Skip to content

Commit 8ae850c

Browse files
aniketpaluaniketpalu
committed
Shorten CRD field descriptions to fit maxDescLen=120 and revert kustomization.yaml to upstream default
Signed-off-by: Aniket Paluskar <apaluska@redhat.com>
1 parent c0d4a23 commit 8ae850c

File tree

6 files changed

+103
-138
lines changed

6 files changed

+103
-138
lines changed

infra/feast-operator/api/v1/featurestore_types.go

Lines changed: 9 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -708,45 +708,32 @@ type KubernetesAuthz struct {
708708
// OidcAuthz defines the authorization settings for deployments using an Open ID Connect identity provider.
709709
// https://auth0.com/docs/authenticate/protocols/openid-connect-protocol
710710
type OidcAuthz struct {
711-
// The OIDC issuer URL (e.g. "https://keycloak.example.com/realms/myrealm").
712-
// The operator derives the OIDC discovery endpoint by appending /.well-known/openid-configuration.
713-
// When set, no Secret is required for basic OIDC authentication.
711+
// OIDC issuer URL. The operator appends /.well-known/openid-configuration to derive the discovery endpoint.
714712
// +optional
715713
// +kubebuilder:validation:Pattern=`^https://\S+$`
716714
IssuerUrl string `json:"issuerUrl,omitempty"`
717-
// Reference to a Secret containing OIDC properties (auth_discovery_url, client_id, client_secret, etc.).
718-
// When both issuerUrl and a Secret with auth_discovery_url are provided, issuerUrl takes precedence.
715+
// Secret with OIDC properties (auth_discovery_url, client_id, client_secret). issuerUrl takes precedence.
719716
// +optional
720717
SecretRef *corev1.LocalObjectReference `json:"secretRef,omitempty"`
721-
// The key within the Secret that contains the OIDC configuration as a YAML-encoded value.
722-
// When set, only this key is read and its YAML value is expected to contain the OIDC properties
723-
// (e.g. client_id, auth_discovery_url). This allows sharing a single Secret across services.
724-
// When unset, each top-level key in the Secret is treated as a separate OIDC property.
718+
// Key in the Secret containing all OIDC properties as a YAML value. If unset, each key is a property.
725719
// +optional
726720
SecretKeyName string `json:"secretKeyName,omitempty"`
727-
// The name of the environment variable that Feast SDK client pods (e.g. workbenches, application pods)
728-
// will read a pre-existing OIDC token from.
729-
// When set, the client feature_store.yaml will include token_env_var with this value.
730-
// When unset, the client config is bare `type: oidc` which falls back to FEAST_OIDC_TOKEN or the pod's SA token.
721+
// Env var name for client pods to read an OIDC token from. Sets token_env_var in client config.
731722
// +optional
732723
TokenEnvVar *string `json:"tokenEnvVar,omitempty"`
733-
// Whether to verify SSL certificates when communicating with the OIDC provider.
734-
// Defaults to true. Set to false for self-signed certificates (common in internal OpenShift clusters).
724+
// Verify SSL certificates for the OIDC provider. Defaults to true.
735725
// +optional
736726
VerifySSL *bool `json:"verifySSL,omitempty"`
737-
// Reference to a ConfigMap containing the CA certificate for the OIDC provider.
738-
// Used when the OIDC provider uses self-signed or custom CA certificates and verifySSL is true.
739-
// On RHOAI/ODH clusters, the operator auto-detects the platform CA bundle; this field is not required.
727+
// ConfigMap with the CA certificate for self-signed OIDC providers. Auto-detected on RHOAI/ODH.
740728
// +optional
741729
CACertConfigMap *OidcCACertConfigMap `json:"caCertConfigMap,omitempty"`
742730
}
743731

744-
// OidcCACertConfigMap references a ConfigMap containing a CA certificate for OIDC provider TLS verification.
732+
// OidcCACertConfigMap references a ConfigMap containing a CA certificate for OIDC provider TLS.
745733
type OidcCACertConfigMap struct {
746-
// Name of the ConfigMap containing the CA certificate.
734+
// ConfigMap name.
747735
Name string `json:"name"`
748-
// Key within the ConfigMap that holds the CA certificate in PEM format.
749-
// Defaults to "ca-bundle.crt" if omitted.
736+
// Key in the ConfigMap holding the PEM certificate. Defaults to "ca-bundle.crt".
750737
// +optional
751738
Key string `json:"key,omitempty"`
752739
}

infra/feast-operator/bundle/manifests/feast-operator.clusterserviceversion.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ metadata:
5050
}
5151
]
5252
capabilities: Basic Install
53-
createdAt: "2026-04-06T19:35:43Z"
53+
createdAt: "2026-04-06T22:05:44Z"
5454
operators.operatorframework.io/builder: operator-sdk-v1.38.0
5555
operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
5656
name: feast-operator.v0.61.0

infra/feast-operator/bundle/manifests/feast.dev_featurestores.yaml

Lines changed: 28 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -63,31 +63,31 @@ spec:
6363
https://auth0.
6464
properties:
6565
caCertConfigMap:
66-
description: Reference to a ConfigMap containing the CA certificate
67-
for the OIDC provider.
66+
description: ConfigMap with the CA certificate for self-signed
67+
OIDC providers. Auto-detected on RHOAI/ODH.
6868
properties:
6969
key:
70-
description: |-
71-
Key within the ConfigMap that holds the CA certificate in PEM format.
72-
Defaults to "ca-bundle.crt" if omitted.
70+
description: Key in the ConfigMap holding the PEM certificate.
71+
Defaults to "ca-bundle.crt".
7372
type: string
7473
name:
75-
description: Name of the ConfigMap containing the CA certificate.
74+
description: ConfigMap name.
7675
type: string
7776
required:
7877
- name
7978
type: object
8079
issuerUrl:
81-
description: The OIDC issuer URL (e.g. "https://keycloak.example.com/realms/myrealm").
80+
description: OIDC issuer URL. The operator appends /.well-known/openid-configuration
81+
to derive the discovery endpoint.
8282
pattern: ^https://\S+$
8383
type: string
8484
secretKeyName:
85-
description: The key within the Secret that contains the OIDC
86-
configuration as a YAML-encoded value.
85+
description: Key in the Secret containing all OIDC properties
86+
as a YAML value. If unset, each key is a property.
8787
type: string
8888
secretRef:
89-
description: Reference to a Secret containing OIDC properties
90-
(auth_discovery_url, client_id, client_secret, etc.).
89+
description: Secret with OIDC properties (auth_discovery_url,
90+
client_id, client_secret). issuerUrl takes precedence.
9191
properties:
9292
name:
9393
default: ""
@@ -99,12 +99,11 @@ spec:
9999
type: object
100100
x-kubernetes-map-type: atomic
101101
tokenEnvVar:
102-
description: The name of the environment variable that Feast
103-
SDK client pods (e.g.
102+
description: Env var name for client pods to read an OIDC
103+
token from. Sets token_env_var in client config.
104104
type: string
105105
verifySSL:
106-
description: |-
107-
Whether to verify SSL certificates when communicating with the OIDC provider.
106+
description: Verify SSL certificates for the OIDC provider.
108107
Defaults to true.
109108
type: boolean
110109
type: object
@@ -5787,32 +5786,31 @@ spec:
57875786
https://auth0.
57885787
properties:
57895788
caCertConfigMap:
5790-
description: Reference to a ConfigMap containing the CA
5791-
certificate for the OIDC provider.
5789+
description: ConfigMap with the CA certificate for self-signed
5790+
OIDC providers. Auto-detected on RHOAI/ODH.
57925791
properties:
57935792
key:
5794-
description: |-
5795-
Key within the ConfigMap that holds the CA certificate in PEM format.
5796-
Defaults to "ca-bundle.crt" if omitted.
5793+
description: Key in the ConfigMap holding the PEM
5794+
certificate. Defaults to "ca-bundle.crt".
57975795
type: string
57985796
name:
5799-
description: Name of the ConfigMap containing the
5800-
CA certificate.
5797+
description: ConfigMap name.
58015798
type: string
58025799
required:
58035800
- name
58045801
type: object
58055802
issuerUrl:
5806-
description: The OIDC issuer URL (e.g. "https://keycloak.example.com/realms/myrealm").
5803+
description: OIDC issuer URL. The operator appends /.well-known/openid-configuration
5804+
to derive the discovery endpoint.
58075805
pattern: ^https://\S+$
58085806
type: string
58095807
secretKeyName:
5810-
description: The key within the Secret that contains the
5811-
OIDC configuration as a YAML-encoded value.
5808+
description: Key in the Secret containing all OIDC properties
5809+
as a YAML value. If unset, each key is a property.
58125810
type: string
58135811
secretRef:
5814-
description: Reference to a Secret containing OIDC properties
5815-
(auth_discovery_url, client_id, client_secret, etc.).
5812+
description: Secret with OIDC properties (auth_discovery_url,
5813+
client_id, client_secret). issuerUrl takes precedence.
58165814
properties:
58175815
name:
58185816
default: ""
@@ -5824,12 +5822,11 @@ spec:
58245822
type: object
58255823
x-kubernetes-map-type: atomic
58265824
tokenEnvVar:
5827-
description: The name of the environment variable that
5828-
Feast SDK client pods (e.g.
5825+
description: Env var name for client pods to read an OIDC
5826+
token from. Sets token_env_var in client config.
58295827
type: string
58305828
verifySSL:
5831-
description: |-
5832-
Whether to verify SSL certificates when communicating with the OIDC provider.
5829+
description: Verify SSL certificates for the OIDC provider.
58335830
Defaults to true.
58345831
type: boolean
58355832
type: object

infra/feast-operator/config/crd/bases/feast.dev_featurestores.yaml

Lines changed: 28 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -63,31 +63,31 @@ spec:
6363
https://auth0.
6464
properties:
6565
caCertConfigMap:
66-
description: Reference to a ConfigMap containing the CA certificate
67-
for the OIDC provider.
66+
description: ConfigMap with the CA certificate for self-signed
67+
OIDC providers. Auto-detected on RHOAI/ODH.
6868
properties:
6969
key:
70-
description: |-
71-
Key within the ConfigMap that holds the CA certificate in PEM format.
72-
Defaults to "ca-bundle.crt" if omitted.
70+
description: Key in the ConfigMap holding the PEM certificate.
71+
Defaults to "ca-bundle.crt".
7372
type: string
7473
name:
75-
description: Name of the ConfigMap containing the CA certificate.
74+
description: ConfigMap name.
7675
type: string
7776
required:
7877
- name
7978
type: object
8079
issuerUrl:
81-
description: The OIDC issuer URL (e.g. "https://keycloak.example.com/realms/myrealm").
80+
description: OIDC issuer URL. The operator appends /.well-known/openid-configuration
81+
to derive the discovery endpoint.
8282
pattern: ^https://\S+$
8383
type: string
8484
secretKeyName:
85-
description: The key within the Secret that contains the OIDC
86-
configuration as a YAML-encoded value.
85+
description: Key in the Secret containing all OIDC properties
86+
as a YAML value. If unset, each key is a property.
8787
type: string
8888
secretRef:
89-
description: Reference to a Secret containing OIDC properties
90-
(auth_discovery_url, client_id, client_secret, etc.).
89+
description: Secret with OIDC properties (auth_discovery_url,
90+
client_id, client_secret). issuerUrl takes precedence.
9191
properties:
9292
name:
9393
default: ""
@@ -99,12 +99,11 @@ spec:
9999
type: object
100100
x-kubernetes-map-type: atomic
101101
tokenEnvVar:
102-
description: The name of the environment variable that Feast
103-
SDK client pods (e.g.
102+
description: Env var name for client pods to read an OIDC
103+
token from. Sets token_env_var in client config.
104104
type: string
105105
verifySSL:
106-
description: |-
107-
Whether to verify SSL certificates when communicating with the OIDC provider.
106+
description: Verify SSL certificates for the OIDC provider.
108107
Defaults to true.
109108
type: boolean
110109
type: object
@@ -5787,32 +5786,31 @@ spec:
57875786
https://auth0.
57885787
properties:
57895788
caCertConfigMap:
5790-
description: Reference to a ConfigMap containing the CA
5791-
certificate for the OIDC provider.
5789+
description: ConfigMap with the CA certificate for self-signed
5790+
OIDC providers. Auto-detected on RHOAI/ODH.
57925791
properties:
57935792
key:
5794-
description: |-
5795-
Key within the ConfigMap that holds the CA certificate in PEM format.
5796-
Defaults to "ca-bundle.crt" if omitted.
5793+
description: Key in the ConfigMap holding the PEM
5794+
certificate. Defaults to "ca-bundle.crt".
57975795
type: string
57985796
name:
5799-
description: Name of the ConfigMap containing the
5800-
CA certificate.
5797+
description: ConfigMap name.
58015798
type: string
58025799
required:
58035800
- name
58045801
type: object
58055802
issuerUrl:
5806-
description: The OIDC issuer URL (e.g. "https://keycloak.example.com/realms/myrealm").
5803+
description: OIDC issuer URL. The operator appends /.well-known/openid-configuration
5804+
to derive the discovery endpoint.
58075805
pattern: ^https://\S+$
58085806
type: string
58095807
secretKeyName:
5810-
description: The key within the Secret that contains the
5811-
OIDC configuration as a YAML-encoded value.
5808+
description: Key in the Secret containing all OIDC properties
5809+
as a YAML value. If unset, each key is a property.
58125810
type: string
58135811
secretRef:
5814-
description: Reference to a Secret containing OIDC properties
5815-
(auth_discovery_url, client_id, client_secret, etc.).
5812+
description: Secret with OIDC properties (auth_discovery_url,
5813+
client_id, client_secret). issuerUrl takes precedence.
58165814
properties:
58175815
name:
58185816
default: ""
@@ -5824,12 +5822,11 @@ spec:
58245822
type: object
58255823
x-kubernetes-map-type: atomic
58265824
tokenEnvVar:
5827-
description: The name of the environment variable that
5828-
Feast SDK client pods (e.g.
5825+
description: Env var name for client pods to read an OIDC
5826+
token from. Sets token_env_var in client config.
58295827
type: string
58305828
verifySSL:
5831-
description: |-
5832-
Whether to verify SSL certificates when communicating with the OIDC provider.
5829+
description: Verify SSL certificates for the OIDC provider.
58335830
Defaults to true.
58345831
type: boolean
58355832
type: object

0 commit comments

Comments
 (0)