Coverage for ocp_resources/image_config_openshift_io.py: 0%

23 statements  

« prev     ^ index     » next       coverage.py v7.6.10, created at 2025-01-30 10:48 +0200

1# Generated using https://github.com/RedHatQE/openshift-python-wrapper/blob/main/scripts/resource/README.md 

2 

3from typing import Any, Dict, List, Optional 

4from ocp_resources.resource import Resource 

5 

6 

7class Image(Resource): 

8 """ 

9 Image governs policies related to imagestream imports and runtime configuration for external registries. It allows cluster admins to configure which registries OpenShift is allowed to import images from, extra CA trust bundles for external registries, and policies to block or allow registry hostnames. When exposing OpenShift's image registry to the public, this also lets cluster admins specify the external hostname. 

10 Compatibility level 1: Stable within a major release for a minimum of 12 months or 3 minor releases (whichever is longer). 

11 """ 

12 

13 api_group: str = Resource.ApiGroup.CONFIG_OPENSHIFT_IO 

14 

15 def __init__( 

16 self, 

17 additional_trusted_ca: Optional[Dict[str, Any]] = None, 

18 allowed_registries_for_import: Optional[List[Any]] = None, 

19 external_registry_hostnames: Optional[List[Any]] = None, 

20 registry_sources: Optional[Dict[str, Any]] = None, 

21 **kwargs: Any, 

22 ) -> None: 

23 """ 

24 Args: 

25 additional_trusted_ca (Dict[str, Any]): additionalTrustedCA is a reference to a ConfigMap containing 

26 additional CAs that should be trusted during imagestream import, 

27 pod image pull, build image pull, and imageregistry pullthrough. 

28 The namespace for this config map is openshift-config. 

29 

30 allowed_registries_for_import (List[Any]): allowedRegistriesForImport limits the container image registries that 

31 normal users may import images from. Set this list to the 

32 registries that you trust to contain valid Docker images and that 

33 you want applications to be able to import from. Users with 

34 permission to create Images or ImageStreamMappings via the API are 

35 not affected by this policy - typically only administrators or 

36 system integrations will have those permissions. 

37 

38 external_registry_hostnames (List[Any]): externalRegistryHostnames provides the hostnames for the default 

39 external image registry. The external hostname should be set only 

40 when the image registry is exposed externally. The first value is 

41 used in 'publicDockerImageRepository' field in ImageStreams. The 

42 value must be in "hostname[:port]" format. 

43 

44 registry_sources (Dict[str, Any]): registrySources contains configuration that determines how the 

45 container runtime should treat individual registries when 

46 accessing images for builds+pods. (e.g. whether or not to allow 

47 insecure access). It does not contain configuration for the 

48 internal cluster registry. 

49 

50 """ 

51 super().__init__(**kwargs) 

52 

53 self.additional_trusted_ca = additional_trusted_ca 

54 self.allowed_registries_for_import = allowed_registries_for_import 

55 self.external_registry_hostnames = external_registry_hostnames 

56 self.registry_sources = registry_sources 

57 

58 def to_dict(self) -> None: 

59 super().to_dict() 

60 

61 if not self.kind_dict and not self.yaml_file: 

62 self.res["spec"] = {} 

63 _spec = self.res["spec"] 

64 

65 if self.additional_trusted_ca: 

66 _spec["additionalTrustedCA"] = self.additional_trusted_ca 

67 

68 if self.allowed_registries_for_import: 

69 _spec["allowedRegistriesForImport"] = self.allowed_registries_for_import 

70 

71 if self.external_registry_hostnames: 

72 _spec["externalRegistryHostnames"] = self.external_registry_hostnames 

73 

74 if self.registry_sources: 

75 _spec["registrySources"] = self.registry_sources 

76 

77 # End of generated code