Fix flaws in ClusterBundle API#927
Conversation
Signed-off-by: Erik Godding Boye <egboye@gmail.com>
There was a problem hiding this comment.
Pull request overview
This PR corrects minor API/CRD flaws in the ClusterBundle v1alpha2 surface area introduced during the Bundle → ClusterBundle migration, aligning generated docs and kubectl output with the current schema (notably the defaultCAs/multi-key target model).
Changes:
- Remove
kubebuilder:printcolumn/ CRD printer columns that referenced non-existent.spec.target.{configMap,secret}.keyfields (targets now usedata[]). - Update
status.defaultCAVersionfield documentation to referencespec.defaultCAs(replacing the outdatedspec.includeDefaultCAswording). - Regenerate/align corresponding applyconfiguration and CRD schema descriptions.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| pkg/applyconfigurations/trustmanager/v1alpha2/bundlestatus.go | Updates defaultCAVersion docstring to match the spec.defaultCAs API. |
| pkg/apis/trustmanager/v1alpha2/types_cluster_bundle.go | Removes invalid printer columns and fixes defaultCAVersion documentation reference. |
| deploy/crds/trust-manager.io_clusterbundles.yaml | Removes invalid additionalPrinterColumns and updates the OpenAPI description for defaultCAVersion. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
/cc @SgtCoDFish |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: SgtCoDFish The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
…0.22.0 → v0.22.1) (#204) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [quay.io/jetstack/charts/trust-manager](https://cert-manager.io/docs/trust/trust-manager) ([source](https://github.com/cert-manager/trust-manager)) | patch | `v0.22.0` → `v0.22.1` | --- ### Release Notes <details> <summary>cert-manager/trust-manager (quay.io/jetstack/charts/trust-manager)</summary> ### [`v0.22.1`](https://github.com/cert-manager/trust-manager/releases/tag/v0.22.1) [Compare Source](cert-manager/trust-manager@v0.22.1...v0.22.1) trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters. This release is a patch release, bumping dependencies, Go version, and base images to address vulnerabilities reported by scanners. The release also contains various non-user-facing changes, preparing for the migration from `Bundle` to `ClusterBundle`. ##### What's Changed - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​909](cert-manager/trust-manager#909) - fix(deps): update kubernetes go patches to v0.35.3 by [@​renovate](https://github.com/renovate)\[bot] in [#​911](cert-manager/trust-manager#911) - fix gosec G122 by [@​inteon](https://github.com/inteon) in [#​914](cert-manager/trust-manager#914) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​910](cert-manager/trust-manager#910) - fix: remove trailing dash in certificate.yaml template conditional by [@​archy-rock3t-cloud](https://github.com/archy-rock3t-cloud) in [#​916](cert-manager/trust-manager#916) - Run trust-bundle test in CI by [@​inteon](https://github.com/inteon) in [#​915](cert-manager/trust-manager#915) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​917](cert-manager/trust-manager#917) - chore(deps): update actions/setup-go action to v6.4.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​919](cert-manager/trust-manager#919) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​922](cert-manager/trust-manager#922) - chore(deps): update docker/login-action action to v4.1.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​925](cert-manager/trust-manager#925) - Introduce KAL optional fields checks by [@​erikgb](https://github.com/erikgb) in [#​871](cert-manager/trust-manager#871) - Finalize initial KAL config by [@​erikgb](https://github.com/erikgb) in [#​926](cert-manager/trust-manager#926) - Make Renovate suggest KAL upgrades by [@​erikgb](https://github.com/erikgb) in [#​924](cert-manager/trust-manager#924) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​929](cert-manager/trust-manager#929) - Make Renovate suggest KAL upgrades (take 2) by [@​erikgb](https://github.com/erikgb) in [#​928](cert-manager/trust-manager#928) - Fix flaws in ClusterBundle API by [@​erikgb](https://github.com/erikgb) in [#​927](cert-manager/trust-manager#927) - Remove misleading Helm chart annotation by [@​erikgb](https://github.com/erikgb) in [#​930](cert-manager/trust-manager#930) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​931](cert-manager/trust-manager#931) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​932](cert-manager/trust-manager#932) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​935](cert-manager/trust-manager#935) - fix(deps): update module software.sslmate.com/src/go-pkcs12 to v0.7.1 by [@​renovate](https://github.com/renovate)\[bot] in [#​933](cert-manager/trust-manager#933) - chore(deps): update actions/github-script action to v9 by [@​renovate](https://github.com/renovate)\[bot] in [#​934](cert-manager/trust-manager#934) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​936](cert-manager/trust-manager#936) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​938](cert-manager/trust-manager#938) - Bump trust packages to force rebuild with go 1.26.2 by [@​erikgb](https://github.com/erikgb) in [#​937](cert-manager/trust-manager#937) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​939](cert-manager/trust-manager#939) - fix(deps): update module sigs.k8s.io/structured-merge-diff/v6 to v6.4.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​940](cert-manager/trust-manager#940) - fix(deps): update kubernetes go patches to v0.35.4 by [@​renovate](https://github.com/renovate)\[bot] in [#​941](cert-manager/trust-manager#941) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​942](cert-manager/trust-manager#942) ##### New Contributors - [@​archy-rock3t-cloud](https://github.com/archy-rock3t-cloud) made their first contribution in [#​916](cert-manager/trust-manager#916) **Full Changelog**: <cert-manager/trust-manager@v0.22.0...v0.22.1> ### [`v0.22.1`](https://github.com/cert-manager/trust-manager/releases/tag/v0.22.1) [Compare Source](cert-manager/trust-manager@v0.22.0...v0.22.1) trust-manager is the easiest way to manage security-critical TLS trust bundles in Kubernetes and OpenShift clusters. This release is a patch release, bumping dependencies, Go version, and base images to address vulnerabilities reported by scanners. The release also contains various non-user-facing changes, preparing for the migration from `Bundle` to `ClusterBundle`. ##### What's Changed - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​909](cert-manager/trust-manager#909) - fix(deps): update kubernetes go patches to v0.35.3 by [@​renovate](https://github.com/renovate)\[bot] in [#​911](cert-manager/trust-manager#911) - fix gosec G122 by [@​inteon](https://github.com/inteon) in [#​914](cert-manager/trust-manager#914) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​910](cert-manager/trust-manager#910) - fix: remove trailing dash in certificate.yaml template conditional by [@​archy-rock3t-cloud](https://github.com/archy-rock3t-cloud) in [#​916](cert-manager/trust-manager#916) - Run trust-bundle test in CI by [@​inteon](https://github.com/inteon) in [#​915](cert-manager/trust-manager#915) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​917](cert-manager/trust-manager#917) - chore(deps): update actions/setup-go action to v6.4.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​919](cert-manager/trust-manager#919) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​922](cert-manager/trust-manager#922) - chore(deps): update docker/login-action action to v4.1.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​925](cert-manager/trust-manager#925) - Introduce KAL optional fields checks by [@​erikgb](https://github.com/erikgb) in [#​871](cert-manager/trust-manager#871) - Finalize initial KAL config by [@​erikgb](https://github.com/erikgb) in [#​926](cert-manager/trust-manager#926) - Make Renovate suggest KAL upgrades by [@​erikgb](https://github.com/erikgb) in [#​924](cert-manager/trust-manager#924) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​929](cert-manager/trust-manager#929) - Make Renovate suggest KAL upgrades (take 2) by [@​erikgb](https://github.com/erikgb) in [#​928](cert-manager/trust-manager#928) - Fix flaws in ClusterBundle API by [@​erikgb](https://github.com/erikgb) in [#​927](cert-manager/trust-manager#927) - Remove misleading Helm chart annotation by [@​erikgb](https://github.com/erikgb) in [#​930](cert-manager/trust-manager#930) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​931](cert-manager/trust-manager#931) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​932](cert-manager/trust-manager#932) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​935](cert-manager/trust-manager#935) - fix(deps): update module software.sslmate.com/src/go-pkcs12 to v0.7.1 by [@​renovate](https://github.com/renovate)\[bot] in [#​933](cert-manager/trust-manager#933) - chore(deps): update actions/github-script action to v9 by [@​renovate](https://github.com/renovate)\[bot] in [#​934](cert-manager/trust-manager#934) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​936](cert-manager/trust-manager#936) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​938](cert-manager/trust-manager#938) - Bump trust packages to force rebuild with go 1.26.2 by [@​erikgb](https://github.com/erikgb) in [#​937](cert-manager/trust-manager#937) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​939](cert-manager/trust-manager#939) - fix(deps): update module sigs.k8s.io/structured-merge-diff/v6 to v6.4.0 by [@​renovate](https://github.com/renovate)\[bot] in [#​940](cert-manager/trust-manager#940) - fix(deps): update kubernetes go patches to v0.35.4 by [@​renovate](https://github.com/renovate)\[bot] in [#​941](cert-manager/trust-manager#941) - \[CI] Merge self-upgrade-main into main by [@​octo-sts](https://github.com/octo-sts)\[bot] in [#​942](cert-manager/trust-manager#942) ##### New Contributors - [@​archy-rock3t-cloud](https://github.com/archy-rock3t-cloud) made their first contribution in [#​916](cert-manager/trust-manager#916) **Full Changelog**: <cert-manager/trust-manager@v0.22.0...v0.22.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDEuMSIsInVwZGF0ZWRJblZlciI6IjQzLjEwMS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZS9jb250YWluZXIiLCJ0eXBlL3BhdGNoIl19--> Reviewed-on: https://git.erwanleboucher.dev/eleboucher/homelab/pulls/204
This PR fixes some minor flaws in the new ClusterBundle API noted by Copilot in #702.