add CEL validation for RegistrySources in Image API

Author: muraee

config/v1/types_image.go

@@ -162,6 +162,8 @@ type RegistryLocation struct {
 }
 
 // RegistrySources holds cluster-wide information about how to handle the registries config.
+//
+// +kubebuilder:validation:XValidation:rule="self.blockedRegistries.size() > 0 ? self.allowedRegistries.size() == 0 : true",message="Only one of BlockedRegistries or AllowedRegistries may be set"
 type RegistrySources struct {
 	// insecureRegistries are registries which do not have a valid TLS certificates or only support HTTP connections.
 	// +optional

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images-CustomNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images-Default.crd.yaml

@@ -139,6 +139,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images-DevPreviewNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

config/v1/zz_generated.crd-manifests/0000_10_config-operator_01_images-TechPreviewNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

config/v1/zz_generated.featuregated-crd-manifests/images.config.openshift.io/AAA_ungated.yaml

@@ -139,6 +139,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

config/v1/zz_generated.featuregated-crd-manifests/images.config.openshift.io/ImageStreamImportMode.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

payload-manifests/crds/0000_10_config-operator_01_images-CustomNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

payload-manifests/crds/0000_10_config-operator_01_images-Default.crd.yaml

@@ -139,6 +139,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

payload-manifests/crds/0000_10_config-operator_01_images-DevPreviewNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not

payload-manifests/crds/0000_10_config-operator_01_images-TechPreviewNoUpgrade.crd.yaml

@@ -160,6 +160,11 @@ spec:
                     type: array
                     x-kubernetes-list-type: atomic
                 type: object
+                x-kubernetes-validations:
+                - message: Only one of BlockedRegistries or AllowedRegistries may
+                    be set
+                  rule: 'self.blockedRegistries.size() > 0 ? self.allowedRegistries.size()
+                    == 0 : true'
             type: object
           status:
             description: status holds observed values from the cluster. They may not