubebuilder:validation:Optional + ResourcePoliciesSelector *v1.Selector `json:"resourcePoliciesSelector,omitempty" tf:"-"` + // The name (not self_link) // of the disk (such as those managed by google_compute_disk) to attach. // ~> Note: Either source, source_image, or source_snapshot is required in a disk block unless the disk type is local-ssd. Check the API docs for details. diff --git a/apis/compute/v1beta1/zz_routernat_types.go b/apis/compute/v1beta1/zz_routernat_types.go index 6b9c2bd72..d27a7ea88 100755 --- a/apis/compute/v1beta1/zz_routernat_types.go +++ b/apis/compute/v1beta1/zz_routernat_types.go @@ -18,9 +18,19 @@ type ActionInitParameters struct { // A list of URLs of the IP resources used for this NAT rule. // These IP addresses must be valid static external IP addresses assigned to the project. // This field is used for public NAT. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +listType=set SourceNATActiveIps []*string `json:"sourceNatActiveIps,omitempty" tf:"source_nat_active_ips,omitempty"` + // References to Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsRefs []v1.Reference `json:"sourceNatActiveIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsSelector *v1.Selector `json:"sourceNatActiveIpsSelector,omitempty" tf:"-"` + // A list of URLs of the IP resources to be drained. // These IPs must be valid static external IPs that have been assigned to the NAT. // These IPs should be used for updating/patching a NAT rule only. @@ -50,10 +60,20 @@ type ActionParameters struct { // A list of URLs of the IP resources used for this NAT rule. // These IP addresses must be valid static external IP addresses assigned to the project. // This field is used for public NAT. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +kubebuilder:validation:Optional // +listType=set SourceNATActiveIps []*string `json:"sourceNatActiveIps,omitempty" tf:"source_nat_active_ips,omitempty"` + // References to Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsRefs []v1.Reference `json:"sourceNatActiveIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate sourceNatActiveIps. + // +kubebuilder:validation:Optional + SourceNATActiveIpsSelector *v1.Selector `json:"sourceNatActiveIpsSelector,omitempty" tf:"-"` + // A list of URLs of the IP resources to be drained. // These IPs must be valid static external IPs that have been assigned to the NAT. // These IPs should be used for updating/patching a NAT rule only. @@ -116,9 +136,19 @@ type RouterNATInitParameters struct { // Self-links of NAT IPs. Only valid if natIpAllocateOption // is set to MANUAL_ONLY. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +listType=set NATIps []*string `json:"natIps,omitempty" tf:"nat_ips,omitempty"` + // References to Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsRefs []v1.Reference `json:"natIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsSelector *v1.Selector `json:"natIpsSelector,omitempty" tf:"-"` + // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. Project *string `json:"project,omitempty" tf:"project,omitempty"` @@ -363,10 +393,20 @@ type RouterNATParameters struct { // Self-links of NAT IPs. Only valid if natIpAllocateOption // is set to MANUAL_ONLY. + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta1.Address + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("self_link",true) // +kubebuilder:validation:Optional // +listType=set NATIps []*string `json:"natIps,omitempty" tf:"nat_ips,omitempty"` + // References to Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsRefs []v1.Reference `json:"natIpsRefs,omitempty" tf:"-"` + + // Selector for a list of Address in compute to populate natIps. + // +kubebuilder:validation:Optional + NATIpsSelector *v1.Selector `json:"natIpsSelector,omitempty" tf:"-"` + // The ID of the project in which the resource belongs. // If it is not provided, the provider project is used. // +kubebuilder:validation:Optional diff --git a/apis/osconfig/v1beta1/zz_generated.deepcopy.go b/apis/osconfig/v1beta1/zz_generated.deepcopy.go index 325388b36..c664836a1 100644 --- a/apis/osconfig/v1beta1/zz_generated.deepcopy.go +++ b/apis/osconfig/v1beta1/zz_generated.deepcopy.go @@ -9,6 +9,7 @@ package v1beta1 import ( + "github.com/crossplane/crossplane-runtime/apis/common/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) @@ -3944,6 +3945,18 @@ func (in *PatchDeploymentInstanceFilterInitParameters) DeepCopyInto(out *PatchDe } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Zones != nil { in, out := &in.Zones, &out.Zones *out = make([]*string, len(*in)) @@ -4064,6 +4077,18 @@ func (in *PatchDeploymentInstanceFilterParameters) DeepCopyInto(out *PatchDeploy } } } + if in.InstancesRefs != nil { + in, out := &in.InstancesRefs, &out.InstancesRefs + *out = make([]v1.Reference, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.InstancesSelector != nil { + in, out := &in.InstancesSelector, &out.InstancesSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } if in.Zones != nil { in, out := &in.Zones, &out.Zones *out = make([]*string, len(*in)) diff --git a/apis/osconfig/v1beta1/zz_generated.resolvers.go b/apis/osconfig/v1beta1/zz_generated.resolvers.go new file mode 100644 index 000000000..80fae2434 --- /dev/null +++ b/apis/osconfig/v1beta1/zz_generated.resolvers.go @@ -0,0 +1,73 @@ +// SPDX-FileCopyrightText: 2024 The Crossplane Authors +// +// SPDX-License-Identifier: Apache-2.0 +// Code generated by angryjet. DO NOT EDIT. +// Code transformed by upjet. DO NOT EDIT. + +package v1beta1 + +import ( + "context" + reference "github.com/crossplane/crossplane-runtime/pkg/reference" + resource "github.com/crossplane/upjet/pkg/resource" + errors "github.com/pkg/errors" + + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + apisresolver "github.com/upbound/provider-gcp/internal/apis" + client "sigs.k8s.io/controller-runtime/pkg/client" +) + +func (mg *PatchDeployment) ResolveReferences( // ResolveReferences of this PatchDeployment. + ctx context.Context, c client.Reader) error { + var m xpresource.Managed + var l xpresource.ManagedList + r := reference.NewAPIResolver(c, mg) + + var mrsp reference.MultiResolutionResponse + var err error + + for i3 := 0; i3 < len(mg.Spec.ForProvider.InstanceFilter); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.ForProvider.InstanceFilter[i3].Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.ForProvider.InstanceFilter[i3].InstancesRefs, + Selector: mg.Spec.ForProvider.InstanceFilter[i3].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.InstanceFilter[i3].Instances") + } + mg.Spec.ForProvider.InstanceFilter[i3].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.ForProvider.InstanceFilter[i3].InstancesRefs = mrsp.ResolvedReferences + + } + for i3 := 0; i3 < len(mg.Spec.InitProvider.InstanceFilter); i3++ { + { + m, l, err = apisresolver.GetManagedResource("compute.gcp.upbound.io", "v1beta2", "Instance", "InstanceList") + if err != nil { + return errors.Wrap(err, "failed to get the reference target managed resource and its list for reference resolution") + } + mrsp, err = r.ResolveMultiple(ctx, reference.MultiResolutionRequest{ + CurrentValues: reference.FromPtrValues(mg.Spec.InitProvider.InstanceFilter[i3].Instances), + Extract: resource.ExtractResourceID(), + References: mg.Spec.InitProvider.InstanceFilter[i3].InstancesRefs, + Selector: mg.Spec.InitProvider.InstanceFilter[i3].InstancesSelector, + To: reference.To{List: l, Managed: m}, + }) + } + if err != nil { + return errors.Wrap(err, "mg.Spec.InitProvider.InstanceFilter[i3].Instances") + } + mg.Spec.InitProvider.InstanceFilter[i3].Instances = reference.ToPtrValues(mrsp.ResolvedValues) + mg.Spec.InitProvider.InstanceFilter[i3].InstancesRefs = mrsp.ResolvedReferences + + } + + return nil +} diff --git a/apis/osconfig/v1beta1/zz_patchdeployment_types.go b/apis/osconfig/v1beta1/zz_patchdeployment_types.go index e9b513ceb..69c4f133a 100755 --- a/apis/osconfig/v1beta1/zz_patchdeployment_types.go +++ b/apis/osconfig/v1beta1/zz_patchdeployment_types.go @@ -598,8 +598,18 @@ type PatchDeploymentInstanceFilterInitParameters struct { // Targets any of the VM instances specified. Instances are specified by their URI in the form zones/{{zone}}/instances/{{instance_name}}, // projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}, or // https://www.googleapis.com/compute/v1/projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` } @@ -645,9 +655,19 @@ type PatchDeploymentInstanceFilterParameters struct { // Targets any of the VM instances specified. Instances are specified by their URI in the form zones/{{zone}}/instances/{{instance_name}}, // projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}}, or // https://www.googleapis.com/compute/v1/projects/{{project_id}}/zones/{{zone}}/instances/{{instance_name}} + // +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/compute/v1beta2.Instance + // +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID() // +kubebuilder:validation:Optional Instances []*string `json:"instances,omitempty" tf:"instances,omitempty"` + // References to Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesRefs []v1.Reference `json:"instancesRefs,omitempty" tf:"-"` + + // Selector for a list of Instance in compute to populate instances. + // +kubebuilder:validation:Optional + InstancesSelector *v1.Selector `json:"instancesSelector,omitempty" tf:"-"` + // Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. // +kubebuilder:validation:Optional Zones []*string `json:"zones,omitempty" tf:"zones,omitempty"` diff --git a/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml b/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml index 66085f769..299d2173f 100644 --- a/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml +++ b/package/crds/beyondcorp.gcp.upbound.io_appconnections.yaml @@ -95,6 +95,85 @@ spec: items: type: string type: array + connectorsRefs: + description: References to AppConnector in beyondcorp to populate + connectors. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + connectorsSelector: + description: Selector for a list of AppConnector in beyondcorp + to populate connectors. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object displayName: description: An arbitrary user-provided name for the AppConnection. type: string @@ -249,6 +328,85 @@ spec: items: type: string type: array + connectorsRefs: + description: References to AppConnector in beyondcorp to populate + connectors. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + connectorsSelector: + description: Selector for a list of AppConnector in beyondcorp + to populate connectors. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object displayName: description: An arbitrary user-provided name for the AppConnection. type: string diff --git a/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml b/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml index 6357044cb..adc086c75 100644 --- a/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml +++ b/package/crds/binaryauthorization.gcp.upbound.io_policies.yaml @@ -127,6 +127,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array defaultAdmissionRule: @@ -160,6 +239,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array description: @@ -245,6 +403,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array defaultAdmissionRule: @@ -278,6 +515,85 @@ spec: type: string type: array x-kubernetes-list-type: set + requireAttestationsByRefs: + description: References to Attestor in binaryauthorization + to populate requireAttestationsBy. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + requireAttestationsBySelector: + description: Selector for a list of Attestor in binaryauthorization + to populate requireAttestationsBy. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array description: diff --git a/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml b/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml index 638be98b5..f3d946fb5 100644 --- a/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml +++ b/package/crds/certificatemanager.gcp.upbound.io_certificates.yaml @@ -104,6 +104,85 @@ spec: items: type: string type: array + dnsAuthorizationsRefs: + description: References to DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + dnsAuthorizationsSelector: + description: Selector for a list of DNSAuthorization in + certificatemanager to populate dnsAuthorizations. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object domains: description: |- The domains for which a managed SSL certificate will be generated. @@ -111,6 +190,85 @@ spec: items: type: string type: array + domainsRefs: + description: References to DNSAuthorization in certificatemanager + to populate domains. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + domainsSelector: + description: Selector for a list of DNSAuthorization in + certificatemanager to populate domains. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object issuanceConfig: description: |- The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. @@ -248,6 +406,85 @@ spec: items: type: string type: array + dnsAuthorizationsRefs: + description: References to DNSAuthorization in certificatemanager + to populate dnsAuthorizations. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + dnsAuthorizationsSelector: + description: Selector for a list of DNSAuthorization in + certificatemanager to populate dnsAuthorizations. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object domains: description: |- The domains for which a managed SSL certificate will be generated. @@ -255,6 +492,85 @@ spec: items: type: string type: array + domainsRefs: + description: References to DNSAuthorization in certificatemanager + to populate domains. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + domainsSelector: + description: Selector for a list of DNSAuthorization in + certificatemanager to populate domains. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object issuanceConfig: description: |- The resource name for a CertificateIssuanceConfig used to configure private PKI certificates in the format projects//locations//certificateIssuanceConfigs/*. diff --git a/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml b/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml index c3f4412cf..7f02b7220 100644 --- a/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml +++ b/package/crds/cloudrun.gcp.upbound.io_v2jobs.yaml @@ -475,6 +475,87 @@ spec: items: type: string type: array + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named + object. + properties: + name: + description: Name of the referenced + object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an + object with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array name: @@ -1069,6 +1150,87 @@ spec: items: type: string type: array + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named + object. + properties: + name: + description: Name of the referenced + object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an + object with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array name: diff --git a/package/crds/cloudrun.gcp.upbound.io_v2services.yaml b/package/crds/cloudrun.gcp.upbound.io_v2services.yaml index 5c0d61988..4c04ad45a 100644 --- a/package/crds/cloudrun.gcp.upbound.io_v2services.yaml +++ b/package/crds/cloudrun.gcp.upbound.io_v2services.yaml @@ -696,6 +696,85 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object + with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array gcs: @@ -1639,6 +1718,85 @@ spec: type: string type: array x-kubernetes-list-type: set + instancesRefs: + description: References to DatabaseInstance + in sql to populate instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of DatabaseInstance + in sql to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object + with matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object type: object type: array gcs: diff --git a/package/crds/compute.gcp.upbound.io_instancetemplates.yaml b/package/crds/compute.gcp.upbound.io_instancetemplates.yaml index bd0bb6718..60195befd 100644 --- a/package/crds/compute.gcp.upbound.io_instancetemplates.yaml +++ b/package/crds/compute.gcp.upbound.io_instancetemplates.yaml @@ -217,6 +217,85 @@ spec: items: type: string type: array + resourcePoliciesRefs: + description: References to ResourcePolicy in compute to + populate resourcePolicies. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + resourcePoliciesSelector: + description: Selector for a list of ResourcePolicy in compute + to populate resourcePolicies. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object source: description: |- The name (not self_link) @@ -1161,6 +1240,85 @@ spec: items: type: string type: array + resourcePoliciesRefs: + description: References to ResourcePolicy in compute to + populate resourcePolicies. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + resourcePoliciesSelector: + description: Selector for a list of ResourcePolicy in compute + to populate resourcePolicies. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object source: description: |- The name (not self_link) diff --git a/package/crds/compute.gcp.upbound.io_routernats.yaml b/package/crds/compute.gcp.upbound.io_routernats.yaml index 77fc7959e..03e971928 100644 --- a/package/crds/compute.gcp.upbound.io_routernats.yaml +++ b/package/crds/compute.gcp.upbound.io_routernats.yaml @@ -156,6 +156,84 @@ spec: type: string type: array x-kubernetes-list-type: set + natIpsRefs: + description: References to Address in compute to populate natIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + natIpsSelector: + description: Selector for a list of Address in compute to populate + natIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object project: description: |- The ID of the project in which the resource belongs. @@ -263,6 +341,85 @@ spec: type: string type: array x-kubernetes-list-type: set + sourceNatActiveIpsRefs: + description: References to Address in compute to populate + sourceNatActiveIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + sourceNatActiveIpsSelector: + description: Selector for a list of Address in compute + to populate sourceNatActiveIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object sourceNatDrainIps: description: |- A list of URLs of the IP resources to be drained. @@ -535,6 +692,84 @@ spec: type: string type: array x-kubernetes-list-type: set + natIpsRefs: + description: References to Address in compute to populate natIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + natIpsSelector: + description: Selector for a list of Address in compute to populate + natIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object project: description: |- The ID of the project in which the resource belongs. @@ -561,6 +796,85 @@ spec: type: string type: array x-kubernetes-list-type: set + sourceNatActiveIpsRefs: + description: References to Address in compute to populate + sourceNatActiveIps. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + sourceNatActiveIpsSelector: + description: Selector for a list of Address in compute + to populate sourceNatActiveIps. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with + matching labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object sourceNatDrainIps: description: |- A list of URLs of the IP resources to be drained. diff --git a/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml b/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml index 76e08e0c0..73e0e0c37 100644 --- a/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml +++ b/package/crds/osconfig.gcp.upbound.io_patchdeployments.yaml @@ -124,6 +124,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to Instance in compute to populate + instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute + to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object zones: description: Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. @@ -715,6 +794,85 @@ spec: items: type: string type: array + instancesRefs: + description: References to Instance in compute to populate + instances. + items: + description: A Reference to a named object. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + type: array + instancesSelector: + description: Selector for a list of Instance in compute + to populate instances. + properties: + matchControllerRef: + description: |- + MatchControllerRef ensures an object with the same controller reference + as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching + labels is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: |- + Resolution specifies whether resolution of this reference is required. + The default is 'Required', which means the reconcile will fail if the + reference cannot be resolved. 'Optional' means this reference will be + a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: |- + Resolve specifies when this reference should be resolved. The default + is 'IfNotPresent', which will attempt to resolve the reference only when + the corresponding field is not present. Use 'Always' to resolve the + reference on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object zones: description: Targets VM instances in ANY of these zones. Leave empty to target VM instances in any zone. From 48a623b792bb49caa40d5ea0760f8c21fbc77e56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fatih=20T=C3=BCrken?= Date: Tue, 22 Oct 2024 23:19:35 +0300 Subject: [PATCH 5/5] Fix changed example manifests MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fatih Türken --- examples/binaryauthorization/v1beta2/policy.yaml | 8 ++++---- examples/certificatemanager/v1beta2/certificate.yaml | 2 +- examples/compute/v1beta2/instancetemplate.yaml | 12 +++++------- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/examples/binaryauthorization/v1beta2/policy.yaml b/examples/binaryauthorization/v1beta2/policy.yaml index 015cf5bae..bc4bacafa 100644 --- a/examples/binaryauthorization/v1beta2/policy.yaml +++ b/examples/binaryauthorization/v1beta2/policy.yaml @@ -21,7 +21,7 @@ spec: requireAttestationsByRefs: - name: attestor defaultAdmissionRule: - - enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG + enforcementMode: ENFORCED_BLOCK_AND_AUDIT_LOG evaluationMode: ALWAYS_ALLOW --- @@ -37,7 +37,7 @@ metadata: spec: forProvider: attestationAuthorityNote: - - noteReferenceSelector: + noteReferenceSelector: matchLabels: testing.upbound.io/example-name: note @@ -54,5 +54,5 @@ metadata: spec: forProvider: attestationAuthority: - - hint: - - humanReadableName: My attestor + hint: + humanReadableName: My attestor diff --git a/examples/certificatemanager/v1beta2/certificate.yaml b/examples/certificatemanager/v1beta2/certificate.yaml index afdc14f15..4211a63ca 100644 --- a/examples/certificatemanager/v1beta2/certificate.yaml +++ b/examples/certificatemanager/v1beta2/certificate.yaml @@ -18,7 +18,7 @@ spec: labels: env: test managed: - - dnsAuthorizationsRefs: + dnsAuthorizationsRefs: - name: instance - name: instance2 domainsRefs: diff --git a/examples/compute/v1beta2/instancetemplate.yaml b/examples/compute/v1beta2/instancetemplate.yaml index 1c862eda5..fdd268194 100644 --- a/examples/compute/v1beta2/instancetemplate.yaml +++ b/examples/compute/v1beta2/instancetemplate.yaml @@ -18,7 +18,7 @@ spec: - autoDelete: false boot: true resourcePoliciesRefs: - - name: daily_backup + - name: daily-backup sourceImage: debian-cloud/debian-11 - autoDelete: false boot: false @@ -33,14 +33,12 @@ spec: foo: bar name: appserver-template networkInterface: - - networkSelector: - matchLabels: - testing.upbound.io/example-name: example + - network: default scheduling: - - automaticRestart: true + automaticRestart: true onHostMaintenance: MIGRATE serviceAccount: - - emailSelector: + emailSelector: matchLabels: testing.upbound.io/example-name: default scopes: @@ -68,7 +66,7 @@ spec: --- -apiVersion: compute.gcp.upbound.io/v1beta2 +apiVersion: compute.gcp.upbound.io/v1beta1 kind: ResourcePolicy metadata: annotations: