Remove package-wide kubebuilder:validation:optional annotation

Kubebuilder will deduce the optional attribute from the JSON
annotations, if unspecified. Add all the missing omitempty JSON
annotations for truly optional fields, which is the right choice in 99%
of the cases anyway. Also add some missing default annotations along the way.

Overall, this brings the CRDs more in sync to what k0s actually expects
at runtime, while omitting the rendering of useless zero values in JSON/
YAML representations.

Signed-off-by: Tom Wieczorek <[email protected]>

docs/configuration.md

@@ -59,11 +59,8 @@ spec:
   controllerManager: {}
   extensions:
     helm:
-      charts: null
       concurrencyLevel: 5
-      repositories: null
     storage:
-      create_default_storage_class: false
       type: external_storage
   installConfig:
     users:
@@ -76,9 +73,9 @@ spec:
     adminPort: 8133
     agentPort: 8132
   network:
-    calico: null
     clusterDomain: cluster.local
-    dualStack: {}
+    dualStack:
+      enabled: false
     kubeProxy:
       iptables:
         minSyncPeriod: 0s
@@ -94,11 +91,7 @@ spec:
     kuberouter:
       autoMTU: true
       hairpin: Enabled
-      ipMasq: false
       metricsPort: 8080
-      mtu: 0
-      peerRouterASNs: ""
-      peerRouterIPs: ""
     nodeLocalLoadBalancing:
       enabled: false
       envoyProxy:
@@ -111,7 +104,6 @@ spec:
   scheduler: {}
   storage:
     etcd:
-      externalCluster: null
       peerAddress: 192.168.68.104
     type: etcd
   telemetry:

pkg/apis/autopilot/v1beta2/updateconfig.go

@@ -93,7 +93,7 @@ type UpgradeStrategy struct {
 	// +kubebuilder:validation:Enum=periodic;cron
 	Type string `json:"type,omitempty"`
 	// Cron defines the cron expression for the cron upgrade strategy
-	//+kubebuilder:deprecatedversion:warning="Cron is deprecated and will be removed in 1.29"
+	// Deprecated: Cron is deprecated and will eventually be ignored
 	Cron string `json:"cron,omitempty"`
 	// Periodic defines the periodic upgrade strategy
 	Periodic PeriodicUpgradeStrategy `json:"periodic,omitempty"`

pkg/apis/k0s/v1beta1/calico.go

@@ -21,48 +21,51 @@ import "encoding/json"
 // Calico defines the calico related config options
 type Calico struct {
 	// Enable wireguard-based encryption (default: false)
-	EnableWireguard bool `json:"wireguard"`
+	EnableWireguard bool `json:"wireguard,omitempty"`
 
 	// Environment variables to configure Calico node (see https://docs.projectcalico.org/reference/node/configuration)
 	EnvVars map[string]string `json:"envVars,omitempty"`
 
 	// The host path for Calicos flex-volume-driver(default: /usr/libexec/k0s/kubelet-plugins/volume/exec/nodeagent~uds)
-	FlexVolumeDriverPath string `json:"flexVolumeDriverPath"`
+	// +kubebuilder:default="/usr/libexec/k0s/kubelet-plugins/volume/exec/nodeagent~uds"
+	FlexVolumeDriverPath string `json:"flexVolumeDriverPath,omitempty"`
 
 	// Host's IP Auto-detection method for Calico (see https://docs.projectcalico.org/reference/node/configuration#ip-autodetection-methods)
 	IPAutodetectionMethod string `json:"ipAutodetectionMethod,omitempty"`
 
 	// Host's IPv6 Auto-detection method for Calico
 	IPv6AutodetectionMethod string `json:"ipV6AutodetectionMethod,omitempty"`
 
-	// MTU for overlay network (default: 0)
-	MTU int `json:"mtu" yaml:"mtu"`
+	// MTU for overlay network (default: 1450)
+	// +kubebuilder:default=1450
+	MTU int `json:"mtu,omitempty"`
 
 	// vxlan (default) or ipip
-	Mode string `json:"mode"`
+	// +kubebuilder:default=vxlan
+	Mode string `json:"mode,omitempty"`
 
 	// Overlay Type (Always, Never or CrossSubnet)
-	Overlay string `json:"overlay" validate:"oneof=Always Never CrossSubnet" `
+	// +kubebuilder:default=Always
+	Overlay string `json:"overlay,omitempty"`
 
 	// The UDP port for VXLAN (default: 4789)
-	VxlanPort int `json:"vxlanPort"`
+	// +kubebuilder:default=4789
+	VxlanPort int `json:"vxlanPort,omitempty"`
 
 	// The virtual network ID for VXLAN (default: 4096)
-	VxlanVNI int `json:"vxlanVNI"`
+	// +kubebuilder:default=4096
+	VxlanVNI int `json:"vxlanVNI,omitempty"`
 }
 
 // DefaultCalico returns sane defaults for calico
 func DefaultCalico() *Calico {
 	return &Calico{
-		Mode:                    "vxlan",
-		VxlanPort:               4789,
-		VxlanVNI:                4096,
-		MTU:                     0,
-		EnableWireguard:         false,
-		FlexVolumeDriverPath:    "/usr/libexec/k0s/kubelet-plugins/volume/exec/nodeagent~uds",
-		Overlay:                 "Always",
-		IPAutodetectionMethod:   "",
-		IPv6AutodetectionMethod: "",
+		Mode:                 "vxlan",
+		VxlanPort:            4789,
+		VxlanVNI:             4096,
+		MTU:                  1450,
+		FlexVolumeDriverPath: "/usr/libexec/k0s/kubelet-plugins/volume/exec/nodeagent~uds",
+		Overlay:              "Always",
 	}
 }
 
@@ -72,11 +75,8 @@ func (c *Calico) UnmarshalJSON(data []byte) error {
 	c.VxlanPort = 4789
 	c.VxlanVNI = 4096
 	c.MTU = 1450
-	c.EnableWireguard = false
 	c.FlexVolumeDriverPath = "/usr/libexec/kubernetes/kubelet-plugins/volume/exec/nodeagent~uds"
 	c.Overlay = "Always"
-	c.IPAutodetectionMethod = ""
-	c.IPv6AutodetectionMethod = ""
 
 	type calico Calico
 	jc := (*calico)(c)

pkg/apis/k0s/v1beta1/clusterconfig_types.go

@@ -59,8 +59,6 @@ type ClusterConfigStatus struct {
 	// Important: Run "make" to regenerate code after modifying this file
 }
 
-//+kubebuilder:validation:Optional
-
 // ClusterConfig is the Schema for the clusterconfigs API
 //
 // +kubebuilder:object:root=true

pkg/apis/k0s/v1beta1/controltypes.go

@@ -28,7 +28,9 @@ type CaResponse struct {
 
 // EtcdRequest defines the etcd control api request structure
 type EtcdRequest struct {
-	Node        string `json:"node"`
+	// +kubebuilder:validation:MinLength=1
+	Node string `json:"node"`
+	// +kubebuilder:validation:MinLength=1
 	PeerAddress string `json:"peerAddress"`
 }
 

pkg/apis/k0s/v1beta1/cplb.go

@@ -38,7 +38,7 @@ type ControlPlaneLoadBalancingSpec struct {
 	// Default: false
 	// +kubebuilder:default=false
 	// +optional
-	Enabled bool `json:"enabled,omitempty"`
+	Enabled bool `json:"enabled"`
 
 	// type indicates the type of the control plane load balancer to deploy on
 	// controller nodes. Currently, the only supported type is "Keepalived".
@@ -78,7 +78,6 @@ type VRRPInstance struct {
 	// VirtualIPs is the list of virtual IP address used by the VRRP instance.
 	// Each virtual IP must be a CIDR as defined in RFC 4632 and RFC 4291.
 	// +kubebuilder:validation:MinItems=1
-	// +kubebuilder:validation:Required
 	// +listType=set
 	VirtualIPs []string `json:"virtualIPs"`
 
@@ -106,7 +105,6 @@ type VRRPInstance struct {
 	// AuthPass must be 8 characters or less.
 	// +kubebuilder:validation:MinLength=1
 	// +kubebuilder:validation:MaxLength=8
-	// +kubebuilder:validation:Required
 	AuthPass string `json:"authPass"`
 }
 
@@ -167,7 +165,6 @@ type VirtualServers []VirtualServer
 // VirtualServer defines the configuration options for a virtual server.
 type VirtualServer struct {
 	// IPAddress is the virtual IP address used by the virtual server.
-	// +kubebuilder:validation:Required
 	// +kubebuilder:validation:MinLength=1
 	IPAddress string `json:"ipAddress"`
 	// DelayLoop is the delay timer for check polling. DelayLoop accepts

pkg/apis/k0s/v1beta1/dualstack.go

@@ -18,7 +18,9 @@ package v1beta1
 
 // DualStack defines network configuration for ipv4\ipv6 mixed cluster setup
 type DualStack struct {
-	Enabled         bool   `json:"enabled,omitempty"`
+	// +kubebuilder:default=false
+	// +optional
+	Enabled         bool   `json:"enabled"`
 	IPv6PodCIDR     string `json:"IPv6podCIDR,omitempty"`
 	IPv6ServiceCIDR string `json:"IPv6serviceCIDR,omitempty"`
 }

pkg/apis/k0s/v1beta1/extensions.go

@@ -29,15 +29,15 @@ var _ Validateable = (*ClusterExtensions)(nil)
 // ClusterExtensions specifies cluster extensions
 type ClusterExtensions struct {
 	//+kubebuilder:deprecatedversion:warning="storage is deprecated and will be ignored in 1.30. https://docs.k0sproject.io/stable/examples/openebs".
-	Storage *StorageExtension `json:"storage"`
-	Helm    *HelmExtensions   `json:"helm"`
+	Storage *StorageExtension `json:"storage,omitempty"`
+	Helm    *HelmExtensions   `json:"helm,omitempty"`
 }
 
 // HelmExtensions specifies settings for cluster helm based extensions
 type HelmExtensions struct {
-	ConcurrencyLevel int                  `json:"concurrencyLevel"`
-	Repositories     RepositoriesSettings `json:"repositories"`
-	Charts           ChartsSettings       `json:"charts"`
+	ConcurrencyLevel int                  `json:"concurrencyLevel,omitempty"`
+	Repositories     RepositoriesSettings `json:"repositories,omitempty"`
+	Charts           ChartsSettings       `json:"charts,omitempty"`
 }
 
 // RepositoriesSettings repository settings
@@ -91,15 +91,20 @@ func (he HelmExtensions) Validate() []error {
 
 // Chart single helm addon
 type Chart struct {
-	Name      string `json:"name"`
+	// +kubebuilder:validation:MinLength=1
+	// +kubebuilder:validation:MaxLength=53
+	// +kubebuilder:validation:Pattern="[a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*"
+	Name string `json:"name"`
+	// +kubebuilder:validation:MinLength=1
 	ChartName string `json:"chartname"`
-	Version   string `json:"version"`
-	Values    string `json:"values"`
-	TargetNS  string `json:"namespace"`
+	Version   string `json:"version,omitempty"`
+	Values    string `json:"values,omitempty"`
+	// +kubebuilder:validation:MinLength=1
+	TargetNS string `json:"namespace"`
 	// Timeout specifies the timeout for how long to wait for the chart installation to finish.
 	// A duration string is a sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
-	Timeout metav1.Duration `json:"timeout"`
-	Order   int             `json:"order"`
+	Timeout metav1.Duration `json:"timeout,omitempty"`
+	Order   int             `json:"order,omitempty"`
 }
 
 // ManifestFileName returns filename to use for the crd manifest
@@ -127,10 +132,10 @@ func (c Chart) Validate() error {
 // Repository describes single repository entry. Fields map to the CLI flags for the "helm add" command
 type Repository struct {
 	// The repository name.
-	// +kubebuilder:Validation:Required
+	// +kubebuilder:validation:MinLength=1
 	Name string `json:"name"`
 	// The repository URL.
-	// +kubebuilder:Validation:Required
+	// +kubebuilder:validation:MinLength=1
 	URL string `json:"url"`
 	// Whether to skip TLS certificate checks when connecting to the repository.
 	Insecure *bool `json:"insecure,omitempty"`

pkg/apis/k0s/v1beta1/feature_gates.go

@@ -35,6 +35,8 @@ var KubernetesComponents = []string{
 }
 
 // FeatureGates collection of feature gate specs
+// +listType=map
+// +listMapKey=name
 type FeatureGates []FeatureGate
 
 // Validate validates all profiles
@@ -86,10 +88,15 @@ func (fgs FeatureGates) AsSliceOfStrings(component string) []string {
 // FeatureGate specifies single feature gate
 type FeatureGate struct {
 	// Name of the feature gate
-	Name string `json:"name,omitempty"`
+	// +kubebuilder:validation:MinLength=1
+	Name string `json:"name"`
 	// Enabled or disabled
-	Enabled bool `json:"enabled,omitempty"`
-	// Components to use feature gate on, if empty `KubernetesComponents` is used as the list
+	Enabled bool `json:"enabled"`
+	// Components to use feature gate on
+	// Default: kube-apiserver, kube-controller-manager, kubelet, kube-scheduler, kube-proxy
+	// +kubebuilder:validation:MinItems=1
+	// +kubebuilder:default={kube-apiserver,kube-controller-manager,kubelet,kube-scheduler,kube-proxy}
+	// +listType=set
 	Components []string `json:"components,omitempty"`
 }
 

pkg/apis/k0s/v1beta1/images.go

@@ -32,7 +32,10 @@ import (
 
 // ImageSpec container image settings
 type ImageSpec struct {
-	Image   string `json:"image"`
+	// +kubebuilder:validation:MinLength=1
+	Image string `json:"image"`
+
+	// +kubebuilder:validation:Pattern="[\\w][\\w.-]{0,127}"
 	Version string `json:"version"`
 }
 
@@ -63,15 +66,15 @@ func (s *ImageSpec) URI() string {
 
 // ClusterImages sets docker images for addon components
 type ClusterImages struct {
-	Konnectivity  ImageSpec `json:"konnectivity"`
-	PushGateway   ImageSpec `json:"pushgateway"`
-	MetricsServer ImageSpec `json:"metricsserver"`
-	KubeProxy     ImageSpec `json:"kubeproxy"`
-	CoreDNS       ImageSpec `json:"coredns"`
-	Pause         ImageSpec `json:"pause"`
+	Konnectivity  ImageSpec `json:"konnectivity,omitempty"`
+	PushGateway   ImageSpec `json:"pushgateway,omitempty"`
+	MetricsServer ImageSpec `json:"metricsserver,omitempty"`
+	KubeProxy     ImageSpec `json:"kubeproxy,omitempty"`
+	CoreDNS       ImageSpec `json:"coredns,omitempty"`
+	Pause         ImageSpec `json:"pause,omitempty"`
 
-	Calico     CalicoImageSpec     `json:"calico"`
-	KubeRouter KubeRouterImageSpec `json:"kuberouter"`
+	Calico     CalicoImageSpec     `json:"calico,omitempty"`
+	KubeRouter KubeRouterImageSpec `json:"kuberouter,omitempty"`
 
 	Repository string `json:"repository,omitempty"`
 
@@ -136,15 +139,15 @@ func (ci *ClusterImages) overrideImageRepositories() {
 
 // CalicoImageSpec config group for calico related image settings
 type CalicoImageSpec struct {
-	CNI             ImageSpec `json:"cni"`
-	Node            ImageSpec `json:"node"`
-	KubeControllers ImageSpec `json:"kubecontrollers"`
+	CNI             ImageSpec `json:"cni,omitempty"`
+	Node            ImageSpec `json:"node,omitempty"`
+	KubeControllers ImageSpec `json:"kubecontrollers,omitempty"`
 }
 
 // KubeRouterImageSpec config group for kube-router related images
 type KubeRouterImageSpec struct {
-	CNI          ImageSpec `json:"cni"`
-	CNIInstaller ImageSpec `json:"cniInstaller"`
+	CNI          ImageSpec `json:"cni,omitempty"`
+	CNIInstaller ImageSpec `json:"cniInstaller,omitempty"`
 }
 
 // DefaultClusterImages default image settings

pkg/apis/k0s/v1beta1/kubeproxy.go

@@ -32,12 +32,12 @@ const (
 
 // KubeProxy defines the configuration for kube-proxy
 type KubeProxy struct {
-	Disabled           bool                            `json:"disabled,omitempty"`
-	Mode               string                          `json:"mode,omitempty"`
-	MetricsBindAddress string                          `json:"metricsBindAddress,omitempty"`
-	IPTables           *KubeProxyIPTablesConfiguration `json:"iptables,omitempty"`
-	IPVS               *KubeProxyIPVSConfiguration     `json:"ipvs,omitempty"`
-	NodePortAddresses  []string                        `json:"nodePortAddresses,omitempty"`
+	Disabled           bool                           `json:"disabled,omitempty"`
+	Mode               string                         `json:"mode,omitempty"`
+	MetricsBindAddress string                         `json:"metricsBindAddress,omitempty"`
+	IPTables           KubeProxyIPTablesConfiguration `json:"iptables,omitempty"`
+	IPVS               KubeProxyIPVSConfiguration     `json:"ipvs,omitempty"`
+	NodePortAddresses  []string                       `json:"nodePortAddresses,omitempty"`
 }
 
 // KubeProxyIPTablesConfiguration contains iptables-related kube-proxy configuration
@@ -66,33 +66,8 @@ type KubeProxyIPVSConfiguration struct {
 // DefaultKubeProxy creates the default config for kube-proxy
 func DefaultKubeProxy() *KubeProxy {
 	return &KubeProxy{
-		Disabled:           false,
 		Mode:               "iptables",
 		MetricsBindAddress: "0.0.0.0:10249",
-		IPTables:           DefaultKubeProxyIPTables(),
-		IPVS:               DefaultKubeProxyIPVS(),
-	}
-}
-
-func DefaultKubeProxyIPTables() *KubeProxyIPTablesConfiguration {
-	return &KubeProxyIPTablesConfiguration{
-		MasqueradeAll: false,
-		SyncPeriod:    metav1.Duration{Duration: 0},
-		MinSyncPeriod: metav1.Duration{Duration: 0},
-		MasqueradeBit: nil,
-	}
-}
-
-func DefaultKubeProxyIPVS() *KubeProxyIPVSConfiguration {
-	return &KubeProxyIPVSConfiguration{
-		ExcludeCIDRs:  nil,
-		Scheduler:     "",
-		SyncPeriod:    metav1.Duration{Duration: 0},
-		MinSyncPeriod: metav1.Duration{Duration: 0},
-		StrictARP:     false,
-		TCPFinTimeout: metav1.Duration{Duration: 0},
-		TCPTimeout:    metav1.Duration{Duration: 0},
-		UDPTimeout:    metav1.Duration{Duration: 0},
 	}
 }