next-api-change

Signed-off-by: Andreas Karis <[email protected]>

Author: andreaskaris

apis/v1alpha1/bpf_application_state_types.go

@@ -50,7 +50,7 @@ type BpfApplicationProgramState struct {
 	// +unionDiscriminator
 	// +required
 	// +kubebuilder:validation:Enum:="XDP";"TC";"TCX";"UProbe";"URetProbe"
-	Type EBPFProgType `json:"type"`
+	Type EBPFProgType `json:"type,omitempty"`
 
 	// xdp contains the attachment data for an XDP program when type is set to XDP.
 	// +unionMember
@@ -81,14 +81,29 @@ type BpfApplicationProgramState struct {
 }
 
 type BpfApplicationStateStatus struct {
-	// UpdateCount tracks the number of times the BpfApplicationState object has
+	// conditions contains the summary state of the BpfApplication for the given
+	// Kubernetes node. If one or more programs failed to load or attach to the
+	// designated attachment point, the condition will report the error. If more
+	// than one error has occurred, condition will contain the first error
+	// encountered.
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
+	// updateCount tracks the number of times the BpfApplicationState object has
 	// been updated. The bpfman agent initializes it to 1 when it creates the
 	// object, and then increments it before each subsequent update. It serves
 	// as a lightweight sequence number to verify that the API server is serving
 	// the most recent version of the object before beginning a new Reconcile
 	// operation.
+	// +kubebuilder:validation:Minimum=0
+	// +optional
 	UpdateCount int64 `json:"updateCount"`
 	// node is the name of the Kubernets node for this BpfApplicationState.
+	// +kubebuilder:validation:MaxLength=253
+	// +optional
 	Node string `json:"node"`
 	// appLoadStatus reflects the status of loading the eBPF application on the
 	// given node.
@@ -111,21 +126,15 @@ type BpfApplicationStateStatus struct {
 	//
 	// UnloadError is returned if one or more programs encountered an error when
 	// being unloaded.
+	// +optional
 	AppLoadStatus AppLoadStatus `json:"appLoadStatus"`
 	// programs is a list of eBPF programs contained in the parent BpfApplication
 	// instance. Each entry in the list contains the derived program attributes as
 	// well as the attach status for each program on the given Kubernetes node.
+	// +kubebuilder:validation:MaxItems=1023
+	// +listType=atomic
+	// +optional
 	Programs []BpfApplicationProgramState `json:"programs,omitempty"`
-	// conditions contains the summary state of the BpfApplication for the given
-	// Kubernetes node. If one or more programs failed to load or attach to the
-	// designated attachment point, the condition will report the error. If more
-	// than one error has occurred, condition will contain the first error
-	// encountered.
-	// +patchMergeKey=type
-	// +patchStrategy=merge
-	// +listType=map
-	// +listMapKey=type
-	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
 }
 
 // +genclient
@@ -141,13 +150,16 @@ type BpfApplicationStateStatus struct {
 // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[0].reason`
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 type BpfApplicationState struct {
-	metav1.TypeMeta   `json:",inline"`
+	metav1.TypeMeta `json:",inline"`
+	// metadata is the object's metadata.
+	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
 	// status reflects the status of a BpfApplication instance for the given node.
 	// appLoadStatus and conditions provide an overall status for the given node,
 	// while each item in the programs list provides a per eBPF program status for
 	// the given node.
+	// +optional
 	Status BpfApplicationStateStatus `json:"status,omitempty"`
 }
 

apis/v1alpha1/bpf_application_types.go

@@ -31,7 +31,7 @@ type BpfApplicationProgram struct {
 	// name is a required field and is the name of the function that is the entry
 	// point for the eBPF program. name must not be an empty string, must not
 	// exceed 64 characters in length, must start with alpha characters and must
-	// only contain alphanumeric characters.
+	// only contain alphanumeric characters and underscores.
 	// +required
 	// +kubebuilder:validation:Pattern="^[a-zA-Z][a-zA-Z0-9_]+."
 	// +kubebuilder:validation:MinLength=1
@@ -164,6 +164,8 @@ type BpfApplicationSpec struct {
 	// effecting. For this reason, modifying the list is currently not allowed.
 	// +required
 	// +kubebuilder:validation:MinItems:=1
+	// +kubebuilder:validation:MaxItems=1023
+	// +listType=atomic
 	Programs []BpfApplicationProgram `json:"programs,omitempty"`
 }
 
@@ -185,11 +187,17 @@ type BpfApplicationSpec struct {
 // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[0].reason`
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 type BpfApplication struct {
-	metav1.TypeMeta   `json:",inline"`
+	metav1.TypeMeta `json:",inline"`
+	// metadata is the object's metadata.
+	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
-	Spec   BpfApplicationSpec `json:"spec,omitempty"`
-	Status BpfAppStatus       `json:"status,omitempty"`
+	// spec defines the desired state of the BpfApplication.
+	// +required
+	Spec BpfApplicationSpec `json:"spec,omitempty"`
+	// status reflects the observed state of the BpfApplication.
+	// +optional
+	Status BpfAppStatus `json:"status,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/v1alpha1/cluster_bpf_application_state_types.go

@@ -132,14 +132,28 @@ type ClBpfApplicationProgramState struct {
 }
 
 type ClBpfApplicationStateStatus struct {
-	// UpdateCount tracks the number of times the BpfApplicationState object has
+	// conditions contains the summary state of the ClusterBpfApplication for the
+	// given Kubernetes node. If one or more programs failed to load or attach to
+	// the designated attachment point, the condition will report the error. If
+	// more than one error has occurred, condition will contain the first error
+	// encountered.
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	// +optional
+	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
+	// updateCount tracks the number of times the BpfApplicationState object has
 	// been updated. The bpfman agent initializes it to 1 when it creates the
 	// object, and then increments it before each subsequent update. It serves
 	// as a lightweight sequence number to verify that the API server is serving
 	// the most recent version of the object before beginning a new Reconcile
 	// operation.
+	// +optional
 	UpdateCount int64 `json:"updateCount"`
 	// node is the name of the Kubernetes node for this ClusterBpfApplicationState.
+	// +kubebuilder:validation:MaxLength=253
+	// +optional
 	Node string `json:"node"`
 	// appLoadStatus reflects the status of loading the eBPF application on the
 	// given node.
@@ -160,22 +174,16 @@ type ClBpfApplicationStateStatus struct {
 	//
 	// UnloadError is returned if one or more programs encountered an error when
 	// being unloaded.
+	// +optional
 	AppLoadStatus AppLoadStatus `json:"appLoadStatus"`
 	// programs is a list of eBPF programs contained in the parent
 	// ClusterBpfApplication instance. Each entry in the list contains the derived
 	// program attributes as well as the attach status for each program on the
 	// given Kubernetes node.
+	// +kubebuilder:validation:MaxItems=1023
+	// +listType=atomic
+	// +optional
 	Programs []ClBpfApplicationProgramState `json:"programs,omitempty"`
-	// conditions contains the summary state of the ClusterBpfApplication for the
-	// given Kubernetes node. If one or more programs failed to load or attach to
-	// the designated attachment point, the condition will report the error. If
-	// more than one error has occurred, condition will contain the first error
-	// encountered.
-	// +patchMergeKey=type
-	// +patchStrategy=merge
-	// +listType=map
-	// +listMapKey=type
-	Conditions []metav1.Condition `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type" protobuf:"bytes,1,rep,name=conditions"`
 }
 
 // +genclient
@@ -192,13 +200,16 @@ type ClBpfApplicationStateStatus struct {
 // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[0].reason`
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 type ClusterBpfApplicationState struct {
-	metav1.TypeMeta   `json:",inline"`
+	metav1.TypeMeta `json:",inline"`
+	// metadata is the object's metadata.
+	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
 	// status reflects the status of a ClusterBpfApplication instance for the given
 	// node. appLoadStatus and conditions provide an overall status for the given
 	// node, while each item in the programs list provides a per eBPF program
 	// status for the given node.
+	// +optional
 	Status ClBpfApplicationStateStatus `json:"status,omitempty"`
 }
 

apis/v1alpha1/cluster_bpf_application_types.go

@@ -77,7 +77,7 @@ type ClBpfApplicationProgram struct {
 	// name is a required field and is the name of the function that is the entry
 	// point for the eBPF program. name must not be an empty string, must not
 	// exceed 64 characters in length, must start with alpha characters and must
-	// only contain alphanumeric characters.
+	// only contain alphanumeric characters and underscores.
 	// +required
 	// +kubebuilder:validation:Pattern="^[a-zA-Z][a-zA-Z0-9_]+."
 	// +kubebuilder:validation:MinLength=1
@@ -293,7 +293,9 @@ type ClBpfApplicationSpec struct {
 	// effecting. For this reason, modifying the list is currently not allowed.
 	// +required
 	// +kubebuilder:validation:MinItems:=1
-	Programs []ClBpfApplicationProgram `json:"programs"`
+	// +kubebuilder:validation:MaxItems=1023
+	// +listType=atomic
+	Programs []ClBpfApplicationProgram `json:"programs,omitempty"`
 }
 
 // +genclient
@@ -316,11 +318,16 @@ type ClBpfApplicationSpec struct {
 // +kubebuilder:printcolumn:name="Status",type=string,JSONPath=`.status.conditions[0].reason`
 // +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp"
 type ClusterBpfApplication struct {
-	metav1.TypeMeta   `json:",inline"`
+	metav1.TypeMeta `json:",inline"`
+	// metadata is the standard object's metadata.
+	// +optional
 	metav1.ObjectMeta `json:"metadata,omitempty"`
 
-	Spec   ClBpfApplicationSpec `json:"spec,omitempty"`
-	Status BpfAppStatus         `json:"status,omitempty"`
+	// spec defines the desired state of the BpfApplication.
+	// +required
+	Spec ClBpfApplicationSpec `json:"spec,omitempty"`
+	// status reflects the observed state of the BpfApplication.
+	Status BpfAppStatus `json:"status,omitempty"`
 }
 
 // +kubebuilder:object:root=true

apis/v1alpha1/cluster_fentry_program_types.go

@@ -30,6 +30,7 @@ type ClFentryProgramInfo struct {
 	// the program, add an entry to links with mode set to Attach. To detach it,
 	// remove the entry from links.
 	// +optional
+	// +listType=atomic
 	// +kubebuilder:validation:MaxItems=1
 	Links []ClFentryAttachInfo `json:"links,omitempty"`
 }

apis/v1alpha1/cluster_fexit_program_types.go

@@ -31,14 +31,16 @@ type ClFexitProgramInfo struct {
 	// remove the entry from links.
 	// +optional
 	// +kubebuilder:validation:MaxItems=1
+	// +listType=atomic
 	Links []ClFexitAttachInfo `json:"links,omitempty"`
 }
 
 type ClFexitLoadInfo struct {
 	// function is a required field and specifies the name of the Linux kernel
 	// function to attach the FExit program. function must not be an empty string,
-	// must not exceed 64 characters in length, must start with alpha characters
-	// and must only contain alphanumeric characters.
+	// must be between 1 and 64 characters in length, must start with alpha
+	// characters and must only contain alphanumeric characters and underscores.
+	// The pattern ^[a-zA-Z][a-zA-Z0-9_]+. is enforced.
 	// +required
 	// +kubebuilder:validation:Pattern="^[a-zA-Z][a-zA-Z0-9_]+."
 	// +kubebuilder:validation:MinLength=1

apis/v1alpha1/cluster_kprobe_program_types.go

@@ -31,14 +31,17 @@ type ClKprobeProgramInfo struct {
 	// default, the eBPF program is triggered at the entry of the attachment point,
 	// but the attachment point can be adjusted using an optional offset.
 	// +optional
+	// +kubebuilder:validation:MaxItems=1
+	// +listType=atomic
 	Links []ClKprobeAttachInfo `json:"links,omitempty"`
 }
 
 type ClKprobeAttachInfo struct {
 	// function is a required field and specifies the name of the Linux kernel
 	// function to attach the KProbe program. function must not be an empty string,
-	// must not exceed 64 characters in length, must start with alpha characters
-	// and must only contain alphanumeric characters.
+	// must be between 1 and 64 characters in length, must start with alpha
+	// characters and must only contain alphanumeric characters and underscores.
+	// The pattern ^[a-zA-Z][a-zA-Z0-9_]+. is enforced.
 	// +required
 	// +kubebuilder:validation:Pattern="^[a-zA-Z][a-zA-Z0-9_]+."
 	// +kubebuilder:validation:MinLength=1

apis/v1alpha1/shared_types.go

@@ -27,7 +27,8 @@ type InterfaceDiscovery struct {
 	// CAUTION: This has the potential to attach a given eBPF program to a large
 	// number of interfaces. Use with caution.
 	// +optional
-	// +kubebuilder:default:=false
+	// +kubebuilder:default:=Disabled
+	// +kubebuilder:validation:Enum=Enabled;Disabled
 	InterfaceAutoDiscovery *bool `json:"interfaceAutoDiscovery,omitempty"`
 
 	// excludeInterfaces is an optional field that contains a list of interface
@@ -53,6 +54,7 @@ type InterfaceDiscovery struct {
 }
 
 // InterfaceSelector describes the set of interfaces to attach a program to.
+// Exactly one of interfacesDiscoveryConfig, interfaces, or primaryNodeInterface must be specified.
 // +kubebuilder:validation:MaxProperties=1
 // +kubebuilder:validation:MinProperties=1
 type InterfaceSelector struct {
@@ -229,6 +231,7 @@ const (
 )
 
 // ByteCodeSelector defines the various ways to reference BPF bytecode objects.
+// Exactly one of image or path must be specified.
 // +kubebuilder:validation:MaxProperties=1
 // +kubebuilder:validation:MinProperties=1
 type ByteCodeSelector struct {
@@ -238,7 +241,8 @@ type ByteCodeSelector struct {
 	Image *ByteCodeImage `json:"image,omitempty"`
 
 	// path is an optional field and used to specify a bytecode object file via
-	// filepath on a Kubernetes node.
+	// filepath on a Kubernetes node. The path must be a valid absolute path with no null bytes,
+	// matching the pattern ^(/[^/\0]+)+/?$.
 	// +optional
 	// +kubebuilder:validation:Pattern=`^(/[^/\0]+)+/?$`
 	Path *string `json:"path,omitempty"`

apis/v1alpha1/zz_generated.deepcopy.go

@@ -1012,7 +1012,7 @@ metadata:
     capabilities: Basic Install
     categories: OpenShift Optional
     containerImage: quay.io/bpfman/bpfman-operator:latest
-    createdAt: "2025-10-09T13:50:06Z"
+    createdAt: "2025-10-15T17:08:16Z"
     description: The bpfman Operator is designed to manage eBPF programs for applications.
     features.operators.openshift.io/cnf: "false"
     features.operators.openshift.io/cni: "false"