diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/challenge/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/challenge/v1/types_gen.cue index a9f97748..c53db9f5 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/challenge/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/challenge/v1/types_gen.cue @@ -22,7 +22,7 @@ import "strings" // CamelCase. More info: // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds kind: "Challenge" - metadata: { + metadata!: { name!: strings.MaxRunes(253) & strings.MinRunes(1) & { string } @@ -41,20 +41,20 @@ import "strings" #ChallengeSpec: { // The URL to the ACME Authorization resource that this challenge // is a part of. - authorizationURL: string + authorizationURL!: string // dnsName is the identifier that this challenge is for, e.g. // example.com. If the requested DNSName is a 'wildcard', this // field MUST be set to the non-wildcard domain, e.g. for // `*.example.com`, it must be `example.com`. - dnsName: string + dnsName!: string // References a properly configured ACME-type Issuer which should // be used to create this Challenge. If the Issuer does not // exist, processing will be retried. If the Issuer is not an // 'ACME' Issuer, an error will be returned and the Challenge // will be marked as failed. - issuerRef: { + issuerRef!: { // Group of the resource being referred to. group?: string @@ -62,7 +62,7 @@ import "strings" kind?: string // Name of the resource being referred to. - name: string + name!: string } // The ACME challenge key for this challenge For HTTP01 @@ -72,11 +72,11 @@ import "strings" // challenges, this is the base64 encoded SHA256 sum of the // `.` text that must be set as the TXT record content. - key: string + key!: string // Contains the domain solving configuration that should be used // to solve this challenge resource. - solver: { + solver!: { // Configures cert-manager to attempt to complete authorizations // by performing the DNS01 challenge flow. dns01?: { @@ -85,7 +85,7 @@ import "strings" acmeDNS?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accountSecretRef: { + accountSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -93,9 +93,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - host: string + host!: string } // Use the Akamai DNS zone management API to manage DNS01 @@ -103,7 +103,7 @@ import "strings" akamai?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accessTokenSecretRef: { + accessTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -111,12 +111,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientSecretSecretRef: { + clientSecretSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -124,12 +124,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientTokenSecretRef: { + clientTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -137,9 +137,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - serviceConsumerDomain: string + serviceConsumerDomain!: string } // Use the Microsoft Azure DNS API to manage DNS01 challenge @@ -157,7 +157,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // name of the Azure environment (default AzurePublicCloud) @@ -179,10 +179,10 @@ import "strings" } // resource group the DNS zone is located in - resourceGroupName: string + resourceGroupName!: string // ID of the Azure subscription - subscriptionID: string + subscriptionID!: string // when specifying ClientID and ClientSecret then this field is // also needed @@ -195,7 +195,7 @@ import "strings" // which Cloud DNS zone the challenge record has to be created. // If left empty cert-manager will automatically choose a zone. hostedZoneName?: string - project: string + project!: string // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. @@ -207,7 +207,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -224,7 +224,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // API token used to authenticate with Cloudflare. @@ -236,7 +236,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Email of the account, only required when using API key based @@ -250,7 +250,7 @@ import "strings" digitalocean?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - tokenSecretRef: { + tokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -258,7 +258,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -270,7 +270,7 @@ import "strings" // supporting RFC2136 in the form host:port. If the host is an // IPv6 address it must be enclosed in square brackets (e.g // [2001:db8::1]) ; port is optional. This field is required. - nameserver: string + nameserver!: string // The TSIG Algorithm configured in the DNS supporting RFC2136. // Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are @@ -292,7 +292,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -319,7 +319,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // If set, the provider will manage only this zone in Route53 and @@ -329,7 +329,7 @@ import "strings" // Always set the region when using AccessKeyID and // SecretAccessKey - region: string + region!: string // Role is a Role ARN which the Route53 provider will assume using // either the explicit credentials AccessKeyID/SecretAccessKey or @@ -349,7 +349,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -370,12 +370,12 @@ import "strings" // ChallengePayload resources to the webhook apiserver. This // should be the same as the GroupName specified in the webhook // provider implementation. - groupName: string + groupName!: string // The name of the solver to use, as defined in the webhook // provider implementation. This will typically be the name of // the provider, e.g. 'cloudflare'. - solverName: string + solverName!: string } } @@ -419,7 +419,7 @@ import "strings" // Name is the name of the referent. // Support: Core - name: strings.MaxRunes(253) & strings.MinRunes(1) + name!: strings.MaxRunes(253) & strings.MinRunes(1) // Namespace is the namespace of the referent. When unspecified, // this refers to the local namespace of the Route. @@ -597,15 +597,15 @@ import "strings" // sum are the most preferred. preferredDuringSchedulingIgnoredDuringExecution?: [...{ // A node selector term, associated with the corresponding weight. - preference: { + preference!: { // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -619,11 +619,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -637,19 +637,19 @@ import "strings" // Weight associated with matching the corresponding // nodeSelectorTerm, in the range 1-100. - weight: int + weight!: int }] requiredDuringSchedulingIgnoredDuringExecution?: { // Required. A list of node selector terms. The terms are ORed. - nodeSelectorTerms: [...{ + nodeSelectorTerms!: [...{ // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -663,11 +663,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -698,18 +698,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -739,11 +739,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -775,12 +775,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the affinity requirements specified by this field are not @@ -799,11 +799,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -833,11 +833,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -869,7 +869,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } @@ -891,18 +891,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -932,11 +932,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -968,12 +968,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the anti-affinity requirements specified by this field are @@ -992,11 +992,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1026,11 +1026,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1062,7 +1062,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } } @@ -1167,16 +1167,16 @@ import "strings" // The ACME challenge token for this challenge. This is the raw // value returned from the ACME server. - token: string + token!: string // The type of ACME challenge this resource represents. One of // "HTTP-01" or "DNS-01". - type: "HTTP-01" | "DNS-01" + type!: "HTTP-01" | "DNS-01" // The URL of the ACME Challenge resource for this challenge. This // can be used to lookup details about the status of this // challenge. - url: string + url!: string // wildcard will be true if this challenge is for a wildcard // identifier, for example '*.example.com'. diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/order/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/order/v1/types_gen.cue index 99860b45..026f4e13 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/order/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/acme.cert-manager.io/order/v1/types_gen.cue @@ -21,7 +21,7 @@ import "strings" // CamelCase. More info: // https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds kind: "Order" - metadata: { + metadata!: { name!: strings.MaxRunes(253) & strings.MinRunes(1) & { string } @@ -64,7 +64,7 @@ import "strings" // not exist, processing will be retried. If the Issuer is not an // 'ACME' Issuer, an error will be returned and the Order will be // marked as failed. - issuerRef: { + issuerRef!: { // Group of the resource being referred to. group?: string @@ -72,11 +72,11 @@ import "strings" kind?: string // Name of the resource being referred to. - name: string + name!: string } // Certificate signing request bytes in DER encoding. This will be // used when finalizing the order. This field must be set on the // order. - request: string + request!: string } diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificate/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificate/v1/types_gen.cue index 41a9c629..7ebfb75f 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificate/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificate/v1/types_gen.cue @@ -57,7 +57,7 @@ import "strings" additionalOutputFormats?: [...{ // Type is the name of the format type that should be written to // the Certificate's target Secret. - type: "DER" | "CombinedPEM" + type!: "DER" | "CombinedPEM" }] // Requested common name X509 certificate subject attribute. More @@ -108,7 +108,7 @@ import "strings" // the same namespace as the Certificate. If the issuer is // cluster-scoped, it can be used from any namespace. // The `name` field of the reference must always be specified. - issuerRef: { + issuerRef!: { // Group of the resource being referred to. group?: string @@ -116,7 +116,7 @@ import "strings" kind?: string // Name of the resource being referred to. - name: string + name!: string } // Additional keystore output formats to be stored in the @@ -134,11 +134,11 @@ import "strings" // Secret resource, encrypted using the password stored in // `passwordSecretRef` containing the issuing Certificate // Authority - create: bool + create!: bool // PasswordSecretRef is a reference to a key in a Secret resource // containing the password used to encrypt the JKS keystore. - passwordSecretRef: { + passwordSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -146,7 +146,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -162,11 +162,11 @@ import "strings" // Secret resource, encrypted using the password stored in // `passwordSecretRef` containing the issuing Certificate // Authority - create: bool + create!: bool // PasswordSecretRef is a reference to a key in a Secret resource // containing the password used to encrypt the PKCS12 keystore. - passwordSecretRef: { + passwordSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -174,7 +174,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } } @@ -268,7 +268,7 @@ import "strings" // with a private key and certificate, signed by the denoted // issuer. The Secret resource lives in the same namespace as the // Certificate resource. - secretName: string + secretName!: string // Defines annotations and labels to be copied to the // Certificate's Secret. Labels and annotations on the Secret diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificaterequest/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificaterequest/v1/types_gen.cue index ed20eb86..def14043 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificaterequest/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/certificaterequest/v1/types_gen.cue @@ -85,7 +85,7 @@ import "strings" // the same namespace as the Certificate. If the issuer is // cluster-scoped, it can be used from any namespace. // The `name` field of the reference must always be specified. - issuerRef: { + issuerRef!: { // Group of the resource being referred to. group?: string @@ -93,7 +93,7 @@ import "strings" kind?: string // Name of the resource being referred to. - name: string + name!: string } // The PEM-encoded X.509 certificate signing request to be @@ -105,7 +105,7 @@ import "strings" // If the CSR has a ExtKeyUsage extension, its extended key // usages must match the extended key usages in the `usages` // field of this CertificateRequest. - request: string + request!: string // UID contains the uid of the user that created the // CertificateRequest. Populated by the cert-manager webhook on diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/clusterissuer/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/clusterissuer/v1/types_gen.cue index 19082505..debe47e6 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/clusterissuer/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/clusterissuer/v1/types_gen.cue @@ -91,7 +91,7 @@ import "strings" // keyID is the ID of the CA key that the External Account is // bound to. - keyID: string + keyID!: string // keySecretRef is a Secret Key Selector referencing a data item // in a Kubernetes Secret which holds the symmetric MAC key of @@ -100,7 +100,7 @@ import "strings" // be confused with the key data itself, or indeed with the // External Account Binding keyID above. The secret key stored in // the Secret **must** be un-padded, base64 URL encoded data. - keySecretRef: { + keySecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -108,7 +108,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -127,7 +127,7 @@ import "strings" // private key. Optionally, a `key` may be specified to select a // specific entry within the named Secret resource. If `key` is // not specified, a default of `tls.key` will be used. - privateKeySecretRef: { + privateKeySecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -135,7 +135,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Server is the URL used to access the ACME server's 'directory' @@ -143,7 +143,7 @@ import "strings" // you would use: // "https://acme-staging-v02.api.letsencrypt.org/directory". Only // ACME v2 endpoints (i.e. RFC 8555) are supported. - server: string + server!: string // INSECURE: Enables or disables validation of the ACME server TLS // certificate. If true, requests to the ACME server will not @@ -169,7 +169,7 @@ import "strings" acmeDNS?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accountSecretRef: { + accountSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -177,9 +177,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - host: string + host!: string } // Use the Akamai DNS zone management API to manage DNS01 @@ -187,7 +187,7 @@ import "strings" akamai?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accessTokenSecretRef: { + accessTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -195,12 +195,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientSecretSecretRef: { + clientSecretSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -208,12 +208,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientTokenSecretRef: { + clientTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -221,9 +221,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - serviceConsumerDomain: string + serviceConsumerDomain!: string } // Use the Microsoft Azure DNS API to manage DNS01 challenge @@ -241,7 +241,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // name of the Azure environment (default AzurePublicCloud) @@ -263,10 +263,10 @@ import "strings" } // resource group the DNS zone is located in - resourceGroupName: string + resourceGroupName!: string // ID of the Azure subscription - subscriptionID: string + subscriptionID!: string // when specifying ClientID and ClientSecret then this field is // also needed @@ -279,7 +279,7 @@ import "strings" // which Cloud DNS zone the challenge record has to be created. // If left empty cert-manager will automatically choose a zone. hostedZoneName?: string - project: string + project!: string // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. @@ -291,7 +291,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -308,7 +308,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // API token used to authenticate with Cloudflare. @@ -320,7 +320,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Email of the account, only required when using API key based @@ -334,7 +334,7 @@ import "strings" digitalocean?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - tokenSecretRef: { + tokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -342,7 +342,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -354,7 +354,7 @@ import "strings" // supporting RFC2136 in the form host:port. If the host is an // IPv6 address it must be enclosed in square brackets (e.g // [2001:db8::1]) ; port is optional. This field is required. - nameserver: string + nameserver!: string // The TSIG Algorithm configured in the DNS supporting RFC2136. // Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are @@ -376,7 +376,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -403,7 +403,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // If set, the provider will manage only this zone in Route53 and @@ -413,7 +413,7 @@ import "strings" // Always set the region when using AccessKeyID and // SecretAccessKey - region: string + region!: string // Role is a Role ARN which the Route53 provider will assume using // either the explicit credentials AccessKeyID/SecretAccessKey or @@ -433,7 +433,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -454,12 +454,12 @@ import "strings" // ChallengePayload resources to the webhook apiserver. This // should be the same as the GroupName specified in the webhook // provider implementation. - groupName: string + groupName!: string // The name of the solver to use, as defined in the webhook // provider implementation. This will typically be the name of // the provider, e.g. 'cloudflare'. - solverName: string + solverName!: string } } @@ -503,7 +503,7 @@ import "strings" // Name is the name of the referent. // Support: Core - name: strings.MaxRunes(253) & strings.MinRunes(1) + name!: strings.MaxRunes(253) & strings.MinRunes(1) // Namespace is the namespace of the referent. When unspecified, // this refers to the local namespace of the Route. @@ -681,15 +681,15 @@ import "strings" // sum are the most preferred. preferredDuringSchedulingIgnoredDuringExecution?: [...{ // A node selector term, associated with the corresponding weight. - preference: { + preference!: { // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -703,11 +703,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -721,19 +721,19 @@ import "strings" // Weight associated with matching the corresponding // nodeSelectorTerm, in the range 1-100. - weight: int + weight!: int }] requiredDuringSchedulingIgnoredDuringExecution?: { // Required. A list of node selector terms. The terms are ORed. - nodeSelectorTerms: [...{ + nodeSelectorTerms!: [...{ // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -747,11 +747,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -782,18 +782,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -823,11 +823,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -859,12 +859,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the affinity requirements specified by this field are not @@ -883,11 +883,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -917,11 +917,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -953,7 +953,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } @@ -975,18 +975,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1016,11 +1016,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1052,12 +1052,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the anti-affinity requirements specified by this field are @@ -1076,11 +1076,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1110,11 +1110,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1146,7 +1146,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } } @@ -1270,7 +1270,7 @@ import "strings" // SecretName is the name of the secret used to sign Certificates // issued by this Issuer. - secretName: string + secretName!: string } selfSigned?: { // The CRL distribution points is an X.509 v3 certificate @@ -1285,24 +1285,24 @@ import "strings" vault?: { // Auth configures how cert-manager authenticates with the Vault // server. - auth: { + auth!: { // AppRole authenticates with Vault using the App Role auth // mechanism, with the role and secret stored in a Kubernetes // Secret resource. appRole?: { // Path where the App Role authentication backend is mounted in // Vault, e.g: "approle" - path: string + path!: string // RoleID configured in the App Role authentication backend when // setting up the authentication backend in Vault. - roleId: string + roleId!: string // Reference to a key in a Secret that contains the App Role // secret used to authenticate with Vault. The `key` field must // be specified and denotes which entry within the Secret // resource is used as the app role secret. - secretRef: { + secretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -1310,7 +1310,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -1328,7 +1328,7 @@ import "strings" // A required field containing the Vault Role to assume. A Role // binds a Kubernetes ServiceAccount with a set of Vault // policies. - role: string + role!: string // The required Secret field containing a Kubernetes // ServiceAccount JWT used for authenticating with Vault. Use of @@ -1341,11 +1341,11 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } serviceAccountRef?: { // Name of the ServiceAccount used to request a token. - name: string + name!: string } } @@ -1358,7 +1358,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -1386,7 +1386,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Name of the vault namespace. Namespaces is a set of features @@ -1398,11 +1398,11 @@ import "strings" // Path is the mount path of the Vault PKI backend's `sign` // endpoint, e.g: "my_pki_mount/sign/my-role-name". - path: string + path!: string // Server is the connection address for the Vault server, e.g: // "https://vault.example.com:8200". - server: string + server!: string } // Venafi configures this issuer to sign certificates using a @@ -1413,7 +1413,7 @@ import "strings" cloud?: { // APITokenSecretRef is a secret key selector for the Venafi Cloud // API token. - apiTokenSecretRef: { + apiTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -1421,7 +1421,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // URL is the base URL for Venafi Cloud. Defaults to @@ -1438,20 +1438,20 @@ import "strings" // certificate bundle in the cert-manager controller container is // used to validate the chain. caBundle?: string - credentialsRef: { + credentialsRef!: { // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // URL is the base URL for the vedsdk endpoint of the Venafi TPP // instance, for example: "https://tpp.example.com/vedsdk". - url: string + url!: string } // Zone is the Venafi Policy Zone to use for this issuer. All // requests made to the Venafi platform will be restricted by the // named zone policy. This field is required. - zone: string + zone!: string } } diff --git a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/issuer/v1/types_gen.cue b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/issuer/v1/types_gen.cue index df795b77..ffe29cfd 100644 --- a/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/issuer/v1/types_gen.cue +++ b/cmd/timoni/testdata/crd/golden/cue.mod/gen/cert-manager.io/issuer/v1/types_gen.cue @@ -90,7 +90,7 @@ import "strings" // keyID is the ID of the CA key that the External Account is // bound to. - keyID: string + keyID!: string // keySecretRef is a Secret Key Selector referencing a data item // in a Kubernetes Secret which holds the symmetric MAC key of @@ -99,7 +99,7 @@ import "strings" // be confused with the key data itself, or indeed with the // External Account Binding keyID above. The secret key stored in // the Secret **must** be un-padded, base64 URL encoded data. - keySecretRef: { + keySecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -107,7 +107,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -126,7 +126,7 @@ import "strings" // private key. Optionally, a `key` may be specified to select a // specific entry within the named Secret resource. If `key` is // not specified, a default of `tls.key` will be used. - privateKeySecretRef: { + privateKeySecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -134,7 +134,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Server is the URL used to access the ACME server's 'directory' @@ -142,7 +142,7 @@ import "strings" // you would use: // "https://acme-staging-v02.api.letsencrypt.org/directory". Only // ACME v2 endpoints (i.e. RFC 8555) are supported. - server: string + server!: string // INSECURE: Enables or disables validation of the ACME server TLS // certificate. If true, requests to the ACME server will not @@ -168,7 +168,7 @@ import "strings" acmeDNS?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accountSecretRef: { + accountSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -176,9 +176,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - host: string + host!: string } // Use the Akamai DNS zone management API to manage DNS01 @@ -186,7 +186,7 @@ import "strings" akamai?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - accessTokenSecretRef: { + accessTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -194,12 +194,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientSecretSecretRef: { + clientSecretSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -207,12 +207,12 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - clientTokenSecretRef: { + clientTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -220,9 +220,9 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } - serviceConsumerDomain: string + serviceConsumerDomain!: string } // Use the Microsoft Azure DNS API to manage DNS01 challenge @@ -240,7 +240,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // name of the Azure environment (default AzurePublicCloud) @@ -262,10 +262,10 @@ import "strings" } // resource group the DNS zone is located in - resourceGroupName: string + resourceGroupName!: string // ID of the Azure subscription - subscriptionID: string + subscriptionID!: string // when specifying ClientID and ClientSecret then this field is // also needed @@ -278,7 +278,7 @@ import "strings" // which Cloud DNS zone the challenge record has to be created. // If left empty cert-manager will automatically choose a zone. hostedZoneName?: string - project: string + project!: string // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. @@ -290,7 +290,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -307,7 +307,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // API token used to authenticate with Cloudflare. @@ -319,7 +319,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Email of the account, only required when using API key based @@ -333,7 +333,7 @@ import "strings" digitalocean?: { // A reference to a specific 'key' within a Secret resource. In // some instances, `key` is a required field. - tokenSecretRef: { + tokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -341,7 +341,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -353,7 +353,7 @@ import "strings" // supporting RFC2136 in the form host:port. If the host is an // IPv6 address it must be enclosed in square brackets (e.g // [2001:db8::1]) ; port is optional. This field is required. - nameserver: string + nameserver!: string // The TSIG Algorithm configured in the DNS supporting RFC2136. // Used only when ``tsigSecretSecretRef`` and ``tsigKeyName`` are @@ -375,7 +375,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -402,7 +402,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // If set, the provider will manage only this zone in Route53 and @@ -412,7 +412,7 @@ import "strings" // Always set the region when using AccessKeyID and // SecretAccessKey - region: string + region!: string // Role is a Role ARN which the Route53 provider will assume using // either the explicit credentials AccessKeyID/SecretAccessKey or @@ -432,7 +432,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -453,12 +453,12 @@ import "strings" // ChallengePayload resources to the webhook apiserver. This // should be the same as the GroupName specified in the webhook // provider implementation. - groupName: string + groupName!: string // The name of the solver to use, as defined in the webhook // provider implementation. This will typically be the name of // the provider, e.g. 'cloudflare'. - solverName: string + solverName!: string } } @@ -502,7 +502,7 @@ import "strings" // Name is the name of the referent. // Support: Core - name: strings.MaxRunes(253) & strings.MinRunes(1) + name!: strings.MaxRunes(253) & strings.MinRunes(1) // Namespace is the namespace of the referent. When unspecified, // this refers to the local namespace of the Route. @@ -680,15 +680,15 @@ import "strings" // sum are the most preferred. preferredDuringSchedulingIgnoredDuringExecution?: [...{ // A node selector term, associated with the corresponding weight. - preference: { + preference!: { // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -702,11 +702,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -720,19 +720,19 @@ import "strings" // Weight associated with matching the corresponding // nodeSelectorTerm, in the range 1-100. - weight: int + weight!: int }] requiredDuringSchedulingIgnoredDuringExecution?: { // Required. A list of node selector terms. The terms are ORed. - nodeSelectorTerms: [...{ + nodeSelectorTerms!: [...{ // A list of node selector requirements by node's labels. matchExpressions?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -746,11 +746,11 @@ import "strings" // A list of node selector requirements by node's fields. matchFields?: [...{ // The label key that the selector applies to. - key: string + key!: string // Represents a key's relationship to a set of values. Valid // operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - operator: string + operator!: string // An array of string values. If the operator is In or NotIn, the // values array must be non-empty. If the operator is Exists or @@ -781,18 +781,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -822,11 +822,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -858,12 +858,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the affinity requirements specified by this field are not @@ -882,11 +882,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -916,11 +916,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -952,7 +952,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } @@ -974,18 +974,18 @@ import "strings" preferredDuringSchedulingIgnoredDuringExecution?: [...{ // Required. A pod affinity term, associated with the // corresponding weight. - podAffinityTerm: { + podAffinityTerm!: { // A label query over a set of resources, in this case pods. labelSelector?: { // matchExpressions is a list of label selector requirements. The // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1015,11 +1015,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1051,12 +1051,12 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string } // weight associated with matching the corresponding // podAffinityTerm, in the range 1-100. - weight: int + weight!: int }] // If the anti-affinity requirements specified by this field are @@ -1075,11 +1075,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1109,11 +1109,11 @@ import "strings" // requirements are ANDed. matchExpressions?: [...{ // key is the label key that the selector applies to. - key: string + key!: string // operator represents a key's relationship to a set of values. // Valid operators are In, NotIn, Exists and DoesNotExist. - operator: string + operator!: string // values is an array of string values. If the operator is In or // NotIn, the values array must be non-empty. If the operator is @@ -1145,7 +1145,7 @@ import "strings" // running on a node whose value of the label with key // topologyKey matches that of any node on which any of the // selected pods is running. Empty topologyKey is not allowed. - topologyKey: string + topologyKey!: string }] } } @@ -1269,7 +1269,7 @@ import "strings" // SecretName is the name of the secret used to sign Certificates // issued by this Issuer. - secretName: string + secretName!: string } selfSigned?: { // The CRL distribution points is an X.509 v3 certificate @@ -1284,24 +1284,24 @@ import "strings" vault?: { // Auth configures how cert-manager authenticates with the Vault // server. - auth: { + auth!: { // AppRole authenticates with Vault using the App Role auth // mechanism, with the role and secret stored in a Kubernetes // Secret resource. appRole?: { // Path where the App Role authentication backend is mounted in // Vault, e.g: "approle" - path: string + path!: string // RoleID configured in the App Role authentication backend when // setting up the authentication backend in Vault. - roleId: string + roleId!: string // Reference to a key in a Secret that contains the App Role // secret used to authenticate with Vault. The `key` field must // be specified and denotes which entry within the Secret // resource is used as the app role secret. - secretRef: { + secretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -1309,7 +1309,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -1327,7 +1327,7 @@ import "strings" // A required field containing the Vault Role to assume. A Role // binds a Kubernetes ServiceAccount with a set of Vault // policies. - role: string + role!: string // The required Secret field containing a Kubernetes // ServiceAccount JWT used for authenticating with Vault. Use of @@ -1340,11 +1340,11 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } serviceAccountRef?: { // Name of the ServiceAccount used to request a token. - name: string + name!: string } } @@ -1357,7 +1357,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } } @@ -1385,7 +1385,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // Name of the vault namespace. Namespaces is a set of features @@ -1397,11 +1397,11 @@ import "strings" // Path is the mount path of the Vault PKI backend's `sign` // endpoint, e.g: "my_pki_mount/sign/my-role-name". - path: string + path!: string // Server is the connection address for the Vault server, e.g: // "https://vault.example.com:8200". - server: string + server!: string } // Venafi configures this issuer to sign certificates using a @@ -1412,7 +1412,7 @@ import "strings" cloud?: { // APITokenSecretRef is a secret key selector for the Venafi Cloud // API token. - apiTokenSecretRef: { + apiTokenSecretRef!: { // The key of the entry in the Secret resource's `data` field to // be used. Some instances of this field may be defaulted, in // others it may be required. @@ -1420,7 +1420,7 @@ import "strings" // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // URL is the base URL for Venafi Cloud. Defaults to @@ -1437,20 +1437,20 @@ import "strings" // certificate bundle in the cert-manager controller container is // used to validate the chain. caBundle?: string - credentialsRef: { + credentialsRef!: { // Name of the resource being referred to. More info: // https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - name: string + name!: string } // URL is the base URL for the vedsdk endpoint of the Venafi TPP // instance, for example: "https://tpp.example.com/vedsdk". - url: string + url!: string } // Zone is the Venafi Policy Zone to use for this issuer. All // requests made to the Venafi platform will be restricted by the // named zone policy. This field is required. - zone: string + zone!: string } } diff --git a/internal/engine/importer_test.go b/internal/engine/importer_test.go index 838cbde7..049c1bb7 100644 --- a/internal/engine/importer_test.go +++ b/internal/engine/importer_test.go @@ -147,7 +147,7 @@ func TestConvertCRD(t *testing.T) { required: ["foo"] `, expect: `{ - foo: string + foo!: string }`, }, { @@ -161,7 +161,7 @@ func TestConvertCRD(t *testing.T) { required: ["foo"] additionalProperties: false`, expect: `{ - foo: string + foo!: string }`, }, { @@ -176,7 +176,7 @@ func TestConvertCRD(t *testing.T) { required: ["foo"] `, expect: `{ - foo: string + foo!: string ... }`, }, @@ -210,8 +210,8 @@ func TestConvertCRD(t *testing.T) { required: ["foo", "nest"] `, expect: `{ - foo: string - nest: { + foo!: string + nest!: { innerField?: string nestnest?: { nestnestnest?: { @@ -240,8 +240,8 @@ func TestConvertCRD(t *testing.T) { required: ["foo", "nest"] `, expect: `{ - foo: string - nest: { + foo!: string + nest!: { innerField?: string } }`, @@ -264,8 +264,8 @@ func TestConvertCRD(t *testing.T) { required: ["foo", "nest"] additionalProperties: false`, expect: `{ - foo: string - nest: { + foo!: string + nest!: { innerField?: string } }`, @@ -288,8 +288,8 @@ func TestConvertCRD(t *testing.T) { required: ["foo", "nest"] `, expect: `{ - foo: string - nest: { + foo!: string + nest!: { innerField?: string } ... @@ -328,7 +328,7 @@ func TestConvertCRD(t *testing.T) { expect: `{ resources?: { claims?: [...{ - name: string + name!: string }] } spec?: {