Skip to content

Commit

Permalink
Update to ACK runtime v0.39.0, code-generator v0.39.1 (#82)
Browse files Browse the repository at this point in the history 
### Update to ACK runtime `v0.39.0`, code-generator `v0.39.1`

----------

* ACK code-generator `v0.39.1` [release notes](https://github.com/aws-controllers-k8s/code-generator/releases/tag/v0.39.1)
* ACK runtime `v0.39.0` [release notes](https://github.com/aws-controllers-k8s/runtime/releases/tag/v0.39.0)

----------

NOTE:
This PR increments the release version of service controller from `v1.0.16` to `v1.0.17`

Once this PR is merged, release `v1.0.17` will be automatically created for `kms-controller`

**Please close this PR, if you do not want the new patch release for `kms-controller`**

----------

#### stdout for `make build-controller`:

```
building ack-generate ... ok.
==== building kms-controller ====
Copying common custom resource definitions into kms
Building Kubernetes API objects for kms
Generating deepcopy code for kms
Generating custom resource definitions for kms
Building service controller for kms
Generating RBAC manifests for kms
Running gofmt against generated code for kms
Updating additional GitHub repository maintenance files
==== building kms-controller release artifacts ====
Building release artifacts for kms-v1.0.17
Generating common custom resource definitions
Generating custom resource definitions for kms
Generating RBAC manifests for kms
```

----------

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
  • Loading branch information
@ack-bot
ack-bot authored Oct 12, 2024
1 parent 0a96131 commit 70d6477
Show file tree
Hide file tree
Showing 20 changed files with 137 additions and 431 deletions.
8 changes: 4 additions & 4 deletions apis/v1alpha1/ack-generate-metadata.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
ack_generate_info:
build_date: "2024-08-29T16:59:01Z"
build_hash: f8f98563404066ac3340db0a049d2e530e5c51cc
go_version: go1.22.5
version: v0.38.1
build_date: "2024-10-10T04:10:11Z"
build_hash: 36c2d234498c2bc4f60773ab8df632af4067f43b
go_version: go1.23.2
version: v0.39.1
api_directory_checksum: ccee1b4810828db7457ca421f6bab5f087ce5b5c
api_version: v1alpha1
aws_sdk_go_version: v1.44.93
Expand Down
2 changes: 1 addition & 1 deletion config/controller/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,4 @@ kind: Kustomization
images:
- name: controller
newName: public.ecr.aws/aws-controllers-k8s/kms-controller
newTag: 1.0.16
newTag: 1.0.17
13 changes: 2 additions & 11 deletions config/crd/bases/kms.services.k8s.aws_aliases.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: aliases.kms.services.k8s.aws
spec:
group: kms.services.k8s.aws
Expand Down Expand Up @@ -44,7 +44,6 @@ spec:
Specifies the alias name. This value must begin with alias/ followed by a
name, such as alias/ExampleAlias.
The AliasName value must be string of 1-256 characters. It can contain only
alphanumeric characters, forward slashes (/), underscores (_), and dashes
(-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is
Expand All @@ -55,33 +54,26 @@ spec:
Associates the alias with the specified customer managed key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).
The KMS key must be in the same Amazon Web Services Region.
A valid key ID is required. If you supply a null or empty string value, this
operation returns an error.
For help finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn)
in the Key Management Service Developer Guide .
Specify the key ID or key ARN of the KMS key.
For example:
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
type: string
targetKeyRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand Down Expand Up @@ -115,7 +107,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down
23 changes: 2 additions & 21 deletions config/crd/bases/kms.services.k8s.aws_grants.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
controller-gen.kubebuilder.io/version: v0.16.2
name: grants.kms.services.k8s.aws
spec:
group: kms.services.k8s.aws
Expand Down Expand Up @@ -43,7 +43,6 @@ spec:
description: |-
Specifies a grant constraint.
KMS supports the EncryptionContextEquals and EncryptionContextSubset grant
constraints. Each constraint value can include up to 8 encryption context
pairs. The encryption context value in each constraint cannot exceed 384
Expand All @@ -53,13 +52,11 @@ spec:
encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)
in the Key Management Service Developer Guide .
The encryption context grant constraints allow the permissions in the grant
only when the encryption context in the request matches (EncryptionContextEquals)
or includes (EncryptionContextSubset) the encryption context specified in
this structure.
The encryption context grant constraints are supported only on grant operations
(https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations)
that include an EncryptionContext parameter, such as cryptographic operations
Expand All @@ -69,7 +66,6 @@ spec:
operation, the constraint requires that any grants created with the CreateGrant
permission have an equally strict or stricter encryption context constraint.
You cannot use an encryption context grant constraint for cryptographic operations
with asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption
context.
Expand All @@ -87,7 +83,6 @@ spec:
description: |-
A list of grant tokens.
Use a grant token when your permission to call this operation comes from
a new grant that has not yet achieved eventual consistency. For more information,
see Grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token)
Expand All @@ -100,7 +95,6 @@ spec:
description: |-
The identity that gets the permissions specified in the grant.
To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
of an Amazon Web Services principal. Valid Amazon Web Services principals
include Amazon Web Services accounts (root), IAM users, IAM roles, federated
Expand All @@ -114,26 +108,21 @@ spec:
Identifies the KMS key for the grant. The grant gives principals permission
to use this KMS key.
Specify the key ID or key ARN of the KMS key. To specify a KMS key in a different
Amazon Web Services account, you must use the key ARN.
For example:
* Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
* Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
type: string
keyRef:
description: "AWSResourceReferenceWrapper provides a wrapper around
*AWSResourceReference\ntype to provide more user friendly syntax
for references using 'from' field\nEx:\nAPIIDRef:\n\n\n\tfrom:\n\t
for references using 'from' field\nEx:\nAPIIDRef:\n\n\tfrom:\n\t
\ name: my-api"
properties:
from:
Expand All @@ -152,12 +141,10 @@ spec:
A friendly name for the grant. Use this value to prevent the unintended creation
of duplicate grants when retrying this request.
When this value is absent, all CreateGrant requests result in a new grant
with a unique GrantId even if all the supplied parameters are identical.
This can result in unintended duplicates when you retry the CreateGrant request.
When this value is present, you can retry a CreateGrant request with identical
parameters; if the grant already exists, the original GrantId is returned
without creating a new grant. Note that the returned grant token is unique
Expand All @@ -168,7 +155,6 @@ spec:
description: |-
A list of operations that the grant permits.
This list must include only operations that are permitted in a grant. Also,
the operation must be supported on the KMS key. For example, you cannot create
a grant for a symmetric encryption KMS key that allows the Sign operation,
Expand All @@ -184,7 +170,6 @@ spec:
The principal that has permission to use the RetireGrant operation to retire
the grant.
To specify the principal, use the Amazon Resource Name (ARN) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
of an Amazon Web Services principal. Valid Amazon Web Services principals
include Amazon Web Services accounts (root), IAM users, federated users,
Expand All @@ -193,7 +178,6 @@ spec:
(https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-iam)
in the Example ARNs section of the Amazon Web Services General Reference.
The grant determines the retiring principal. Other principals might have
permission to retire the grant or revoke the grant. For details, see RevokeGrant
and Retiring and revoking grants (https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete)
Expand All @@ -220,7 +204,6 @@ spec:
when it has verified that an "adopted" resource (a resource where the
ARN annotation was set by the Kubernetes user on the CR) exists and
matches the supplied CR's Spec field values.
TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse
https://github.com/aws/aws-controllers-k8s/issues/270
type: string
ownerAccountID:
Expand Down Expand Up @@ -275,14 +258,12 @@ spec:
description: |-
The unique identifier for the grant.
You can use the GrantId in a ListGrants, RetireGrant, or RevokeGrant operation.
type: string
grantToken:
description: |-
The grant token.
Use a grant token when your permission to call this operation comes from
a new grant that has not yet achieved eventual consistency. For more information,
see Grant token (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token)
Expand Down
Loading

0 comments on commit 70d6477

Please sign in to comment.