vynil/addons
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial release

Browse Source
This commit is contained in:
Sébastien Huss
2024-03-19 13:13:53 +01:00
commit 451fdb09fc
391 changed files with 184309 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4938
crd/argo-cd/apiextensions.k8s.io_v1_CustomResourceDefinition_applications.argoproj.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

15244
crd/argo-cd/apiextensions.k8s.io_v1_CustomResourceDefinition_applicationsets.argoproj.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

324
crd/argo-cd/apiextensions.k8s.io_v1_CustomResourceDefinition_appprojects.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,324 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
labels:
app.kubernetes.io/name: appprojects.argoproj.io
app.kubernetes.io/part-of: argocd
name: appprojects.argoproj.io
spec:
group: argoproj.io
names:
kind: AppProject
listKind: AppProjectList
plural: appprojects
shortNames:
- appproj
- appprojs
singular: appproject
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
description: 'AppProject provides a logical grouping of applications, providing
controls for: * where the apps may deploy to (cluster whitelist) * what
may be deployed (repository whitelist, resource whitelist/blacklist) * who
can access these applications (roles, OIDC group claims bindings) * and
what they can do (RBAC policies) * automation access to these roles (JWT
tokens)'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AppProjectSpec is the specification of an AppProject
properties:
clusterResourceBlacklist:
description: ClusterResourceBlacklist contains list of blacklisted
cluster level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties:
group:
type: string
kind:
type: string
required:
- group
- kind
type: object
type: array
clusterResourceWhitelist:
description: ClusterResourceWhitelist contains list of whitelisted
cluster level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties:
group:
type: string
kind:
type: string
required:
- group
- kind
type: object
type: array
description:
description: Description contains optional project description
type: string
destinations:
description: Destinations contains list of destinations available
for deployment
items:
description: ApplicationDestination holds information about the
application's destination
properties:
name:
description: Name is an alternate way of specifying the target
cluster by its symbolic name. This must be set if Server is
not set.
type: string
namespace:
description: Namespace specifies the target namespace for the
application's resources. The namespace will only be set for
namespace-scoped resources that have not set a value for .metadata.namespace
type: string
server:
description: Server specifies the URL of the target cluster's
Kubernetes control plane API. This must be set if Name is
not set.
type: string
type: object
type: array
namespaceResourceBlacklist:
description: NamespaceResourceBlacklist contains list of blacklisted
namespace level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties:
group:
type: string
kind:
type: string
required:
- group
- kind
type: object
type: array
namespaceResourceWhitelist:
description: NamespaceResourceWhitelist contains list of whitelisted
namespace level resources
items:
description: GroupKind specifies a Group and a Kind, but does not
force a version. This is useful for identifying concepts during
lookup stages without having partially valid types
properties:
group:
type: string
kind:
type: string
required:
- group
- kind
type: object
type: array
orphanedResources:
description: OrphanedResources specifies if controller should monitor
orphaned resources of apps in this project
properties:
ignore:
description: Ignore contains a list of resources that are to be
excluded from orphaned resources monitoring
items:
description: OrphanedResourceKey is a reference to a resource
to be ignored from
properties:
group:
type: string
kind:
type: string
name:
type: string
type: object
type: array
warn:
description: Warn indicates if warning condition should be created
for apps which have orphaned resources
type: boolean
type: object
permitOnlyProjectScopedClusters:
description: PermitOnlyProjectScopedClusters determines whether destinations
can only reference clusters which are project-scoped
type: boolean
roles:
description: Roles are user defined RBAC roles associated with this
project
items:
description: ProjectRole represents a role that has access to a
project
properties:
description:
description: Description is a description of the role
type: string
groups:
description: Groups are a list of OIDC group claims bound to
this role
items:
type: string
type: array
jwtTokens:
description: JWTTokens are a list of generated JWT tokens bound
to this role
items:
description: JWTToken holds the issuedAt and expiresAt values
of a token
properties:
exp:
format: int64
type: integer
iat:
format: int64
type: integer
id:
type: string
required:
- iat
type: object
type: array
name:
description: Name is a name for this role
type: string
policies:
description: Policies Stores a list of casbin formatted strings
that define access policies for the role in the project
items:
type: string
type: array
required:
- name
type: object
type: array
signatureKeys:
description: SignatureKeys contains a list of PGP key IDs that commits
in Git must be signed with in order to be allowed for sync
items:
description: SignatureKey is the specification of a key required
to verify commit signatures with
properties:
keyID:
description: The ID of the key in hexadecimal notation
type: string
required:
- keyID
type: object
type: array
sourceNamespaces:
description: SourceNamespaces defines the namespaces application resources
are allowed to be created in
items:
type: string
type: array
sourceRepos:
description: SourceRepos contains list of repository URLs which can
be used for deployment
items:
type: string
type: array
syncWindows:
description: SyncWindows controls when syncs can be run for apps in
this project
items:
description: SyncWindow contains the kind, time, duration and attributes
that are used to assign the syncWindows to apps
properties:
applications:
description: Applications contains a list of applications that
the window will apply to
items:
type: string
type: array
clusters:
description: Clusters contains a list of clusters that the window
will apply to
items:
type: string
type: array
duration:
description: Duration is the amount of time the sync window
will be open
type: string
kind:
description: Kind defines if the window allows or blocks syncs
type: string
manualSync:
description: ManualSync enables manual syncs when they would
otherwise be blocked
type: boolean
namespaces:
description: Namespaces contains a list of namespaces that the
window will apply to
items:
type: string
type: array
schedule:
description: Schedule is the time the window will begin, specified
in cron format
type: string
timeZone:
description: TimeZone of the sync that will be applied to the
schedule
type: string
type: object
type: array
type: object
status:
description: AppProjectStatus contains status information for AppProject
CRs
properties:
jwtTokensByRole:
additionalProperties:
description: JWTTokens represents a list of JWT tokens
properties:
items:
items:
description: JWTToken holds the issuedAt and expiresAt values
of a token
properties:
exp:
format: int64
type: integer
iat:
format: int64
type: integer
id:
type: string
required:
- iat
type: object
type: array
type: object
description: JWTTokensByRole contains a list of JWT tokens issued
for a given role
type: object
type: object
required:
- metadata
- spec
type: object
served: true
storage: true

17
crd/argo-cd/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

29
crd/argo-cd/index.rhai Normal file
View File

@@ -0,0 +1,29 @@
const VERSION="2.10.4";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_applications.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_applicationsets.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_appprojects.argoproj.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}
fn pre_pack() {
shell(`kubectl kustomize https://github.com/argoproj/argo-cd//manifests/crds/?ref=v${global::VERSION} > ${global::SRC}/argocd.yaml`);
}

16
crd/argo-cd/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: argo-cd
description: CRD for ArgoCD
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

39
crd/argo-events/apiextensions.k8s.io_v1_CustomResourceDefinition_eventbus.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: eventbus.argoproj.io
spec:
group: argoproj.io
names:
kind: EventBus
listKind: EventBusList
plural: eventbus
shortNames:
- eb
singular: eventbus
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

39
crd/argo-events/apiextensions.k8s.io_v1_CustomResourceDefinition_eventsources.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: eventsources.argoproj.io
spec:
group: argoproj.io
names:
kind: EventSource
listKind: EventSourceList
plural: eventsources
shortNames:
- es
singular: eventsource
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

39
crd/argo-events/apiextensions.k8s.io_v1_CustomResourceDefinition_sensors.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: sensors.argoproj.io
spec:
group: argoproj.io
names:
kind: Sensor
listKind: SensorList
plural: sensors
shortNames:
- sn
singular: sensor
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

17
crd/argo-events/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

29
crd/argo-events/index.rhai Normal file
View File

@@ -0,0 +1,29 @@
const VERSION="1.9.1";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_eventbus.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_eventsources.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_sensors.argoproj.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}
fn pre_pack() {
shell(`kubectl kustomize https://github.com/argoproj/argo-events//manifests/base/crds/?ref=v${global::VERSION} > ${global::SRC}/argoevents.yaml`);
}

16
crd/argo-events/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: argo-events
description: CRD for Argo Events
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

36
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_clusterworkflowtemplates.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,36 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: clusterworkflowtemplates.argoproj.io
spec:
group: argoproj.io
names:
kind: ClusterWorkflowTemplate
listKind: ClusterWorkflowTemplateList
plural: clusterworkflowtemplates
shortNames:
- clusterwftmpl
- cwft
singular: clusterworkflowtemplate
scope: Cluster
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

40
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_cronworkflows.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,40 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: cronworkflows.argoproj.io
spec:
group: argoproj.io
names:
kind: CronWorkflow
listKind: CronWorkflowList
plural: cronworkflows
shortNames:
- cwf
- cronwf
singular: cronworkflow
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

41
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workflowartifactgctasks.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflowartifactgctasks.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowArtifactGCTask
listKind: WorkflowArtifactGCTaskList
plural: workflowartifactgctasks
shortNames:
- wfat
singular: workflowartifactgctask
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

35
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workfloweventbindings.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workfloweventbindings.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowEventBinding
listKind: WorkflowEventBindingList
plural: workfloweventbindings
shortNames:
- wfeb
singular: workfloweventbinding
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

55
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workflows.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,55 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflows.argoproj.io
spec:
group: argoproj.io
names:
kind: Workflow
listKind: WorkflowList
plural: workflows
shortNames:
- wf
singular: workflow
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Status of the workflow
jsonPath: .status.phase
name: Status
type: string
- description: When the workflow was started
format: date-time
jsonPath: .status.startedAt
name: Age
type: date
- description: Human readable message indicating details about why the workflow
is in this condition.
jsonPath: .status.message
name: Message
type: string
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources: {}

597
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtaskresults.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,597 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflowtaskresults.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowTaskResult
listKind: WorkflowTaskResultList
plural: workflowtaskresults
singular: workflowtaskresult
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
message:
type: string
metadata:
type: object
outputs:
properties:
artifacts:
items:
properties:
archive:
properties:
none:
type: object
tar:
properties:
compressionLevel:
format: int32
type: integer
type: object
zip:
type: object
type: object
archiveLogs:
type: boolean
artifactGC:
properties:
podMetadata:
properties:
annotations:
additionalProperties:
type: string
type: object
labels:
additionalProperties:
type: string
type: object
type: object
serviceAccountName:
type: string
strategy:
enum:
- ""
- OnWorkflowCompletion
- OnWorkflowDeletion
- Never
type: string
type: object
artifactory:
properties:
passwordSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
url:
type: string
usernameSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
required:
- url
type: object
azure:
properties:
accountKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
blob:
type: string
container:
type: string
endpoint:
type: string
useSDKCreds:
type: boolean
required:
- blob
- container
- endpoint
type: object
deleted:
type: boolean
from:
type: string
fromExpression:
type: string
gcs:
properties:
bucket:
type: string
key:
type: string
serviceAccountKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
required:
- key
type: object
git:
properties:
branch:
type: string
depth:
format: int64
type: integer
disableSubmodules:
type: boolean
fetch:
items:
type: string
type: array
insecureIgnoreHostKey:
type: boolean
passwordSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
repo:
type: string
revision:
type: string
singleBranch:
type: boolean
sshPrivateKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
usernameSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
required:
- repo
type: object
globalName:
type: string
hdfs:
properties:
addresses:
items:
type: string
type: array
force:
type: boolean
hdfsUser:
type: string
krbCCacheSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
krbConfigConfigMap:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
krbKeytabSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
krbRealm:
type: string
krbServicePrincipalName:
type: string
krbUsername:
type: string
path:
type: string
required:
- path
type: object
http:
properties:
auth:
properties:
basicAuth:
properties:
passwordSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
usernameSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
clientCert:
properties:
clientCertSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
clientKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
oauth2:
properties:
clientIDSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
clientSecretSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
endpointParams:
items:
properties:
key:
type: string
value:
type: string
required:
- key
type: object
type: array
scopes:
items:
type: string
type: array
tokenURLSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
type: object
headers:
items:
properties:
name:
type: string
value:
type: string
required:
- name
- value
type: object
type: array
url:
type: string
required:
- url
type: object
mode:
format: int32
type: integer
name:
type: string
optional:
type: boolean
oss:
properties:
accessKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
bucket:
type: string
createBucketIfNotPresent:
type: boolean
endpoint:
type: string
key:
type: string
lifecycleRule:
properties:
markDeletionAfterDays:
format: int32
type: integer
markInfrequentAccessAfterDays:
format: int32
type: integer
type: object
secretKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
securityToken:
type: string
useSDKCreds:
type: boolean
required:
- key
type: object
path:
type: string
raw:
properties:
data:
type: string
required:
- data
type: object
recurseMode:
type: boolean
s3:
properties:
accessKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
bucket:
type: string
caSecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
createBucketIfNotPresent:
properties:
objectLocking:
type: boolean
type: object
encryptionOptions:
properties:
enableEncryption:
type: boolean
kmsEncryptionContext:
type: string
kmsKeyId:
type: string
serverSideCustomerKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
type: object
endpoint:
type: string
insecure:
type: boolean
key:
type: string
region:
type: string
roleARN:
type: string
secretKeySecret:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
useSDKCreds:
type: boolean
type: object
subPath:
type: string
required:
- name
type: object
type: array
exitCode:
type: string
parameters:
items:
properties:
default:
type: string
description:
type: string
enum:
items:
type: string
type: array
globalName:
type: string
name:
type: string
value:
type: string
valueFrom:
properties:
configMapKeyRef:
properties:
key:
type: string
name:
type: string
optional:
type: boolean
required:
- key
type: object
default:
type: string
event:
type: string
expression:
type: string
jqFilter:
type: string
jsonPath:
type: string
parameter:
type: string
path:
type: string
supplied:
type: object
type: object
required:
- name
type: object
type: array
result:
type: string
type: object
phase:
type: string
progress:
type: string
required:
- metadata
type: object
served: true
storage: true

41
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtasksets.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflowtasksets.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowTaskSet
listKind: WorkflowTaskSetList
plural: workflowtasksets
shortNames:
- wfts
singular: workflowtaskset
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
status:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

35
crd/argo-workflows/apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtemplates.argoproj.io.yaml Normal file
View File

@@ -0,0 +1,35 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
name: workflowtemplates.argoproj.io
spec:
group: argoproj.io
names:
kind: WorkflowTemplate
listKind: WorkflowTemplateList
plural: workflowtemplates
shortNames:
- wftmpl
singular: workflowtemplate
scope: Namespaced
versions:
- name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
type: object
x-kubernetes-map-type: atomic
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true

17
crd/argo-workflows/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

35
crd/argo-workflows/index.rhai Normal file
View File

@@ -0,0 +1,35 @@
const VERSION="3.5.5";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_clusterworkflowtemplates.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_cronworkflows.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workflowartifactgctasks.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workfloweventbindings.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workflows.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtaskresults.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtasksets.argoproj.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_workflowtemplates.argoproj.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}
fn pre_pack() {
//shell(`kubectl kustomize https://github.com/argoproj/argo-workflows//manifests/base/crds/full/?ref=v${global::VERSION} > ${global::SRC}/argoworkflows.yaml`);
shell(`kubectl kustomize https://github.com/argoproj/argo-workflows//manifests/base/crds/?ref=v${global::VERSION} > ${global::SRC}/argoworkflows.yaml`);
}

16
crd/argo-workflows/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: argo-workflows
description: CRD for Argo Workflows
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

85
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_canaryconfigs.fission.io.yaml Normal file
View File

@@ -0,0 +1,85 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
group: fission.io
name: canaryconfigs.fission.io
spec:
group: fission.io
names:
kind: CanaryConfig
listKind: CanaryConfigList
plural: canaryconfigs
singular: canaryconfig
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: CanaryConfig is for canary deployment of two functions.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: CanaryConfigSpec defines the canary configuration spec
properties:
duration:
description: 'Weight increment interval, string representation of
time.Duration, ex : 1m, 2h, 2d (default: "2m")'
type: string
failureType:
description: FailureType refers to the type of failure
type: string
failurethreshold:
description: Threshold in percentage beyond which the new version
of the function is considered unstable
type: integer
newfunction:
description: New version of the function
type: string
oldfunction:
description: Old stable version of the function
type: string
trigger:
description: HTTP trigger that this config references
type: string
weightincrement:
description: Weight increment step for function
type: integer
required:
- newfunction
- oldfunction
- trigger
type: object
status:
description: CanaryConfigStatus represents canary config status
properties:
status:
type: string
required:
- status
type: object
required:
- metadata
- spec
- status
type: object
served: true
storage: true

17824
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_environments.fission.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

8273
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_functions.fission.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

150
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_httptriggers.fission.io.yaml Normal file
View File

@@ -0,0 +1,150 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
group: fission.io
name: httptriggers.fission.io
spec:
group: fission.io
names:
kind: HTTPTrigger
listKind: HTTPTriggerList
plural: httptriggers
singular: httptrigger
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: HTTPTrigger is the trigger invokes user functions when receiving
HTTP requests.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: HTTPTriggerSpec is for router to expose user functions at
the given URL path.
properties:
createingress:
description: If CreateIngress is true, router will create an ingress
definition.
type: boolean
functionref:
description: FunctionReference is a reference to the target function.
properties:
functionweights:
additionalProperties:
type: integer
description: |-
Function Reference by weight. this map contains function name as key and its weight
as the value. This is for canary upgrade purpose.
nullable: true
type: object
name:
description: Name of the function.
type: string
type:
description: |-
Type indicates whether this function reference is by name or selector. For now,
the only supported reference type is by "name". Future reference types:
* Function by label or annotation
* Branch or tag of a versioned function
* A "rolling upgrade" from one version of a function to another
Available value:
- name
- function-weights
type: string
required:
- name
- type
type: object
host:
description: |-
TODO: remove this field since we have IngressConfig already
Deprecated: the original idea of this field is not for setting Ingress.
Since we have IngressConfig now, remove Host after couple releases.
type: string
ingressconfig:
description: |-
TODO: make IngressConfig an independent Fission resource
IngressConfig for router to set up Ingress.
properties:
annotations:
additionalProperties:
type: string
description: Annotations will be added to metadata when creating
Ingress.
nullable: true
type: object
host:
description: |-
Host is for ingress controller to apply rules. If
host is empty or "*", the rule applies to all
inbound HTTP traffic.
type: string
path:
description: |-
Path is for path matching. The format of path
depends on what ingress controller you used.
type: string
tls:
description: |-
TLS is for user to specify a Secret that contains
TLS key and certificate. The domain name in the
key and crt must match the value of Host field.
type: string
type: object
keepPrefix:
description: |-
When function is exposed with Prefix based path,
keepPrefix decides whether to keep or trim prefix in URL while invoking function.
type: boolean
method:
description: |-
Use Methods instead of Method. This field is going to be deprecated in a future release
HTTP method to access a function.
type: string
methods:
description: HTTP methods to access a function
items:
type: string
type: array
prefix:
description: |-
Prefix with which functions are exposed.
NOTE: Prefix takes precedence over URL/RelativeURL.
Note that it does not treat slashes specially ("/foobar/" will be matched by
the prefix "/foobar").
type: string
relativeurl:
description: RelativeURL is the exposed URL for external client to
access a function with.
type: string
required:
- functionref
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

97
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_kuberneteswatchtriggers.fission.io.yaml Normal file
View File

@@ -0,0 +1,97 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
group: fission.io
name: kuberneteswatchtriggers.fission.io
spec:
group: fission.io
names:
kind: KubernetesWatchTrigger
listKind: KubernetesWatchTriggerList
plural: kuberneteswatchtriggers
singular: kuberneteswatchtrigger
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: KubernetesWatchTrigger watches kubernetes resource events and
invokes functions.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: KubernetesWatchTriggerSpec defines spec of KuberenetesWatchTrigger
properties:
functionref:
description: |-
The reference to a function for kubewatcher to invoke with
when receiving events.
properties:
functionweights:
additionalProperties:
type: integer
description: |-
Function Reference by weight. this map contains function name as key and its weight
as the value. This is for canary upgrade purpose.
nullable: true
type: object
name:
description: Name of the function.
type: string
type:
description: |-
Type indicates whether this function reference is by name or selector. For now,
the only supported reference type is by "name". Future reference types:
* Function by label or annotation
* Branch or tag of a versioned function
* A "rolling upgrade" from one version of a function to another
Available value:
- name
- function-weights
type: string
required:
- name
- type
type: object
labelselector:
additionalProperties:
type: string
description: Resource labels
type: object
namespace:
type: string
type:
description: Type of resource to watch (Pod, Service, etc.)
type: string
required:
- functionref
- namespace
- type
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

7566
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_messagequeuetriggers.fission.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

159
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_packages.fission.io.yaml Normal file
View File

@@ -0,0 +1,159 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
group: fission.io
name: packages.fission.io
spec:
group: fission.io
names:
kind: Package
listKind: PackageList
plural: packages
shortNames:
- pkg
singular: package
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: Package Think of these as function-level images.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PackageSpec includes source/deploy archives and the reference
of environment to build the package.
properties:
buildcmd:
description: BuildCommand is a custom build command that builder used
to build the source archive.
type: string
deployment:
description: Deployment is the deployable archive that environment
runtime used to run user function.
properties:
checksum:
description: |-
Checksum ensures the integrity of packages
referenced by URL. Ignored for literals.
properties:
sum:
type: string
type:
description: |-
ChecksumType specifies the checksum algorithm, such as
sha256, used for a checksum.
type: string
type: object
literal:
description: |-
Literal contents of the package. Can be used for
encoding packages below TODO (256 KB?) size.
format: byte
type: string
type:
description: |-
Type defines how the package is specified: literal or URL.
Available value:
- literal
- url
type: string
url:
description: URL references a package.
type: string
type: object
environment:
description: Environment is a reference to the environment for building
source archive.
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
source:
description: |-
Source is the archive contains source code and dependencies file.
If the package status is in PENDING state, builder manager will then
notify builder to compile source and save the result as deployable archive.
properties:
checksum:
description: |-
Checksum ensures the integrity of packages
referenced by URL. Ignored for literals.
properties:
sum:
type: string
type:
description: |-
ChecksumType specifies the checksum algorithm, such as
sha256, used for a checksum.
type: string
type: object
literal:
description: |-
Literal contents of the package. Can be used for
encoding packages below TODO (256 KB?) size.
format: byte
type: string
type:
description: |-
Type defines how the package is specified: literal or URL.
Available value:
- literal
- url
type: string
url:
description: URL references a package.
type: string
type: object
required:
- environment
type: object
status:
description: Status indicates the build status of package.
properties:
buildlog:
description: BuildLog stores build log during the compilation.
type: string
buildstatus:
default: pending
description: BuildStatus is the package build status.
type: string
lastUpdateTimestamp:
description: |-
LastUpdateTimestamp will store the timestamp the package was last updated
metav1.Time is a wrapper around time.Time which supports correct marshaling to YAML and JSON.
https://github.com/kubernetes/apimachinery/blob/44bd77c24ef93cd3a5eb6fef64e514025d10d44e/pkg/apis/meta/v1/time.go#L26-L35
format: date-time
nullable: true
type: string
type: object
required:
- metadata
- spec
type: object
served: true
storage: true

88
crd/fission/apiextensions.k8s.io_v1_CustomResourceDefinition_timetriggers.fission.io.yaml Normal file
View File

@@ -0,0 +1,88 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.14.0
labels:
group: fission.io
name: timetriggers.fission.io
spec:
group: fission.io
names:
kind: TimeTrigger
listKind: TimeTriggerList
plural: timetriggers
singular: timetrigger
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: TimeTrigger invokes functions based on given cron schedule.
properties:
apiVersion:
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: |-
TimeTriggerSpec invokes the specific function at a time or
times specified by a cron string.
properties:
cron:
description: Cron schedule
type: string
functionref:
description: The reference to function
properties:
functionweights:
additionalProperties:
type: integer
description: |-
Function Reference by weight. this map contains function name as key and its weight
as the value. This is for canary upgrade purpose.
nullable: true
type: object
name:
description: Name of the function.
type: string
type:
description: |-
Type indicates whether this function reference is by name or selector. For now,
the only supported reference type is by "name". Future reference types:
* Function by label or annotation
* Branch or tag of a versioned function
* A "rolling upgrade" from one version of a function to another
Available value:
- name
- function-weights
type: string
required:
- name
- type
type: object
required:
- cron
- functionref
type: object
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

17
crd/fission/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

36
crd/fission/index.rhai Normal file
View File

@@ -0,0 +1,36 @@
const VERSION="1.20.1";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_canaryconfigs.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_environments.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_functions.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_httptriggers.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_kuberneteswatchtriggers.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_messagequeuetriggers.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_packages.fission.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_timetriggers.fission.io.yaml",
];
fn pre_pack() {
shell(`kubectl kustomize github.com/fission/fission//crds/v1/?ref=v${global::VERSION} > ${global::SRC}/fission.yaml`);
}
fn post_pack() {
shell(`for i in $(ls -1 "${global::DEST}"|awk '/yaml$/&&!/^index/&&!/apiextensions/');do rm -f "${global::DEST}/$i";done`);
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/fission/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: fission
description: CRD for fission.io
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

566
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_alerts.notification.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,566 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: alerts.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
names:
kind: Alert
listKind: AlertList
plural: alerts
singular: alert
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta1 Alert is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AlertSpec defines an alerting rule for events involving a
list of objects
properties:
eventSeverity:
default: info
description: Filter events based on severity, defaults to ('info').
If set to 'info' no events will be filtered.
enum:
- info
- error
type: string
eventSources:
description: Filter events based on the involved objects.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
name:
description: Name of the referent
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- name
type: object
type: array
exclusionList:
description: A list of Golang regular expressions to be used for excluding
messages.
items:
type: string
type: array
providerRef:
description: Send events using this provider.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
summary:
description: Short description of the impact and affected cluster.
type: string
suspend:
description: This flag tells the controller to suspend subsequent
events dispatching. Defaults to false.
type: boolean
required:
- eventSources
- providerRef
type: object
status:
default:
observedGeneration: -1
description: AlertStatus defines the observed state of Alert
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta2 Alert is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AlertSpec defines an alerting rule for events involving a
list of objects.
properties:
eventMetadata:
additionalProperties:
type: string
description: EventMetadata is an optional field for adding metadata
to events dispatched by the controller. This can be used for enhancing
the context of the event. If a field would override one already
present on the original event as generated by the emitter, then
the override doesn't happen, i.e. the original value is preserved,
and an info log is printed.
type: object
eventSeverity:
default: info
description: EventSeverity specifies how to filter events based on
severity. If set to 'info' no events will be filtered.
enum:
- info
- error
type: string
eventSources:
description: EventSources specifies how to filter events based on
the involved object kind, name and namespace.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
description: Name of the referent If multiple resources are
targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- kind
- name
type: object
type: array
exclusionList:
description: ExclusionList specifies a list of Golang regular expressions
to be used for excluding messages.
items:
type: string
type: array
inclusionList:
description: InclusionList specifies a list of Golang regular expressions
to be used for including messages.
items:
type: string
type: array
providerRef:
description: ProviderRef specifies which Provider this Alert should
use.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
summary:
description: Summary holds a short description of the impact and affected
cluster.
maxLength: 255
type: string
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this Alert.
type: boolean
required:
- eventSources
- providerRef
type: object
status:
default:
observedGeneration: -1
description: AlertStatus defines the observed state of the Alert.
properties:
conditions:
description: Conditions holds the conditions for the Alert.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta3
schema:
openAPIV3Schema:
description: Alert is the Schema for the alerts API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AlertSpec defines an alerting rule for events involving a
list of objects.
properties:
eventMetadata:
additionalProperties:
type: string
description: EventMetadata is an optional field for adding metadata
to events dispatched by the controller. This can be used for enhancing
the context of the event. If a field would override one already
present on the original event as generated by the emitter, then
the override doesn't happen, i.e. the original value is preserved,
and an info log is printed.
type: object
eventSeverity:
default: info
description: EventSeverity specifies how to filter events based on
severity. If set to 'info' no events will be filtered.
enum:
- info
- error
type: string
eventSources:
description: EventSources specifies how to filter events based on
the involved object kind, name and namespace.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
description: Name of the referent If multiple resources are
targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- kind
- name
type: object
type: array
exclusionList:
description: ExclusionList specifies a list of Golang regular expressions
to be used for excluding messages.
items:
type: string
type: array
inclusionList:
description: InclusionList specifies a list of Golang regular expressions
to be used for including messages.
items:
type: string
type: array
providerRef:
description: ProviderRef specifies which Provider this Alert should
use.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
summary:
description: Summary holds a short description of the impact and affected
cluster.
maxLength: 255
type: string
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this Alert.
type: boolean
required:
- eventSources
- providerRef
type: object
type: object
served: true
storage: true
subresources: {}

516
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_buckets.source.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,516 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: buckets.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
names:
kind: Bucket
listKind: BucketList
plural: buckets
singular: bucket
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.endpoint
name: Endpoint
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BucketSpec defines the desired state of an S3 compatible
bucket
properties:
accessFrom:
description: AccessFrom defines an Access Control List for allowing
cross-namespace references to this object.
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
bucketName:
description: The bucket name.
type: string
endpoint:
description: The bucket endpoint address.
type: string
ignore:
description: Ignore overrides the set of excluded patterns in the
.sourceignore format (which is the same as .gitignore). If not provided,
a default will be used, consult the documentation for your version
to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS S3 HTTP endpoint.
type: boolean
interval:
description: The interval at which to check for bucket updates.
type: string
provider:
default: generic
description: The S3 compatible storage provider name, default ('generic').
enum:
- generic
- aws
- gcp
type: string
region:
description: The bucket region.
type: string
secretRef:
description: The name of the secret containing authentication credentials
for the Bucket.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend the reconciliation
of this source.
type: boolean
timeout:
default: 60s
description: The timeout for download operations, defaults to 60s.
type: string
required:
- bucketName
- endpoint
- interval
type: object
status:
default:
observedGeneration: -1
description: BucketStatus defines the observed state of a bucket
properties:
artifact:
description: Artifact represents the output of the last successful
Bucket sync.
properties:
checksum:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
description: Revision is a human readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the Bucket.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
description: URL is the download link for the artifact output of the
last Bucket sync.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.endpoint
name: Endpoint
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
name: v1beta2
schema:
openAPIV3Schema:
description: Bucket is the Schema for the buckets API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BucketSpec specifies the required configuration to produce
an Artifact for an object storage bucket.
properties:
accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing
cross-namespace references to this object. NOTE: Not implemented,
provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
bucketName:
description: BucketName is the name of the object storage bucket.
type: string
endpoint:
description: Endpoint is the object storage address the BucketName
is located at.
type: string
ignore:
description: Ignore overrides the set of excluded patterns in the
.sourceignore format (which is the same as .gitignore). If not provided,
a default will be used, consult the documentation for your version
to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP Endpoint.
type: boolean
interval:
description: Interval at which the Bucket Endpoint is checked for
updates. This interval is approximate and may be subject to jitter
to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
prefix:
description: Prefix to use for server-side filtering of files in the
Bucket.
type: string
provider:
default: generic
description: Provider of the object storage bucket. Defaults to 'generic',
which expects an S3 (API) compatible object storage.
enum:
- generic
- aws
- gcp
- azure
type: string
region:
description: Region of the Endpoint where the BucketName is located
in.
type: string
secretRef:
description: SecretRef specifies the Secret containing authentication
credentials for the Bucket.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend the reconciliation
of this Bucket.
type: boolean
timeout:
default: 60s
description: Timeout for fetch operations, defaults to 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
required:
- bucketName
- endpoint
- interval
type: object
status:
default:
observedGeneration: -1
description: BucketStatus records the observed state of a Bucket.
properties:
artifact:
description: Artifact represents the last successful Bucket reconciliation.
properties:
digest:
description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of the Artifact.
format: date-time
type: string
metadata:
additionalProperties:
type: string
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
description: Path is the relative file path of the Artifact. It
can be used to locate the file in the root of the Artifact storage
on the local file system of the controller managing the Source.
type: string
revision:
description: Revision is a human-readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
description: URL is the HTTP address of the Artifact as exposed
by the controller managing the Source. It can be used to retrieve
the Artifact for consumption, e.g. by another controller applying
the Artifact contents.
type: string
required:
- lastUpdateTime
- path
- revision
- url
type: object
conditions:
description: Conditions holds the conditions for the Bucket.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
the Bucket object.
format: int64
type: integer
observedIgnore:
description: ObservedIgnore is the observed exclusion patterns used
for constructing the source artifact.
type: string
url:
description: URL is the dynamic fetch link for the latest Artifact.
It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
data is recommended.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

1195
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_gitrepositories.source.toolkit.fluxcd.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

616
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_helmcharts.source.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,616 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: helmcharts.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
names:
kind: HelmChart
listKind: HelmChartList
plural: helmcharts
shortNames:
- hc
singular: helmchart
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.chart
name: Chart
type: string
- jsonPath: .spec.version
name: Version
type: string
- jsonPath: .spec.sourceRef.kind
name: Source Kind
type: string
- jsonPath: .spec.sourceRef.name
name: Source Name
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HelmChartSpec defines the desired state of a Helm chart.
properties:
accessFrom:
description: AccessFrom defines an Access Control List for allowing
cross-namespace references to this object.
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
chart:
description: The name or path the Helm chart is available at in the
SourceRef.
type: string
interval:
description: The interval at which to check the Source for updates.
type: string
reconcileStrategy:
default: ChartVersion
description: Determines what enables the creation of a new artifact.
Valid values are ('ChartVersion', 'Revision'). See the documentation
of the values for an explanation on their behavior. Defaults to
ChartVersion when omitted.
enum:
- ChartVersion
- Revision
type: string
sourceRef:
description: The reference to the Source the chart is available at.
properties:
apiVersion:
description: APIVersion of the referent.
type: string
kind:
description: Kind of the referent, valid values are ('HelmRepository',
'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
- Bucket
type: string
name:
description: Name of the referent.
type: string
required:
- kind
- name
type: object
suspend:
description: This flag tells the controller to suspend the reconciliation
of this source.
type: boolean
valuesFile:
description: Alternative values file to use as the default chart values,
expected to be a relative path in the SourceRef. Deprecated in favor
of ValuesFiles, for backwards compatibility the file defined here
is merged before the ValuesFiles items. Ignored when omitted.
type: string
valuesFiles:
description: Alternative list of values files to use as the chart
values (values.yaml is not included by default), expected to be
a relative path in the SourceRef. Values files are merged in the
order of this list with the last file overriding the first. Ignored
when omitted.
items:
type: string
type: array
version:
default: '*'
description: The chart version semver expression, ignored for charts
from GitRepository and Bucket sources. Defaults to latest when omitted.
type: string
required:
- chart
- interval
- sourceRef
type: object
status:
default:
observedGeneration: -1
description: HelmChartStatus defines the observed state of the HelmChart.
properties:
artifact:
description: Artifact represents the output of the last successful
chart sync.
properties:
checksum:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
description: Revision is a human readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
description: URL is the download link for the last chart pulled.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.chart
name: Chart
type: string
- jsonPath: .spec.version
name: Version
type: string
- jsonPath: .spec.sourceRef.kind
name: Source Kind
type: string
- jsonPath: .spec.sourceRef.name
name: Source Name
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
name: v1beta2
schema:
openAPIV3Schema:
description: HelmChart is the Schema for the helmcharts API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HelmChartSpec specifies the desired state of a Helm chart.
properties:
accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing
cross-namespace references to this object. NOTE: Not implemented,
provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
chart:
description: Chart is the name or path the Helm chart is available
at in the SourceRef.
type: string
interval:
description: Interval at which the HelmChart SourceRef is checked
for updates. This interval is approximate and may be subject to
jitter to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
reconcileStrategy:
default: ChartVersion
description: ReconcileStrategy determines what enables the creation
of a new artifact. Valid values are ('ChartVersion', 'Revision').
See the documentation of the values for an explanation on their
behavior. Defaults to ChartVersion when omitted.
enum:
- ChartVersion
- Revision
type: string
sourceRef:
description: SourceRef is the reference to the Source the chart is
available at.
properties:
apiVersion:
description: APIVersion of the referent.
type: string
kind:
description: Kind of the referent, valid values are ('HelmRepository',
'GitRepository', 'Bucket').
enum:
- HelmRepository
- GitRepository
- Bucket
type: string
name:
description: Name of the referent.
type: string
required:
- kind
- name
type: object
suspend:
description: Suspend tells the controller to suspend the reconciliation
of this source.
type: boolean
valuesFile:
description: ValuesFile is an alternative values file to use as the
default chart values, expected to be a relative path in the SourceRef.
Deprecated in favor of ValuesFiles, for backwards compatibility
the file specified here is merged before the ValuesFiles items.
Ignored when omitted.
type: string
valuesFiles:
description: ValuesFiles is an alternative list of values files to
use as the chart values (values.yaml is not included by default),
expected to be a relative path in the SourceRef. Values files are
merged in the order of this list with the last file overriding the
first. Ignored when omitted.
items:
type: string
type: array
verify:
description: Verify contains the secret name containing the trusted
public keys used to verify the signature and specifies which provider
to use to check whether OCI image is authentic. This field is only
supported when using HelmRepository source with spec.type 'oci'.
Chart dependencies, which are not bundled in the umbrella chart
artifact, are not verified.
properties:
matchOIDCIdentity:
description: MatchOIDCIdentity specifies the identity matching
criteria to use while verifying an OCI artifact which was signed
using Cosign keyless signing. The artifact's identity is deemed
to be verified if any of the specified matchers match against
the identity.
items:
description: OIDCIdentityMatch specifies options for verifying
the certificate identity, i.e. the issuer and the subject
of the certificate.
properties:
issuer:
description: Issuer specifies the regex pattern to match
against to verify the OIDC issuer in the Fulcio certificate.
The pattern must be a valid Go regular expression.
type: string
subject:
description: Subject specifies the regex pattern to match
against to verify the identity subject in the Fulcio certificate.
The pattern must be a valid Go regular expression.
type: string
required:
- issuer
- subject
type: object
type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
type: string
secretRef:
description: SecretRef specifies the Kubernetes Secret containing
the trusted public keys.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
required:
- provider
type: object
version:
default: '*'
description: Version is the chart version semver expression, ignored
for charts from GitRepository and Bucket sources. Defaults to latest
when omitted.
type: string
required:
- chart
- interval
- sourceRef
type: object
status:
default:
observedGeneration: -1
description: HelmChartStatus records the observed state of the HelmChart.
properties:
artifact:
description: Artifact represents the output of the last successful
reconciliation.
properties:
digest:
description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of the Artifact.
format: date-time
type: string
metadata:
additionalProperties:
type: string
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
description: Path is the relative file path of the Artifact. It
can be used to locate the file in the root of the Artifact storage
on the local file system of the controller managing the Source.
type: string
revision:
description: Revision is a human-readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
description: URL is the HTTP address of the Artifact as exposed
by the controller managing the Source. It can be used to retrieve
the Artifact for consumption, e.g. by another controller applying
the Artifact contents.
type: string
required:
- lastUpdateTime
- path
- revision
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmChart.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedChartName:
description: ObservedChartName is the last observed chart name as
specified by the resolved chart reference.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
the HelmChart object.
format: int64
type: integer
observedSourceArtifactRevision:
description: ObservedSourceArtifactRevision is the last observed Artifact.Revision
of the HelmChartSpec.SourceRef.
type: string
url:
description: URL is the dynamic fetch link for the latest Artifact.
It is provided on a "best effort" basis, and using the precise BucketStatus.Artifact
data is recommended.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

2256
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_helmreleases.helm.toolkit.fluxcd.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

523
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_helmrepositories.source.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,523 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: helmrepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
names:
kind: HelmRepository
listKind: HelmRepositoryList
plural: helmrepositories
shortNames:
- helmrepo
singular: helmrepository
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.url
name: URL
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HelmRepositorySpec defines the reference to a Helm repository.
properties:
accessFrom:
description: AccessFrom defines an Access Control List for allowing
cross-namespace references to this object.
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
interval:
description: The interval at which to check the upstream for updates.
type: string
passCredentials:
description: PassCredentials allows the credentials from the SecretRef
to be passed on to a host that does not match the host as defined
in URL. This may be required if the host of the advertised chart
URLs in the index differ from the defined URL. Enabling this should
be done with caution, as it can potentially result in credentials
getting stolen in a MITM-attack.
type: boolean
secretRef:
description: The name of the secret containing authentication credentials
for the Helm repository. For HTTP/S basic auth the secret must contain
username and password fields. For TLS the secret must contain a
certFile and keyFile, and/or caFile fields.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend the reconciliation
of this source.
type: boolean
timeout:
default: 60s
description: The timeout of index downloading, defaults to 60s.
type: string
url:
description: The Helm repository URL, a valid URL contains at least
a protocol and host.
type: string
required:
- interval
- url
type: object
status:
default:
observedGeneration: -1
description: HelmRepositoryStatus defines the observed state of the HelmRepository.
properties:
artifact:
description: Artifact represents the output of the last successful
repository sync.
properties:
checksum:
description: Checksum is the SHA256 checksum of the artifact.
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of this artifact.
format: date-time
type: string
path:
description: Path is the relative file path of this artifact.
type: string
revision:
description: Revision is a human readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm index timestamp, a Helm chart version, etc.
type: string
url:
description: URL is the HTTP address of this artifact.
type: string
required:
- path
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
description: URL is the download link for the last index fetched.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.url
name: URL
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
name: v1beta2
schema:
openAPIV3Schema:
description: HelmRepository is the Schema for the helmrepositories API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HelmRepositorySpec specifies the required configuration to
produce an Artifact for a Helm repository index YAML.
properties:
accessFrom:
description: 'AccessFrom specifies an Access Control List for allowing
cross-namespace references to this object. NOTE: Not implemented,
provisional as of https://github.com/fluxcd/flux2/pull/2092'
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
certSecretRef:
description: "CertSecretRef can be given the name of a Secret containing
either or both of \n - a PEM-encoded client certificate (`tls.crt`)
and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
\n It takes precedence over the values specified in the Secret referred
to by `.spec.secretRef`."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
insecure:
description: Insecure allows connecting to a non-TLS HTTP container
registry. This field is only taken into account if the .spec.type
field is set to 'oci'.
type: boolean
interval:
description: Interval at which the HelmRepository URL is checked for
updates. This interval is approximate and may be subject to jitter
to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
passCredentials:
description: PassCredentials allows the credentials from the SecretRef
to be passed on to a host that does not match the host as defined
in URL. This may be required if the host of the advertised chart
URLs in the index differ from the defined URL. Enabling this should
be done with caution, as it can potentially result in credentials
getting stolen in a MITM-attack.
type: boolean
provider:
default: generic
description: Provider used for authentication, can be 'aws', 'azure',
'gcp' or 'generic'. This field is optional, and only taken into
account if the .spec.type field is set to 'oci'. When not specified,
defaults to 'generic'.
enum:
- generic
- aws
- azure
- gcp
type: string
secretRef:
description: SecretRef specifies the Secret containing authentication
credentials for the HelmRepository. For HTTP/S basic auth the secret
must contain 'username' and 'password' fields. Support for TLS auth
using the 'certFile' and 'keyFile', and/or 'caFile' keys is deprecated.
Please use `.spec.certSecretRef` instead.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend the reconciliation
of this HelmRepository.
type: boolean
timeout:
description: Timeout is used for the index fetch operation for an
HTTPS helm repository, and for remote OCI Repository operations
like pulling for an OCI helm chart by the associated HelmChart.
Its default value is 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
description: Type of the HelmRepository. When this field is set to "oci",
the URL field value must be prefixed with "oci://".
enum:
- default
- oci
type: string
url:
description: URL of the Helm repository, a valid URL contains at least
a protocol and host.
pattern: ^(http|https|oci)://.*$
type: string
required:
- url
type: object
status:
default:
observedGeneration: -1
description: HelmRepositoryStatus records the observed state of the HelmRepository.
properties:
artifact:
description: Artifact represents the last successful HelmRepository
reconciliation.
properties:
digest:
description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of the Artifact.
format: date-time
type: string
metadata:
additionalProperties:
type: string
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
description: Path is the relative file path of the Artifact. It
can be used to locate the file in the root of the Artifact storage
on the local file system of the controller managing the Source.
type: string
revision:
description: Revision is a human-readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
description: URL is the HTTP address of the Artifact as exposed
by the controller managing the Source. It can be used to retrieve
the Artifact for consumption, e.g. by another controller applying
the Artifact contents.
type: string
required:
- lastUpdateTime
- path
- revision
- url
type: object
conditions:
description: Conditions holds the conditions for the HelmRepository.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
the HelmRepository object.
format: int64
type: integer
url:
description: URL is the dynamic fetch link for the latest Artifact.
It is provided on a "best effort" basis, and using the precise HelmRepositoryStatus.Artifact
data is recommended.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

401
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_imagepolicies.image.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,401 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: imagepolicies.image.toolkit.fluxcd.io
spec:
group: image.toolkit.fluxcd.io
names:
kind: ImagePolicy
listKind: ImagePolicyList
plural: imagepolicies
singular: imagepolicy
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.latestImage
name: LatestImage
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: ImagePolicy is the Schema for the imagepolicies API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImagePolicySpec defines the parameters for calculating the
ImagePolicy
properties:
filterTags:
description: FilterTags enables filtering for only a subset of tags
based on a set of rules. If no rules are provided, all the tags
from the repository will be ordered and compared.
properties:
extract:
description: Extract allows a capture group to be extracted from
the specified regular expression pattern, useful before tag
evaluation.
type: string
pattern:
description: Pattern specifies a regular expression pattern used
to filter for image tags.
type: string
type: object
imageRepositoryRef:
description: ImageRepositoryRef points at the object specifying the
image being scanned
properties:
name:
description: Name of the referent.
type: string
namespace:
description: Namespace of the referent, when not specified it
acts as LocalObjectReference.
type: string
required:
- name
type: object
policy:
description: Policy gives the particulars of the policy to be followed
in selecting the most recent image
properties:
alphabetical:
description: Alphabetical set of rules to use for alphabetical
ordering of the tags.
properties:
order:
default: asc
description: Order specifies the sorting order of the tags.
Given the letters of the alphabet as tags, ascending order
would select Z, and descending order would select A.
enum:
- asc
- desc
type: string
type: object
numerical:
description: Numerical set of rules to use for numerical ordering
of the tags.
properties:
order:
default: asc
description: Order specifies the sorting order of the tags.
Given the integer values from 0 to 9 as tags, ascending
order would select 9, and descending order would select
0.
enum:
- asc
- desc
type: string
type: object
semver:
description: SemVer gives a semantic version range to check against
the tags available.
properties:
range:
description: Range gives a semver range for the image tag;
the highest version within the range that's a tag yields
the latest image.
type: string
required:
- range
type: object
type: object
required:
- imageRepositoryRef
- policy
type: object
status:
default:
observedGeneration: -1
description: ImagePolicyStatus defines the observed state of ImagePolicy
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
latestImage:
description: LatestImage gives the first in the list of images scanned
by the image repository, when filtered and ordered according to
the policy.
type: string
observedGeneration:
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.latestImage
name: LatestImage
type: string
name: v1beta2
schema:
openAPIV3Schema:
description: ImagePolicy is the Schema for the imagepolicies API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImagePolicySpec defines the parameters for calculating the
ImagePolicy.
properties:
filterTags:
description: FilterTags enables filtering for only a subset of tags
based on a set of rules. If no rules are provided, all the tags
from the repository will be ordered and compared.
properties:
extract:
description: Extract allows a capture group to be extracted from
the specified regular expression pattern, useful before tag
evaluation.
type: string
pattern:
description: Pattern specifies a regular expression pattern used
to filter for image tags.
type: string
type: object
imageRepositoryRef:
description: ImageRepositoryRef points at the object specifying the
image being scanned
properties:
name:
description: Name of the referent.
type: string
namespace:
description: Namespace of the referent, when not specified it
acts as LocalObjectReference.
type: string
required:
- name
type: object
policy:
description: Policy gives the particulars of the policy to be followed
in selecting the most recent image
properties:
alphabetical:
description: Alphabetical set of rules to use for alphabetical
ordering of the tags.
properties:
order:
default: asc
description: Order specifies the sorting order of the tags.
Given the letters of the alphabet as tags, ascending order
would select Z, and descending order would select A.
enum:
- asc
- desc
type: string
type: object
numerical:
description: Numerical set of rules to use for numerical ordering
of the tags.
properties:
order:
default: asc
description: Order specifies the sorting order of the tags.
Given the integer values from 0 to 9 as tags, ascending
order would select 9, and descending order would select
0.
enum:
- asc
- desc
type: string
type: object
semver:
description: SemVer gives a semantic version range to check against
the tags available.
properties:
range:
description: Range gives a semver range for the image tag;
the highest version within the range that's a tag yields
the latest image.
type: string
required:
- range
type: object
type: object
required:
- imageRepositoryRef
- policy
type: object
status:
default:
observedGeneration: -1
description: ImagePolicyStatus defines the observed state of ImagePolicy
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
latestImage:
description: LatestImage gives the first in the list of images scanned
by the image repository, when filtered and ordered according to
the policy.
type: string
observedGeneration:
format: int64
type: integer
observedPreviousImage:
description: ObservedPreviousImage is the observed previous LatestImage.
It is used to keep track of the previous and current images.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

477
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_imagerepositories.image.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,477 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: imagerepositories.image.toolkit.fluxcd.io
spec:
group: image.toolkit.fluxcd.io
names:
kind: ImageRepository
listKind: ImageRepositoryList
plural: imagerepositories
singular: imagerepository
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.lastScanResult.scanTime
name: Last scan
type: string
- jsonPath: .status.lastScanResult.tagCount
name: Tags
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: ImageRepository is the Schema for the imagerepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImageRepositorySpec defines the parameters for scanning an
image repository, e.g., `fluxcd/flux`.
properties:
accessFrom:
description: AccessFrom defines an ACL for allowing cross-namespace
references to the ImageRepository object based on the caller's namespace
labels.
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
certSecretRef:
description: "CertSecretRef can be given the name of a secret containing
either or both of \n - a PEM-encoded client certificate (`certFile`)
and private key (`keyFile`); - a PEM-encoded CA certificate (`caFile`)
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
exclusionList:
description: ExclusionList is a list of regex strings used to exclude
certain tags from being stored in the database.
items:
type: string
type: array
image:
description: Image is the name of the image repository
type: string
interval:
description: Interval is the length of time to wait between scans
of the image repository.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
secretRef:
description: SecretRef can be given the name of a secret containing
credentials to use for the image registry. The secret should be
created with `kubectl create secret docker-registry`, or the equivalent.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
serviceAccountName:
description: ServiceAccountName is the name of the Kubernetes ServiceAccount
used to authenticate the image pull if the service account has attached
pull secrets.
maxLength: 253
type: string
suspend:
description: This flag tells the controller to suspend subsequent
image scans. It does not apply to already started scans. Defaults
to false.
type: boolean
timeout:
description: Timeout for image scanning. Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type: object
status:
default:
observedGeneration: -1
description: ImageRepositoryStatus defines the observed state of ImageRepository
properties:
canonicalImageName:
description: CanonicalName is the name of the image repository with
all the implied bits made explicit; e.g., `docker.io/library/alpine`
rather than `alpine`.
type: string
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
lastScanResult:
description: LastScanResult contains the number of fetched tags.
properties:
scanTime:
format: date-time
type: string
tagCount:
type: integer
required:
- tagCount
type: object
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.lastScanResult.scanTime
name: Last scan
type: string
- jsonPath: .status.lastScanResult.tagCount
name: Tags
type: string
name: v1beta2
schema:
openAPIV3Schema:
description: ImageRepository is the Schema for the imagerepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImageRepositorySpec defines the parameters for scanning an
image repository, e.g., `fluxcd/flux`.
properties:
accessFrom:
description: AccessFrom defines an ACL for allowing cross-namespace
references to the ImageRepository object based on the caller's namespace
labels.
properties:
namespaceSelectors:
description: NamespaceSelectors is the list of namespace selectors
to which this ACL applies. Items in this list are evaluated
using a logical OR operation.
items:
description: NamespaceSelector selects the namespaces to which
this ACL applies. An empty map of MatchLabels matches all
namespaces in a cluster.
properties:
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
type: array
required:
- namespaceSelectors
type: object
certSecretRef:
description: "CertSecretRef can be given the name of a Secret containing
either or both of \n - a PEM-encoded client certificate (`tls.crt`)
and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
\n Note: Support for the `caFile`, `certFile` and `keyFile` keys
has been deprecated."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
exclusionList:
default:
- ^.*\.sig$
description: ExclusionList is a list of regex strings used to exclude
certain tags from being stored in the database.
items:
type: string
maxItems: 25
type: array
image:
description: Image is the name of the image repository
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP container
registry.
type: boolean
interval:
description: Interval is the length of time to wait between scans
of the image repository.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
provider:
default: generic
description: The provider used for authentication, can be 'aws', 'azure',
'gcp' or 'generic'. When not specified, defaults to 'generic'.
enum:
- generic
- aws
- azure
- gcp
type: string
secretRef:
description: SecretRef can be given the name of a secret containing
credentials to use for the image registry. The secret should be
created with `kubectl create secret docker-registry`, or the equivalent.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
serviceAccountName:
description: ServiceAccountName is the name of the Kubernetes ServiceAccount
used to authenticate the image pull if the service account has attached
pull secrets.
maxLength: 253
type: string
suspend:
description: This flag tells the controller to suspend subsequent
image scans. It does not apply to already started scans. Defaults
to false.
type: boolean
timeout:
description: Timeout for image scanning. Defaults to 'Interval' duration.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type: object
status:
default:
observedGeneration: -1
description: ImageRepositoryStatus defines the observed state of ImageRepository
properties:
canonicalImageName:
description: CanonicalName is the name of the image repository with
all the implied bits made explicit; e.g., `docker.io/library/alpine`
rather than `alpine`.
type: string
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
lastScanResult:
description: LastScanResult contains the number of fetched tags.
properties:
latestTags:
items:
type: string
type: array
scanTime:
format: date-time
type: string
tagCount:
type: integer
required:
- tagCount
type: object
observedExclusionList:
description: ObservedExclusionList is a list of observed exclusion
list. It reflects the exclusion rules used for the observed scan
result in spec.lastScanResult.
items:
type: string
type: array
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}

314
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_imageupdateautomations.image.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,314 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: imageupdateautomations.image.toolkit.fluxcd.io
spec:
group: image.toolkit.fluxcd.io
names:
kind: ImageUpdateAutomation
listKind: ImageUpdateAutomationList
plural: imageupdateautomations
singular: imageupdateautomation
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.lastAutomationRunTime
name: Last run
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: ImageUpdateAutomation is the Schema for the imageupdateautomations
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ImageUpdateAutomationSpec defines the desired state of ImageUpdateAutomation
properties:
git:
description: GitSpec contains all the git-specific definitions. This
is technically optional, but in practice mandatory until there are
other kinds of source allowed.
properties:
checkout:
description: Checkout gives the parameters for cloning the git
repository, ready to make changes. If not present, the `spec.ref`
field from the referenced `GitRepository` or its default will
be used.
properties:
ref:
description: Reference gives a branch, tag or commit to clone
from the Git repository.
properties:
branch:
description: Branch to check out, defaults to 'master'
if no other field is defined.
type: string
commit:
description: "Commit SHA to check out, takes precedence
over all reference fields. \n This can be combined with
Branch to shallow clone the branch, in which the commit
is expected to exist."
type: string
name:
description: "Name of the reference to check out; takes
precedence over Branch, Tag and SemVer. \n It must be
a valid Git reference: https://git-scm.com/docs/git-check-ref-format#_description
Examples: \"refs/heads/main\", \"refs/tags/v0.1.0\",
\"refs/pull/420/head\", \"refs/merge-requests/1/head\""
type: string
semver:
description: SemVer tag expression to check out, takes
precedence over Tag.
type: string
tag:
description: Tag to check out, takes precedence over Branch.
type: string
type: object
required:
- ref
type: object
commit:
description: Commit specifies how to commit to the git repository.
properties:
author:
description: Author gives the email and optionally the name
to use as the author of commits.
properties:
email:
description: Email gives the email to provide when making
a commit.
type: string
name:
description: Name gives the name to provide when making
a commit.
type: string
required:
- email
type: object
messageTemplate:
description: MessageTemplate provides a template for the commit
message, into which will be interpolated the details of
the change made.
type: string
signingKey:
description: SigningKey provides the option to sign commits
with a GPG key
properties:
secretRef:
description: SecretRef holds the name to a secret that
contains a 'git.asc' key corresponding to the ASCII
Armored file containing the GPG signing keypair as the
value. It must be in the same namespace as the ImageUpdateAutomation.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
type: object
required:
- author
type: object
push:
description: Push specifies how and where to push commits made
by the automation. If missing, commits are pushed (back) to
`.spec.checkout.branch` or its default.
properties:
branch:
description: Branch specifies that commits should be pushed
to the branch named. The branch is created using `.spec.checkout.branch`
as the starting point, if it doesn't already exist.
type: string
options:
additionalProperties:
type: string
description: 'Options specifies the push options that are
sent to the Git server when performing a push operation.
For details, see: https://git-scm.com/docs/git-push#Documentation/git-push.txt---push-optionltoptiongt'
type: object
refspec:
description: 'Refspec specifies the Git Refspec to use for
a push operation. If both Branch and Refspec are provided,
then the commit is pushed to the branch and also using the
specified refspec. For more details about Git Refspecs,
see: https://git-scm.com/book/en/v2/Git-Internals-The-Refspec'
type: string
type: object
required:
- commit
type: object
interval:
description: Interval gives an lower bound for how often the automation
run should be attempted.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
sourceRef:
description: SourceRef refers to the resource giving access details
to a git repository.
properties:
apiVersion:
description: API version of the referent.
type: string
kind:
default: GitRepository
description: Kind of the referent.
enum:
- GitRepository
type: string
name:
description: Name of the referent.
type: string
namespace:
description: Namespace of the referent, defaults to the namespace
of the Kubernetes resource object that contains the reference.
type: string
required:
- kind
- name
type: object
suspend:
description: Suspend tells the controller to not run this automation,
until it is unset (or set to false). Defaults to false.
type: boolean
update:
default:
strategy: Setters
description: Update gives the specification for how to update the
files in the repository. This can be left empty, to use the default
value.
properties:
path:
description: Path to the directory containing the manifests to
be updated. Defaults to 'None', which translates to the root
path of the GitRepositoryRef.
type: string
strategy:
default: Setters
description: Strategy names the strategy to be used.
enum:
- Setters
type: string
required:
- strategy
type: object
required:
- interval
- sourceRef
type: object
status:
default:
observedGeneration: -1
description: ImageUpdateAutomationStatus defines the observed state of
ImageUpdateAutomation
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastAutomationRunTime:
description: LastAutomationRunTime records the last time the controller
ran this automation through to completion (even if no updates were
made).
format: date-time
type: string
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
lastPushCommit:
description: LastPushCommit records the SHA1 of the last commit made
by the controller, for this automation object
type: string
lastPushTime:
description: LastPushTime records the time of the last pushed change.
format: date-time
type: string
observedGeneration:
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}

1628
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_kustomizations.kustomize.toolkit.fluxcd.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

385
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_ocirepositories.source.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,385 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: ocirepositories.source.toolkit.fluxcd.io
spec:
group: source.toolkit.fluxcd.io
names:
kind: OCIRepository
listKind: OCIRepositoryList
plural: ocirepositories
shortNames:
- ocirepo
singular: ocirepository
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.url
name: URL
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta2
schema:
openAPIV3Schema:
description: OCIRepository is the Schema for the ocirepositories API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OCIRepositorySpec defines the desired state of OCIRepository
properties:
certSecretRef:
description: "CertSecretRef can be given the name of a Secret containing
either or both of \n - a PEM-encoded client certificate (`tls.crt`)
and private key (`tls.key`); - a PEM-encoded CA certificate (`ca.crt`)
\n and whichever are supplied, will be used for connecting to the
registry. The client cert and key are useful if you are authenticating
with a certificate; the CA cert is useful if you are using a self-signed
server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`.
\n Note: Support for the `caFile`, `certFile` and `keyFile` keys
have been deprecated."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
ignore:
description: Ignore overrides the set of excluded patterns in the
.sourceignore format (which is the same as .gitignore). If not provided,
a default will be used, consult the documentation for your version
to find out what those are.
type: string
insecure:
description: Insecure allows connecting to a non-TLS HTTP container
registry.
type: boolean
interval:
description: Interval at which the OCIRepository URL is checked for
updates. This interval is approximate and may be subject to jitter
to ensure efficient use of resources.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
layerSelector:
description: LayerSelector specifies which layer should be extracted
from the OCI artifact. When not specified, the first layer found
in the artifact is selected.
properties:
mediaType:
description: MediaType specifies the OCI media type of the layer
which should be extracted from the OCI Artifact. The first layer
matching this type is selected.
type: string
operation:
description: Operation specifies how the selected layer should
be processed. By default, the layer compressed content is extracted
to storage. When the operation is set to 'copy', the layer compressed
content is persisted to storage as it is.
enum:
- extract
- copy
type: string
type: object
provider:
default: generic
description: The provider used for authentication, can be 'aws', 'azure',
'gcp' or 'generic'. When not specified, defaults to 'generic'.
enum:
- generic
- aws
- azure
- gcp
type: string
ref:
description: The OCI reference to pull and monitor for changes, defaults
to the latest tag.
properties:
digest:
description: Digest is the image digest to pull, takes precedence
over SemVer. The value should be in the format 'sha256:<HASH>'.
type: string
semver:
description: SemVer is the range of tags to pull selecting the
latest within the range, takes precedence over Tag.
type: string
tag:
description: Tag is the image tag to pull, defaults to latest.
type: string
type: object
secretRef:
description: SecretRef contains the secret name containing the registry
login credentials to resolve image metadata. The secret must be
of type kubernetes.io/dockerconfigjson.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
serviceAccountName:
description: 'ServiceAccountName is the name of the Kubernetes ServiceAccount
used to authenticate the image pull if the service account has attached
pull secrets. For more information: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/#add-imagepullsecrets-to-a-service-account'
type: string
suspend:
description: This flag tells the controller to suspend the reconciliation
of this source.
type: boolean
timeout:
default: 60s
description: The timeout for remote OCI Repository operations like
pulling, defaults to 60s.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
url:
description: URL is a reference to an OCI artifact repository hosted
on a remote container registry.
pattern: ^oci://.*$
type: string
verify:
description: Verify contains the secret name containing the trusted
public keys used to verify the signature and specifies which provider
to use to check whether OCI image is authentic.
properties:
matchOIDCIdentity:
description: MatchOIDCIdentity specifies the identity matching
criteria to use while verifying an OCI artifact which was signed
using Cosign keyless signing. The artifact's identity is deemed
to be verified if any of the specified matchers match against
the identity.
items:
description: OIDCIdentityMatch specifies options for verifying
the certificate identity, i.e. the issuer and the subject
of the certificate.
properties:
issuer:
description: Issuer specifies the regex pattern to match
against to verify the OIDC issuer in the Fulcio certificate.
The pattern must be a valid Go regular expression.
type: string
subject:
description: Subject specifies the regex pattern to match
against to verify the identity subject in the Fulcio certificate.
The pattern must be a valid Go regular expression.
type: string
required:
- issuer
- subject
type: object
type: array
provider:
default: cosign
description: Provider specifies the technology used to sign the
OCI Artifact.
enum:
- cosign
type: string
secretRef:
description: SecretRef specifies the Kubernetes Secret containing
the trusted public keys.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
required:
- provider
type: object
required:
- interval
- url
type: object
status:
default:
observedGeneration: -1
description: OCIRepositoryStatus defines the observed state of OCIRepository
properties:
artifact:
description: Artifact represents the output of the last successful
OCI Repository sync.
properties:
digest:
description: Digest is the digest of the file in the form of '<algorithm>:<checksum>'.
pattern: ^[a-z0-9]+(?:[.+_-][a-z0-9]+)*:[a-zA-Z0-9=_-]+$
type: string
lastUpdateTime:
description: LastUpdateTime is the timestamp corresponding to
the last update of the Artifact.
format: date-time
type: string
metadata:
additionalProperties:
type: string
description: Metadata holds upstream information such as OCI annotations.
type: object
path:
description: Path is the relative file path of the Artifact. It
can be used to locate the file in the root of the Artifact storage
on the local file system of the controller managing the Source.
type: string
revision:
description: Revision is a human-readable identifier traceable
in the origin source system. It can be a Git commit SHA, Git
tag, a Helm chart version, etc.
type: string
size:
description: Size is the number of bytes in the file.
format: int64
type: integer
url:
description: URL is the HTTP address of the Artifact as exposed
by the controller managing the Source. It can be used to retrieve
the Artifact for consumption, e.g. by another controller applying
the Artifact contents.
type: string
required:
- lastUpdateTime
- path
- revision
- url
type: object
conditions:
description: Conditions holds the conditions for the OCIRepository.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
contentConfigChecksum:
description: "ContentConfigChecksum is a checksum of all the configurations
related to the content of the source artifact: - .spec.ignore -
.spec.layerSelector observed in .status.observedGeneration version
of the object. This can be used to determine if the content configuration
has changed and the artifact needs to be rebuilt. It has the format
of `<algo>:<checksum>`, for example: `sha256:<checksum>`. \n Deprecated:
Replaced with explicit fields for observed artifact content config
in the status."
type: string
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
observedIgnore:
description: ObservedIgnore is the observed exclusion patterns used
for constructing the source artifact.
type: string
observedLayerSelector:
description: ObservedLayerSelector is the observed layer selector
used for constructing the source artifact.
properties:
mediaType:
description: MediaType specifies the OCI media type of the layer
which should be extracted from the OCI Artifact. The first layer
matching this type is selected.
type: string
operation:
description: Operation specifies how the selected layer should
be processed. By default, the layer compressed content is extracted
to storage. When the operation is set to 'copy', the layer compressed
content is persisted to storage as it is.
enum:
- extract
- copy
type: string
type: object
url:
description: URL is the download link for the artifact output of the
last OCI Repository sync.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

528
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_providers.notification.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,528 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: providers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
names:
kind: Provider
listKind: ProviderList
plural: providers
singular: provider
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta1 Provider is deprecated, upgrade to v1beta3
name: v1beta1
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ProviderSpec defines the desired state of Provider
properties:
address:
description: HTTP/S webhook address of this provider
pattern: ^(http|https)://
type: string
certSecretRef:
description: CertSecretRef can be given the name of a secret containing
a PEM-encoded CA certificate (`caFile`)
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
channel:
description: Alert channel for this provider
type: string
proxy:
description: HTTP/S address of the proxy
pattern: ^(http|https)://
type: string
secretRef:
description: Secret reference containing the provider webhook URL
using "address" as data key
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend subsequent
events handling. Defaults to false.
type: boolean
timeout:
description: Timeout for sending alerts to the provider.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
description: Type of provider
enum:
- slack
- discord
- msteams
- rocket
- generic
- generic-hmac
- github
- gitlab
- bitbucket
- azuredevops
- googlechat
- webex
- sentry
- azureeventhub
- telegram
- lark
- matrix
- opsgenie
- alertmanager
- grafana
- githubdispatch
type: string
username:
description: Bot username for this provider
type: string
required:
- type
type: object
status:
default:
observedGeneration: -1
description: ProviderStatus defines the observed state of Provider
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta2 Provider is deprecated, upgrade to v1beta3
name: v1beta2
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ProviderSpec defines the desired state of the Provider.
properties:
address:
description: Address specifies the endpoint, in a generic sense, to
where alerts are sent. What kind of endpoint depends on the specific
Provider type being used. For the generic Provider, for example,
this is an HTTP/S address. For other Provider types this could be
a project ID or a namespace.
maxLength: 2048
type: string
certSecretRef:
description: "CertSecretRef specifies the Secret containing a PEM-encoded
CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile`
key has been deprecated."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
channel:
description: Channel specifies the destination channel where events
should be posted.
maxLength: 2048
type: string
interval:
description: Interval at which to reconcile the Provider with its
Secret references.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
proxy:
description: Proxy the HTTP/S address of the proxy server.
maxLength: 2048
pattern: ^(http|https)://.*$
type: string
secretRef:
description: SecretRef specifies the Secret containing the authentication
credentials for this Provider.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this Provider.
type: boolean
timeout:
description: Timeout for sending alerts to the Provider.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
description: Type specifies which Provider implementation to use.
enum:
- slack
- discord
- msteams
- rocket
- generic
- generic-hmac
- github
- gitlab
- gitea
- bitbucketserver
- bitbucket
- azuredevops
- googlechat
- googlepubsub
- webex
- sentry
- azureeventhub
- telegram
- lark
- matrix
- opsgenie
- alertmanager
- grafana
- githubdispatch
- pagerduty
- datadog
type: string
username:
description: Username specifies the name under which events are posted.
maxLength: 2048
type: string
required:
- type
type: object
status:
default:
observedGeneration: -1
description: ProviderStatus defines the observed state of the Provider.
properties:
conditions:
description: Conditions holds the conditions for the Provider.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last reconciled generation.
format: int64
type: integer
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1beta3
schema:
openAPIV3Schema:
description: Provider is the Schema for the providers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ProviderSpec defines the desired state of the Provider.
properties:
address:
description: Address specifies the endpoint, in a generic sense, to
where alerts are sent. What kind of endpoint depends on the specific
Provider type being used. For the generic Provider, for example,
this is an HTTP/S address. For other Provider types this could be
a project ID or a namespace.
maxLength: 2048
type: string
certSecretRef:
description: "CertSecretRef specifies the Secret containing a PEM-encoded
CA certificate (in the `ca.crt` key). \n Note: Support for the `caFile`
key has been deprecated."
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
channel:
description: Channel specifies the destination channel where events
should be posted.
maxLength: 2048
type: string
interval:
description: Interval at which to reconcile the Provider with its
Secret references. Deprecated and not used in v1beta3.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
proxy:
description: Proxy the HTTP/S address of the proxy server.
maxLength: 2048
pattern: ^(http|https)://.*$
type: string
secretRef:
description: SecretRef specifies the Secret containing the authentication
credentials for this Provider.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this Provider.
type: boolean
timeout:
description: Timeout for sending alerts to the Provider.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m))+$
type: string
type:
description: Type specifies which Provider implementation to use.
enum:
- slack
- discord
- msteams
- rocket
- generic
- generic-hmac
- github
- gitlab
- gitea
- bitbucketserver
- bitbucket
- azuredevops
- googlechat
- googlepubsub
- webex
- sentry
- azureeventhub
- telegram
- lark
- matrix
- opsgenie
- alertmanager
- grafana
- githubdispatch
- pagerduty
- datadog
- nats
type: string
username:
description: Username specifies the name under which events are posted.
maxLength: 2048
type: string
required:
- type
type: object
type: object
served: true
storage: true
subresources: {}

662
crd/flux/apiextensions.k8s.io_v1_CustomResourceDefinition_receivers.notification.toolkit.fluxcd.io.yaml Normal file
View File

@@ -0,0 +1,662 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.12.0
name: receivers.notification.toolkit.fluxcd.io
spec:
group: notification.toolkit.fluxcd.io
names:
kind: Receiver
listKind: ReceiverList
plural: receivers
singular: receiver
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
name: v1
schema:
openAPIV3Schema:
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
description: Events specifies the list of event types to handle, e.g.
'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
interval:
default: 10m
description: Interval at which to reconcile the Receiver with its
Secret references.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
resources:
description: A list of resources to be notified about changes.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
description: Name of the referent If multiple resources are
targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- kind
- name
type: object
type: array
secretRef:
description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this receiver.
type: boolean
type:
description: Type of webhook sender, used to determine the validation
procedure and payload deserialization.
enum:
- generic
- generic-hmac
- github
- gitlab
- bitbucket
- harbor
- dockerhub
- quay
- gcr
- nexus
- acr
type: string
required:
- resources
- secretRef
- type
type: object
status:
default:
observedGeneration: -1
description: ReceiverStatus defines the observed state of the Receiver.
properties:
conditions:
description: Conditions holds the conditions for the Receiver.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
the Receiver object.
format: int64
type: integer
webhookPath:
description: WebhookPath is the generated incoming webhook address
in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta1 Receiver is deprecated, upgrade to v1
name: v1beta1
schema:
openAPIV3Schema:
description: Receiver is the Schema for the receivers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ReceiverSpec defines the desired state of Receiver
properties:
events:
description: A list of events to handle, e.g. 'push' for GitHub or
'Push Hook' for GitLab.
items:
type: string
type: array
resources:
description: A list of resources to be notified about changes.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
name:
description: Name of the referent
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- name
type: object
type: array
secretRef:
description: Secret reference containing the token used to validate
the payload authenticity
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: This flag tells the controller to suspend subsequent
events handling. Defaults to false.
type: boolean
type:
description: Type of webhook sender, used to determine the validation
procedure and payload deserialization.
enum:
- generic
- generic-hmac
- github
- gitlab
- bitbucket
- harbor
- dockerhub
- quay
- gcr
- nexus
- acr
type: string
required:
- resources
- type
type: object
status:
default:
observedGeneration: -1
description: ReceiverStatus defines the observed state of Receiver
properties:
conditions:
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
observedGeneration:
description: ObservedGeneration is the last observed generation.
format: int64
type: integer
url:
description: Generated webhook URL in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].message
name: Status
type: string
deprecated: true
deprecationWarning: v1beta2 Receiver is deprecated, upgrade to v1
name: v1beta2
schema:
openAPIV3Schema:
description: Receiver is the Schema for the receivers API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ReceiverSpec defines the desired state of the Receiver.
properties:
events:
description: Events specifies the list of event types to handle, e.g.
'push' for GitHub or 'Push Hook' for GitLab.
items:
type: string
type: array
interval:
description: Interval at which to reconcile the Receiver with its
Secret references.
pattern: ^([0-9]+(\.[0-9]+)?(ms|s|m|h))+$
type: string
resources:
description: A list of resources to be notified about changes.
items:
description: CrossNamespaceObjectReference contains enough information
to let you locate the typed referenced object at cluster level
properties:
apiVersion:
description: API version of the referent
type: string
kind:
description: Kind of the referent
enum:
- Bucket
- GitRepository
- Kustomization
- HelmRelease
- HelmChart
- HelmRepository
- ImageRepository
- ImagePolicy
- ImageUpdateAutomation
- OCIRepository
type: string
matchLabels:
additionalProperties:
type: string
description: MatchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed. MatchLabels requires the name to be set to `*`.
type: object
name:
description: Name of the referent If multiple resources are
targeted `*` may be set.
maxLength: 53
minLength: 1
type: string
namespace:
description: Namespace of the referent
maxLength: 53
minLength: 1
type: string
required:
- kind
- name
type: object
type: array
secretRef:
description: SecretRef specifies the Secret containing the token used
to validate the payload authenticity.
properties:
name:
description: Name of the referent.
type: string
required:
- name
type: object
suspend:
description: Suspend tells the controller to suspend subsequent events
handling for this receiver.
type: boolean
type:
description: Type of webhook sender, used to determine the validation
procedure and payload deserialization.
enum:
- generic
- generic-hmac
- github
- gitlab
- bitbucket
- harbor
- dockerhub
- quay
- gcr
- nexus
- acr
type: string
required:
- resources
- type
type: object
status:
default:
observedGeneration: -1
description: ReceiverStatus defines the observed state of the Receiver.
properties:
conditions:
description: Conditions holds the conditions for the Receiver.
items:
description: "Condition contains details for one aspect of the current
state of this API Resource. --- This struct is intended for direct
use as an array at the field path .status.conditions. For example,
\n type FooStatus struct{ // Represents the observations of a
foo's current state. // Known .status.conditions.type are: \"Available\",
\"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
// +listType=map // +listMapKey=type Conditions []metav1.Condition
`json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition
transitioned from one status to another. This should be when
the underlying condition changed. If that is not known, then
using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: message is a human readable message indicating
details about the transition. This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: observedGeneration represents the .metadata.generation
that the condition was set based upon. For instance, if .metadata.generation
is currently 12, but the .status.conditions[x].observedGeneration
is 9, the condition is out of date with respect to the current
state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: reason contains a programmatic identifier indicating
the reason for the condition's last transition. Producers
of specific condition types may define expected values and
meanings for this field, and whether the values are considered
a guaranteed API. The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase.
--- Many .condition.type values are consistent across resources
like Available, but because arbitrary conditions can be useful
(see .node.status.conditions), the ability to deconflict is
important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
lastHandledReconcileAt:
description: LastHandledReconcileAt holds the value of the most recent
reconcile request value, so a change of the annotation value can
be detected.
type: string
observedGeneration:
description: ObservedGeneration is the last observed generation of
the Receiver object.
format: int64
type: integer
url:
description: 'URL is the generated incoming webhook address in the
format of ''/hook/sha256sum(token+name+namespace)''. Deprecated:
Replaced by WebhookPath.'
type: string
webhookPath:
description: WebhookPath is the generated incoming webhook address
in the format of '/hook/sha256sum(token+name+namespace)'.
type: string
type: object
type: object
served: true
storage: false
subresources:
status: {}

17
crd/flux/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

38
crd/flux/index.rhai Normal file
View File

@@ -0,0 +1,38 @@
const VERSION="2.2.3";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_alerts.notification.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_buckets.source.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_gitrepositories.source.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_helmcharts.source.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_helmreleases.helm.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_helmrepositories.source.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_imagepolicies.image.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_imagerepositories.image.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_imageupdateautomations.image.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_kustomizations.kustomize.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_ocirepositories.source.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_providers.notification.toolkit.fluxcd.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_receivers.notification.toolkit.fluxcd.io.yaml",
];
fn pre_pack() {
shell(`kubectl kustomize github.com/fluxcd/flux2//manifests/crds/?ref=v${global::VERSION} > ${global::SRC}/flux.yaml`);
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/flux/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: flux
description: CRDs for FluxCD
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

15698
crd/jaeger/apiextensions.k8s.io_v1_CustomResourceDefinition_jaegers.jaegertracing.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17
crd/jaeger/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

26
crd/jaeger/index.rhai Normal file
View File

@@ -0,0 +1,26 @@
const VERSION="1.53.0";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_jaegers.jaegertracing.io.yaml",
];
fn pre_pack() {
shell(`kubectl kustomize https://github.com/jaegertracing/jaeger-operator//config/crd/?ref=v${global::VERSION} > ${global::SRC}/jaegertracing.yaml`);
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/jaeger/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: jaeger
description: CRD for the Jaeger operator
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

91
crd/keda/apiextensions.k8s.io_v1_CustomResourceDefinition_cloudeventsources.eventing.keda.sh.yaml Normal file
View File

@@ -0,0 +1,91 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: cloudeventsources.eventing.keda.sh
spec:
group: eventing.keda.sh
names:
kind: CloudEventSource
listKind: CloudEventSourceList
plural: cloudeventsources
singular: cloudeventsource
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=="Active")].status
name: Active
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: CloudEventSource defines how a KEDA event will be sent to event
sink
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CloudEventSourceSpec defines the spec of CloudEventSource
properties:
clusterName:
type: string
destination:
description: Destination defines the various ways to emit events
properties:
http:
properties:
uri:
type: string
required:
- uri
type: object
type: object
required:
- destination
type: object
status:
description: CloudEventSourceStatus defines the observed state of CloudEventSource
properties:
conditions:
description: Conditions an array representation to store multiple
Conditions
items:
description: Condition to store the condition state
properties:
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition
type: string
required:
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

518
crd/keda/apiextensions.k8s.io_v1_CustomResourceDefinition_clustertriggerauthentications.keda.sh.yaml Normal file
View File

@@ -0,0 +1,518 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: clustertriggerauthentications.keda.sh
spec:
group: keda.sh
names:
kind: ClusterTriggerAuthentication
listKind: ClusterTriggerAuthenticationList
plural: clustertriggerauthentications
shortNames:
- cta
- clustertriggerauth
singular: clustertriggerauthentication
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.podIdentity.provider
name: PodIdentity
type: string
- jsonPath: .spec.secretTargetRef[*].name
name: Secret
type: string
- jsonPath: .spec.env[*].name
name: Env
type: string
- jsonPath: .spec.hashiCorpVault.address
name: VaultAddress
type: string
- jsonPath: .status.scaledobjects
name: ScaledObjects
priority: 1
type: string
- jsonPath: .status.scaledjobs
name: ScaledJobs
priority: 1
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ClusterTriggerAuthentication defines how a trigger can authenticate
globally
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TriggerAuthenticationSpec defines the various ways to authenticate
properties:
awsSecretManager:
description: AwsSecretManager is used to authenticate using AwsSecretManager
properties:
credentials:
properties:
accessKey:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
accessSecretKey:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
accessToken:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
required:
- accessKey
- accessSecretKey
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
region:
type: string
secrets:
items:
properties:
name:
type: string
parameter:
type: string
versionId:
type: string
versionStage:
type: string
required:
- name
- parameter
type: object
type: array
required:
- secrets
type: object
azureKeyVault:
description: AzureKeyVault is used to authenticate using Azure Key
Vault
properties:
cloud:
properties:
activeDirectoryEndpoint:
type: string
keyVaultResourceURL:
type: string
type:
type: string
required:
- type
type: object
credentials:
properties:
clientId:
type: string
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
tenantId:
type: string
required:
- clientId
- clientSecret
- tenantId
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secrets:
items:
properties:
name:
type: string
parameter:
type: string
version:
type: string
required:
- name
- parameter
type: object
type: array
vaultUri:
type: string
required:
- secrets
- vaultUri
type: object
configMapTargetRef:
items:
description: AuthConfigMapTargetRef is used to authenticate using
a reference to a config map
properties:
key:
type: string
name:
type: string
parameter:
type: string
required:
- key
- name
- parameter
type: object
type: array
env:
items:
description: AuthEnvironment is used to authenticate using environment
variables in the destination ScaleTarget spec
properties:
containerName:
type: string
name:
type: string
parameter:
type: string
required:
- name
- parameter
type: object
type: array
gcpSecretManager:
properties:
credentials:
properties:
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
required:
- clientSecret
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secrets:
items:
properties:
id:
type: string
parameter:
type: string
version:
type: string
required:
- id
- parameter
type: object
type: array
required:
- secrets
type: object
hashiCorpVault:
description: HashiCorpVault is used to authenticate using Hashicorp
Vault
properties:
address:
type: string
authentication:
description: VaultAuthentication contains the list of Hashicorp
Vault authentication methods
type: string
credential:
description: Credential defines the Hashicorp Vault credentials
depending on the authentication method
properties:
serviceAccount:
type: string
token:
type: string
type: object
mount:
type: string
namespace:
type: string
role:
type: string
secrets:
items:
description: VaultSecret defines the mapping between the path
of the secret in Vault to the parameter
properties:
key:
type: string
parameter:
type: string
path:
type: string
pkiData:
properties:
altNames:
type: string
commonName:
type: string
format:
type: string
ipSans:
type: string
otherSans:
type: string
ttl:
type: string
uriSans:
type: string
type: object
type:
description: VaultSecretType defines the type of vault secret
type: string
required:
- key
- parameter
- path
type: object
type: array
required:
- address
- authentication
- secrets
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform native
identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to be
used during auto discovery, keda or the scaled workload. Mutually
exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secretTargetRef:
items:
description: AuthSecretTargetRef is used to authenticate using a
reference to a secret
properties:
key:
type: string
name:
type: string
parameter:
type: string
required:
- key
- name
- parameter
type: object
type: array
type: object
status:
description: TriggerAuthenticationStatus defines the observed state of
TriggerAuthentication
properties:
scaledjobs:
type: string
scaledobjects:
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

8370
crd/keda/apiextensions.k8s.io_v1_CustomResourceDefinition_scaledjobs.keda.sh.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

398
crd/keda/apiextensions.k8s.io_v1_CustomResourceDefinition_scaledobjects.keda.sh.yaml Normal file
View File

@@ -0,0 +1,398 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: scaledobjects.keda.sh
spec:
group: keda.sh
names:
kind: ScaledObject
listKind: ScaledObjectList
plural: scaledobjects
shortNames:
- so
singular: scaledobject
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.scaleTargetKind
name: ScaleTargetKind
type: string
- jsonPath: .spec.scaleTargetRef.name
name: ScaleTargetName
type: string
- jsonPath: .spec.minReplicaCount
name: Min
type: integer
- jsonPath: .spec.maxReplicaCount
name: Max
type: integer
- jsonPath: .spec.triggers[*].type
name: Triggers
type: string
- jsonPath: .spec.triggers[*].authenticationRef.name
name: Authentication
type: string
- jsonPath: .status.conditions[?(@.type=="Ready")].status
name: Ready
type: string
- jsonPath: .status.conditions[?(@.type=="Active")].status
name: Active
type: string
- jsonPath: .status.conditions[?(@.type=="Fallback")].status
name: Fallback
type: string
- jsonPath: .status.conditions[?(@.type=="Paused")].status
name: Paused
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ScaledObject is a specification for a ScaledObject resource
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ScaledObjectSpec is the spec for a ScaledObject resource
properties:
advanced:
description: AdvancedConfig specifies advance scaling options
properties:
horizontalPodAutoscalerConfig:
description: HorizontalPodAutoscalerConfig specifies horizontal
scale config
properties:
behavior:
description: HorizontalPodAutoscalerBehavior configures the
scaling behavior of the target in both Up and Down directions
(scaleUp and scaleDown fields respectively).
properties:
scaleDown:
description: scaleDown is scaling policy for scaling Down.
If not set, the default value is to allow to scale down
to minReplicas pods, with a 300 second stabilization
window (i.e., the highest recommendation for the last
300sec is used).
properties:
policies:
description: policies is a list of potential scaling
polices which can be used during scaling. At least
one policy must be specified, otherwise the HPAScalingRules
will be discarded as invalid
items:
description: HPAScalingPolicy is a single policy
which must hold true for a specified past interval.
properties:
periodSeconds:
description: periodSeconds specifies the window
of time for which the policy should hold true.
PeriodSeconds must be greater than zero and
less than or equal to 1800 (30 min).
format: int32
type: integer
type:
description: type is used to specify the scaling
policy.
type: string
value:
description: value contains the amount of change
which is permitted by the policy. It must
be greater than zero
format: int32
type: integer
required:
- periodSeconds
- type
- value
type: object
type: array
x-kubernetes-list-type: atomic
selectPolicy:
description: selectPolicy is used to specify which
policy should be used. If not set, the default value
Max is used.
type: string
stabilizationWindowSeconds:
description: 'stabilizationWindowSeconds is the number
of seconds for which past recommendations should
be considered while scaling up or scaling down.
StabilizationWindowSeconds must be greater than
or equal to zero and less than or equal to 3600
(one hour). If not set, use the default values:
- For scale up: 0 (i.e. no stabilization is done).
- For scale down: 300 (i.e. the stabilization window
is 300 seconds long).'
format: int32
maximum: 3600
minimum: 0
type: integer
type: object
scaleUp:
description: 'scaleUp is scaling policy for scaling Up.
If not set, the default value is the higher of: * increase
no more than 4 pods per 60 seconds * double the number
of pods per 60 seconds No stabilization is used.'
properties:
policies:
description: policies is a list of potential scaling
polices which can be used during scaling. At least
one policy must be specified, otherwise the HPAScalingRules
will be discarded as invalid
items:
description: HPAScalingPolicy is a single policy
which must hold true for a specified past interval.
properties:
periodSeconds:
description: periodSeconds specifies the window
of time for which the policy should hold true.
PeriodSeconds must be greater than zero and
less than or equal to 1800 (30 min).
format: int32
type: integer
type:
description: type is used to specify the scaling
policy.
type: string
value:
description: value contains the amount of change
which is permitted by the policy. It must
be greater than zero
format: int32
type: integer
required:
- periodSeconds
- type
- value
type: object
type: array
x-kubernetes-list-type: atomic
selectPolicy:
description: selectPolicy is used to specify which
policy should be used. If not set, the default value
Max is used.
type: string
stabilizationWindowSeconds:
description: 'stabilizationWindowSeconds is the number
of seconds for which past recommendations should
be considered while scaling up or scaling down.
StabilizationWindowSeconds must be greater than
or equal to zero and less than or equal to 3600
(one hour). If not set, use the default values:
- For scale up: 0 (i.e. no stabilization is done).
- For scale down: 300 (i.e. the stabilization window
is 300 seconds long).'
format: int32
maximum: 3600
minimum: 0
type: integer
type: object
type: object
name:
type: string
type: object
restoreToOriginalReplicaCount:
type: boolean
scalingModifiers:
description: ScalingModifiers describes advanced scaling logic
options like formula
properties:
activationTarget:
type: string
formula:
type: string
metricType:
description: MetricTargetType specifies the type of metric
being targeted, and should be either "Value", "AverageValue",
or "Utilization"
type: string
target:
type: string
type: object
type: object
cooldownPeriod:
format: int32
type: integer
fallback:
description: Fallback is the spec for fallback options
properties:
failureThreshold:
format: int32
type: integer
replicas:
format: int32
type: integer
required:
- failureThreshold
- replicas
type: object
idleReplicaCount:
format: int32
type: integer
maxReplicaCount:
format: int32
type: integer
minReplicaCount:
format: int32
type: integer
pollingInterval:
format: int32
type: integer
scaleTargetRef:
description: ScaleTarget holds the reference to the scale target Object
properties:
apiVersion:
type: string
envSourceContainerName:
type: string
kind:
type: string
name:
type: string
required:
- name
type: object
triggers:
items:
description: ScaleTriggers reference the scaler that will be used
properties:
authenticationRef:
description: AuthenticationRef points to the TriggerAuthentication
or ClusterTriggerAuthentication object that is used to authenticate
the scaler with the environment
properties:
kind:
description: Kind of the resource being referred to. Defaults
to TriggerAuthentication.
type: string
name:
type: string
required:
- name
type: object
metadata:
additionalProperties:
type: string
type: object
metricType:
description: MetricTargetType specifies the type of metric being
targeted, and should be either "Value", "AverageValue", or
"Utilization"
type: string
name:
type: string
type:
type: string
useCachedMetrics:
type: boolean
required:
- metadata
- type
type: object
type: array
required:
- scaleTargetRef
- triggers
type: object
status:
description: ScaledObjectStatus is the status for a ScaledObject resource
properties:
compositeScalerName:
type: string
conditions:
description: Conditions an array representation to store multiple
Conditions
items:
description: Condition to store the condition state
properties:
message:
description: A human readable message indicating details about
the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition
type: string
required:
- status
- type
type: object
type: array
externalMetricNames:
items:
type: string
type: array
health:
additionalProperties:
description: HealthStatus is the status for a ScaledObject's health
properties:
numberOfFailures:
format: int32
type: integer
status:
description: HealthStatusType is an indication of whether the
health status is happy or failing
type: string
type: object
type: object
hpaName:
type: string
lastActiveTime:
format: date-time
type: string
originalReplicaCount:
format: int32
type: integer
pausedReplicaCount:
format: int32
type: integer
resourceMetricNames:
items:
type: string
type: array
scaleTargetGVKR:
description: GroupVersionKindResource provides unified structure for
schema.GroupVersionKind and Resource
properties:
group:
type: string
kind:
type: string
resource:
type: string
version:
type: string
required:
- group
- kind
- resource
- version
type: object
scaleTargetKind:
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

517
crd/keda/apiextensions.k8s.io_v1_CustomResourceDefinition_triggerauthentications.keda.sh.yaml Normal file
View File

@@ -0,0 +1,517 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: triggerauthentications.keda.sh
spec:
group: keda.sh
names:
kind: TriggerAuthentication
listKind: TriggerAuthenticationList
plural: triggerauthentications
shortNames:
- ta
- triggerauth
singular: triggerauthentication
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.podIdentity.provider
name: PodIdentity
type: string
- jsonPath: .spec.secretTargetRef[*].name
name: Secret
type: string
- jsonPath: .spec.env[*].name
name: Env
type: string
- jsonPath: .spec.hashiCorpVault.address
name: VaultAddress
type: string
- jsonPath: .status.scaledobjects
name: ScaledObjects
priority: 1
type: string
- jsonPath: .status.scaledjobs
name: ScaledJobs
priority: 1
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TriggerAuthentication defines how a trigger can authenticate
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TriggerAuthenticationSpec defines the various ways to authenticate
properties:
awsSecretManager:
description: AwsSecretManager is used to authenticate using AwsSecretManager
properties:
credentials:
properties:
accessKey:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
accessSecretKey:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
accessToken:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
required:
- accessKey
- accessSecretKey
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
region:
type: string
secrets:
items:
properties:
name:
type: string
parameter:
type: string
versionId:
type: string
versionStage:
type: string
required:
- name
- parameter
type: object
type: array
required:
- secrets
type: object
azureKeyVault:
description: AzureKeyVault is used to authenticate using Azure Key
Vault
properties:
cloud:
properties:
activeDirectoryEndpoint:
type: string
keyVaultResourceURL:
type: string
type:
type: string
required:
- type
type: object
credentials:
properties:
clientId:
type: string
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
tenantId:
type: string
required:
- clientId
- clientSecret
- tenantId
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secrets:
items:
properties:
name:
type: string
parameter:
type: string
version:
type: string
required:
- name
- parameter
type: object
type: array
vaultUri:
type: string
required:
- secrets
- vaultUri
type: object
configMapTargetRef:
items:
description: AuthConfigMapTargetRef is used to authenticate using
a reference to a config map
properties:
key:
type: string
name:
type: string
parameter:
type: string
required:
- key
- name
- parameter
type: object
type: array
env:
items:
description: AuthEnvironment is used to authenticate using environment
variables in the destination ScaleTarget spec
properties:
containerName:
type: string
name:
type: string
parameter:
type: string
required:
- name
- parameter
type: object
type: array
gcpSecretManager:
properties:
credentials:
properties:
clientSecret:
properties:
valueFrom:
properties:
secretKeyRef:
properties:
key:
type: string
name:
type: string
required:
- key
- name
type: object
required:
- secretKeyRef
type: object
required:
- valueFrom
type: object
required:
- clientSecret
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform
native identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to
be used during auto discovery, keda or the scaled workload.
Mutually exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secrets:
items:
properties:
id:
type: string
parameter:
type: string
version:
type: string
required:
- id
- parameter
type: object
type: array
required:
- secrets
type: object
hashiCorpVault:
description: HashiCorpVault is used to authenticate using Hashicorp
Vault
properties:
address:
type: string
authentication:
description: VaultAuthentication contains the list of Hashicorp
Vault authentication methods
type: string
credential:
description: Credential defines the Hashicorp Vault credentials
depending on the authentication method
properties:
serviceAccount:
type: string
token:
type: string
type: object
mount:
type: string
namespace:
type: string
role:
type: string
secrets:
items:
description: VaultSecret defines the mapping between the path
of the secret in Vault to the parameter
properties:
key:
type: string
parameter:
type: string
path:
type: string
pkiData:
properties:
altNames:
type: string
commonName:
type: string
format:
type: string
ipSans:
type: string
otherSans:
type: string
ttl:
type: string
uriSans:
type: string
type: object
type:
description: VaultSecretType defines the type of vault secret
type: string
required:
- key
- parameter
- path
type: object
type: array
required:
- address
- authentication
- secrets
type: object
podIdentity:
description: AuthPodIdentity allows users to select the platform native
identity mechanism
properties:
identityId:
type: string
identityOwner:
description: IdentityOwner configures which identity has to be
used during auto discovery, keda or the scaled workload. Mutually
exclusive with roleArn
enum:
- keda
- workload
type: string
provider:
description: PodIdentityProvider contains the list of providers
enum:
- azure
- azure-workload
- gcp
- aws
- aws-eks
- aws-kiam
type: string
roleArn:
description: RoleArn sets the AWS RoleArn to be used. Mutually
exclusive with IdentityOwner
type: string
required:
- provider
type: object
secretTargetRef:
items:
description: AuthSecretTargetRef is used to authenticate using a
reference to a secret
properties:
key:
type: string
name:
type: string
parameter:
type: string
required:
- key
- name
- parameter
type: object
type: array
type: object
status:
description: TriggerAuthenticationStatus defines the observed state of
TriggerAuthentication
properties:
scaledjobs:
type: string
scaledobjects:
type: string
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}

17
crd/keda/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

36
crd/keda/index.rhai Normal file
View File

@@ -0,0 +1,36 @@
const VERSION="2.13.1";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const sourcesDir=`https://github.com/kedacore/keda/releases/download/v${VERSION}`;
const sources=[
`keda-${VERSION}-crds.yaml`
];
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_cloudeventsources.eventing.keda.sh.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_clustertriggerauthentications.keda.sh.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_scaledjobs.keda.sh.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_scaledobjects.keda.sh.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_triggerauthentications.keda.sh.yaml",
];
fn pre_pack() {
for file in global::sources {
shell(`curl -sL ${global::sourcesDir}/${file} > ${global::SRC}/keda-crds.yaml`);
}
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/keda/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: keda
description: CRD for KEDA
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

112
crd/minio/apiextensions.k8s.io_v1_CustomResourceDefinition_miniojobs.job.min.io.yaml Normal file
View File

@@ -0,0 +1,112 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: miniojobs.job.min.io
spec:
group: job.min.io
names:
kind: MinIOJob
listKind: MinIOJobList
plural: miniojobs
shortNames:
- miniojob
singular: miniojob
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.tenant.name
name: Tenant
type: string
- jsonPath: .spec.status.phase
name: Phase
type: string
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
properties:
commands:
items:
properties:
args:
additionalProperties:
type: string
type: object
dependsOn:
items:
type: string
type: array
name:
type: string
op:
type: string
required:
- op
type: object
type: array
execution:
default: parallel
enum:
- parallel
- sequential
type: string
failureStrategy:
default: continueOnFailure
enum:
- continueOnFailure
- stopOnFailure
type: string
mcImage:
default: minio/mc:latest
type: string
serviceAccountName:
type: string
tenant:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
required:
- commands
- serviceAccountName
- tenant
type: object
status:
properties:
commands:
items:
properties:
message:
type: string
name:
type: string
result:
type: string
required:
- result
type: object
type: array
message:
type: string
phase:
type: string
type: object
type: object
served: true
storage: true
subresources:
status: {}

74
crd/minio/apiextensions.k8s.io_v1_CustomResourceDefinition_policybindings.sts.min.io.yaml Normal file
View File

@@ -0,0 +1,74 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
name: policybindings.sts.min.io
spec:
group: sts.min.io
names:
kind: PolicyBinding
listKind: PolicyBindingList
plural: policybindings
shortNames:
- policybinding
singular: policybinding
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.currentState
name: State
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
type: string
kind:
type: string
metadata:
type: object
spec:
properties:
application:
properties:
namespace:
type: string
serviceaccount:
type: string
required:
- namespace
- serviceaccount
type: object
policies:
items:
type: string
type: array
required:
- application
- policies
type: object
status:
properties:
currentState:
type: string
usage:
nullable: true
properties:
authotizations:
format: int64
type: integer
type: object
required:
- currentState
- usage
type: object
type: object
served: true
storage: true
subresources:
status: {}

5259
crd/minio/apiextensions.k8s.io_v1_CustomResourceDefinition_tenants.minio.min.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17
crd/minio/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

29
crd/minio/index.rhai Normal file
View File

@@ -0,0 +1,29 @@
const VERSION="5.0.14";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_miniojobs.job.min.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_policybindings.sts.min.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_tenants.minio.min.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}
fn pre_pack() {
shell(`kubectl kustomize https://github.com/minio/operator//resources/base/crds/?ref=v${global::VERSION} > ${global::SRC}/otel.yaml`);
}

21
crd/minio/index.yaml Normal file
View File

@@ -0,0 +1,21 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: minio
description: CRD for minio
options:
release:
default: 8.2.0-2.1.1
examples:
- 8.2.0-2.1.1
type: string
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

737
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_catalogsources.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,737 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: catalogsources.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: CatalogSource
listKind: CatalogSourceList
plural: catalogsources
shortNames:
- catsrc
singular: catalogsource
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The pretty name of the catalog
jsonPath: .spec.displayName
name: Display
type: string
- description: The type of the catalog
jsonPath: .spec.sourceType
name: Type
type: string
- description: The publisher of the catalog
jsonPath: .spec.publisher
name: Publisher
type: string
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: CatalogSource is a repository of CSVs, CRDs, and operator packages.
type: object
required:
- metadata
- spec
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
type: object
required:
- sourceType
properties:
address:
description: 'Address is a host that OLM can use to connect to a pre-existing registry. Format: <registry-host or ip>:<port> Only used when SourceType = SourceTypeGrpc. Ignored when the Image field is set.'
type: string
configMap:
description: ConfigMap is the name of the ConfigMap to be used to back a configmap-server registry. Only used when SourceType = SourceTypeConfigmap or SourceTypeInternal.
type: string
description:
type: string
displayName:
description: Metadata
type: string
grpcPodConfig:
description: GrpcPodConfig exposes different overrides for the pod spec of the CatalogSource Pod. Only used when SourceType = SourceTypeGrpc and Image is set.
type: object
properties:
affinity:
description: Affinity is the catalog source's pod's affinity.
type: object
properties:
nodeAffinity:
description: Describes node affinity scheduling rules for the pod.
type: object
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred.
type: array
items:
description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op).
type: object
required:
- preference
- weight
properties:
preference:
description: A node selector term, associated with the corresponding weight.
type: object
properties:
matchExpressions:
description: A list of node selector requirements by node's labels.
type: array
items:
description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: The label key that the selector applies to.
type: string
operator:
description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchFields:
description: A list of node selector requirements by node's fields.
type: array
items:
description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: The label key that the selector applies to.
type: string
operator:
description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
type: array
items:
type: string
weight:
description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100.
type: integer
format: int32
requiredDuringSchedulingIgnoredDuringExecution:
description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node.
type: object
required:
- nodeSelectorTerms
properties:
nodeSelectorTerms:
description: Required. A list of node selector terms. The terms are ORed.
type: array
items:
description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm.
type: object
properties:
matchExpressions:
description: A list of node selector requirements by node's labels.
type: array
items:
description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: The label key that the selector applies to.
type: string
operator:
description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchFields:
description: A list of node selector requirements by node's fields.
type: array
items:
description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: The label key that the selector applies to.
type: string
operator:
description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt.
type: string
values:
description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch.
type: array
items:
type: string
podAffinity:
description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)).
type: object
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
type: array
items:
description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
type: object
required:
- podAffinityTerm
- weight
properties:
podAffinityTerm:
description: Required. A pod affinity term, associated with the corresponding weight.
type: object
required:
- topologyKey
properties:
labelSelector:
description: A label query over a set of resources, in this case pods.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
type: array
items:
type: string
topologyKey:
description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
type: string
weight:
description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
type: integer
format: int32
requiredDuringSchedulingIgnoredDuringExecution:
description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
type: array
items:
description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
type: object
required:
- topologyKey
properties:
labelSelector:
description: A label query over a set of resources, in this case pods.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
type: array
items:
type: string
topologyKey:
description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
type: string
podAntiAffinity:
description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)).
type: object
properties:
preferredDuringSchedulingIgnoredDuringExecution:
description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred.
type: array
items:
description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)
type: object
required:
- podAffinityTerm
- weight
properties:
podAffinityTerm:
description: Required. A pod affinity term, associated with the corresponding weight.
type: object
required:
- topologyKey
properties:
labelSelector:
description: A label query over a set of resources, in this case pods.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
type: array
items:
type: string
topologyKey:
description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
type: string
weight:
description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100.
type: integer
format: int32
requiredDuringSchedulingIgnoredDuringExecution:
description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied.
type: array
items:
description: Defines a set of pods (namely those matching the labelSelector relative to the given namespace(s)) that this pod should be co-located (affinity) or not co-located (anti-affinity) with, where co-located is defined as running on a node whose value of the label with key <topologyKey> matches that of any node on which a pod of the set of pods is running
type: object
required:
- topologyKey
properties:
labelSelector:
description: A label query over a set of resources, in this case pods.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaceSelector:
description: A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means "this pod's namespace". An empty selector ({}) matches all namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
namespaces:
description: namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means "this pod's namespace".
type: array
items:
type: string
topologyKey:
description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed.
type: string
extractContent:
description: ExtractContent configures the gRPC catalog Pod to extract catalog metadata from the provided index image and use a well-known version of the `opm` server to expose it. The catalog index image that this CatalogSource is configured to use *must* be using the file-based catalogs in order to utilize this feature.
type: object
required:
- cacheDir
- catalogDir
properties:
cacheDir:
description: CacheDir is the directory storing the pre-calculated API cache.
type: string
catalogDir:
description: CatalogDir is the directory storing the file-based catalog contents.
type: string
memoryTarget:
description: "MemoryTarget configures the $GOMEMLIMIT value for the gRPC catalog Pod. This is a soft memory limit for the server, which the runtime will attempt to meet but makes no guarantees that it will do so. If this value is set, the Pod will have the following modifications made to the container running the server: - the $GOMEMLIMIT environment variable will be set to this value in bytes - the memory request will be set to this value \n This field should be set if it's desired to reduce the footprint of a catalog server as much as possible, or if a catalog being served is very large and needs more than the default allocation. If your index image has a file- system cache, determine a good approximation for this value by doubling the size of the package cache at /tmp/cache/cache/packages.json in the index image. \n This field is best-effort; if unset, no default will be used and no Pod memory limit or $GOMEMLIMIT value will be set."
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
anyOf:
- type: integer
- type: string
x-kubernetes-int-or-string: true
nodeSelector:
description: NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node.
type: object
additionalProperties:
type: string
priorityClassName:
description: If specified, indicates the pod's priority. If not specified, the pod priority will be default or zero if there is no default.
type: string
securityContextConfig:
description: "SecurityContextConfig can be one of `legacy` or `restricted`. The CatalogSource's pod is either injected with the right pod.spec.securityContext and pod.spec.container[*].securityContext values to allow the pod to run in Pod Security Admission (PSA) `restricted` mode, or doesn't set these values at all, in which case the pod can only be run in PSA `baseline` or `privileged` namespaces. Currently if the SecurityContextConfig is unspecified, the default value of `legacy` is used. Specifying a value other than `legacy` or `restricted` result in a validation error. When using older catalog images, which could not be run in `restricted` mode, the SecurityContextConfig should be set to `legacy`. \n In a future version will the default will be set to `restricted`, catalog maintainers should rebuild their catalogs with a version of opm that supports running catalogSource pods in `restricted` mode to prepare for these changes. \n More information about PSA can be found here: https://kubernetes.io/docs/concepts/security/pod-security-admission/'"
type: string
default: legacy
enum:
- legacy
- restricted
tolerations:
description: Tolerations are the catalog source's pod's tolerations.
type: array
items:
description: The pod this Toleration is attached to tolerates any taint that matches the triple <key,value,effect> using the matching operator <operator>.
type: object
properties:
effect:
description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute.
type: string
key:
description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys.
type: string
operator:
description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category.
type: string
tolerationSeconds:
description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system.
type: integer
format: int64
value:
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
type: string
icon:
type: object
required:
- base64data
- mediatype
properties:
base64data:
type: string
mediatype:
type: string
image:
description: Image is an operator-registry container image to instantiate a registry-server with. Only used when SourceType = SourceTypeGrpc. If present, the address field is ignored.
type: string
priority:
description: 'Priority field assigns a weight to the catalog source to prioritize them so that it can be consumed by the dependency resolver. Usage: Higher weight indicates that this catalog source is preferred over lower weighted catalog sources during dependency resolution. The range of the priority value can go from positive to negative in the range of int32. The default value to a catalog source with unassigned priority would be 0. The catalog source with the same priority values will be ranked lexicographically based on its name.'
type: integer
publisher:
type: string
secrets:
description: Secrets represent set of secrets that can be used to access the contents of the catalog. It is best to keep this list small, since each will need to be tried for every catalog entry.
type: array
items:
type: string
sourceType:
description: SourceType is the type of source
type: string
updateStrategy:
description: UpdateStrategy defines how updated catalog source images can be discovered Consists of an interval that defines polling duration and an embedded strategy type
type: object
properties:
registryPoll:
type: object
properties:
interval:
description: Interval is used to determine the time interval between checks of the latest catalog source version. The catalog operator polls to see if a new version of the catalog source is available. If available, the latest image is pulled and gRPC traffic is directed to the latest catalog source.
type: string
status:
type: object
properties:
conditions:
description: Represents the state of a CatalogSource. Note that Message and Reason represent the original status information, which may be migrated to be conditions based in the future. Any new features introduced will use conditions.
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
x-kubernetes-list-map-keys:
- type
x-kubernetes-list-type: map
configMapReference:
type: object
required:
- name
- namespace
properties:
lastUpdateTime:
type: string
format: date-time
name:
type: string
namespace:
type: string
resourceVersion:
type: string
uid:
description: UID is a type that holds unique ID values, including UUIDs. Because we don't ONLY use UUIDs, this is an alias to string. Being a type captures intent and helps make sure that UIDs and names do not get conflated.
type: string
connectionState:
type: object
required:
- lastObservedState
properties:
address:
type: string
lastConnect:
type: string
format: date-time
lastObservedState:
type: string
latestImageRegistryPoll:
description: The last time the CatalogSource image registry has been polled to ensure the image is up-to-date
type: string
format: date-time
message:
description: A human readable message indicating details about why the CatalogSource is in this condition.
type: string
reason:
description: Reason is the reason the CatalogSource was transitioned to its current state.
type: string
registryService:
type: object
properties:
createdAt:
type: string
format: date-time
port:
type: string
protocol:
type: string
serviceName:
type: string
serviceNamespace:
type: string
served: true
storage: true
subresources:
status: {}

5357
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_clusterserviceversions.operators.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

264
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_installplans.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,264 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: installplans.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: InstallPlan
listKind: InstallPlanList
plural: installplans
shortNames:
- ip
singular: installplan
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: The first CSV in the list of clusterServiceVersionNames
jsonPath: .spec.clusterServiceVersionNames[0]
name: CSV
type: string
- description: The approval mode
jsonPath: .spec.approval
name: Approval
type: string
- jsonPath: .spec.approved
name: Approved
type: boolean
name: v1alpha1
schema:
openAPIV3Schema:
description: InstallPlan defines the installation of a set of operators.
type: object
required:
- metadata
- spec
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: InstallPlanSpec defines a set of Application resources to be installed
type: object
required:
- approval
- approved
- clusterServiceVersionNames
properties:
approval:
description: Approval is the user approval policy for an InstallPlan. It must be one of "Automatic" or "Manual".
type: string
approved:
type: boolean
clusterServiceVersionNames:
type: array
items:
type: string
generation:
type: integer
source:
type: string
sourceNamespace:
type: string
status:
description: "InstallPlanStatus represents the information about the status of steps required to complete installation. \n Status may trail the actual state of a system."
type: object
required:
- catalogSources
- phase
properties:
attenuatedServiceAccountRef:
description: AttenuatedServiceAccountRef references the service account that is used to do scoped operator install.
type: object
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
bundleLookups:
description: BundleLookups is the set of in-progress requests to pull and unpackage bundle content to the cluster.
type: array
items:
description: BundleLookup is a request to pull and unpackage the content of a bundle to the cluster.
type: object
required:
- catalogSourceRef
- identifier
- path
- replaces
properties:
catalogSourceRef:
description: CatalogSourceRef is a reference to the CatalogSource the bundle path was resolved from.
type: object
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
conditions:
description: Conditions represents the overall state of a BundleLookup.
type: array
items:
type: object
required:
- status
- type
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status to another.
type: string
format: date-time
lastUpdateTime:
description: Last time the condition was probed.
type: string
format: date-time
message:
description: A human readable message indicating details about the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition.
type: string
identifier:
description: Identifier is the catalog-unique name of the operator (the name of the CSV for bundles that contain CSVs)
type: string
path:
description: Path refers to the location of a bundle to pull. It's typically an image reference.
type: string
properties:
description: The effective properties of the unpacked bundle.
type: string
replaces:
description: Replaces is the name of the bundle to replace with the one found at Path.
type: string
catalogSources:
type: array
items:
type: string
conditions:
type: array
items:
description: InstallPlanCondition represents the overall status of the execution of an InstallPlan.
type: object
properties:
lastTransitionTime:
type: string
format: date-time
lastUpdateTime:
type: string
format: date-time
message:
type: string
reason:
description: ConditionReason is a camelcased reason for the state transition.
type: string
status:
type: string
type:
description: InstallPlanConditionType describes the state of an InstallPlan at a certain point as a whole.
type: string
message:
description: Message is a human-readable message containing detailed information that may be important to understanding why the plan has its current status.
type: string
phase:
description: InstallPlanPhase is the current status of a InstallPlan as a whole.
type: string
plan:
type: array
items:
description: Step represents the status of an individual step in an InstallPlan.
type: object
required:
- resolving
- resource
- status
properties:
optional:
type: boolean
resolving:
type: string
resource:
description: StepResource represents the status of a resource to be tracked by an InstallPlan.
type: object
required:
- group
- kind
- name
- sourceName
- sourceNamespace
- version
properties:
group:
type: string
kind:
type: string
manifest:
type: string
name:
type: string
sourceName:
type: string
sourceNamespace:
type: string
version:
type: string
status:
description: StepStatus is the current status of a particular resource an in InstallPlan
type: string
startTime:
description: StartTime is the time when the controller began applying the resources listed in the plan to the cluster.
type: string
format: date-time
served: true
storage: true
subresources:
status: {}

100
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_olmconfigs.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,100 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: olmconfigs.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: OLMConfig
listKind: OLMConfigList
plural: olmconfigs
singular: olmconfig
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: OLMConfig is a resource responsible for configuring OLM.
type: object
required:
- metadata
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OLMConfigSpec is the spec for an OLMConfig resource.
type: object
properties:
features:
description: Features contains the list of configurable OLM features.
type: object
properties:
disableCopiedCSVs:
description: DisableCopiedCSVs is used to disable OLM's "Copied CSV" feature for operators installed at the cluster scope, where a cluster scoped operator is one that has been installed in an OperatorGroup that targets all namespaces. When reenabled, OLM will recreate the "Copied CSVs" for each cluster scoped operator.
type: boolean
packageServerSyncInterval:
description: PackageServerSyncInterval is used to define the sync interval for packagerserver pods. Packageserver pods periodically check the status of CatalogSources; this specifies the period using duration format (e.g. "60m"). For this parameter, only hours ("h"), minutes ("m"), and seconds ("s") may be specified. When not specified, the period defaults to the value specified within the packageserver.
type: string
pattern: ^([0-9]+(\.[0-9]+)?(s|m|h))+$
status:
description: OLMConfigStatus is the status for an OLMConfig resource.
type: object
properties:
conditions:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
served: true
storage: true
subresources:
status: {}

305
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_operatorconditions.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,305 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: operatorconditions.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: OperatorCondition
listKind: OperatorConditionList
plural: operatorconditions
shortNames:
- condition
singular: operatorcondition
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: OperatorCondition is a Custom Resource of type `OperatorCondition` which is used to convey information to OLM about the state of an operator.
type: object
required:
- metadata
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OperatorConditionSpec allows a cluster admin to convey information about the state of an operator to OLM, potentially overriding state reported by the operator.
type: object
properties:
deployments:
type: array
items:
type: string
overrides:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
serviceAccounts:
type: array
items:
type: string
status:
description: OperatorConditionStatus allows an operator to convey information its state to OLM. The status may trail the actual state of a system.
type: object
properties:
conditions:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
served: true
storage: false
subresources:
status: {}
- name: v2
schema:
openAPIV3Schema:
description: OperatorCondition is a Custom Resource of type `OperatorCondition` which is used to convey information to OLM about the state of an operator.
type: object
required:
- metadata
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OperatorConditionSpec allows an operator to report state to OLM and provides cluster admin with the ability to manually override state reported by the operator.
type: object
properties:
conditions:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
deployments:
type: array
items:
type: string
overrides:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
serviceAccounts:
type: array
items:
type: string
status:
description: OperatorConditionStatus allows OLM to convey which conditions have been observed.
type: object
properties:
conditions:
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
served: true
storage: true
subresources:
status: {}

285
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_operatorgroups.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,285 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: operatorgroups.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: OperatorGroup
listKind: OperatorGroupList
plural: operatorgroups
shortNames:
- og
singular: operatorgroup
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: OperatorGroup is the unit of multitenancy for OLM managed operators. It constrains the installation of operators in its namespace to a specified set of target namespaces.
type: object
required:
- metadata
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OperatorGroupSpec is the spec for an OperatorGroup resource.
type: object
default:
upgradeStrategy: Default
properties:
selector:
description: Selector selects the OperatorGroup's target namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
serviceAccountName:
description: ServiceAccountName is the admin specified service account which will be used to deploy operator(s) in this operator group.
type: string
staticProvidedAPIs:
description: Static tells OLM not to update the OperatorGroup's providedAPIs annotation
type: boolean
targetNamespaces:
description: TargetNamespaces is an explicit set of namespaces to target. If it is set, Selector is ignored.
type: array
items:
type: string
x-kubernetes-list-type: set
upgradeStrategy:
description: "UpgradeStrategy defines the upgrade strategy for operators in the namespace. There are currently two supported upgrade strategies: \n Default: OLM will only allow clusterServiceVersions to move to the replacing phase from the succeeded phase. This effectively means that OLM will not allow operators to move to the next version if an installation or upgrade has failed. \n TechPreviewUnsafeFailForward: OLM will allow clusterServiceVersions to move to the replacing phase from the succeeded phase or from the failed phase. Additionally, OLM will generate new installPlans when a subscription references a failed installPlan and the catalog has been updated with a new upgrade for the existing set of operators. \n WARNING: The TechPreviewUnsafeFailForward upgrade strategy is unsafe and may result in unexpected behavior or unrecoverable data loss unless you have deep understanding of the set of operators being managed in the namespace."
type: string
default: Default
enum:
- Default
- TechPreviewUnsafeFailForward
status:
description: OperatorGroupStatus is the status for an OperatorGroupResource.
type: object
required:
- lastUpdated
properties:
conditions:
description: Conditions is an array of the OperatorGroup's conditions.
type: array
items:
description: "Condition contains details for one aspect of the current state of this API Resource. --- This struct is intended for direct use as an array at the field path .status.conditions. For example, \n type FooStatus struct{ // Represents the observations of a foo's current state. // Known .status.conditions.type are: \"Available\", \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge // +listType=map // +listMapKey=type Conditions []metav1.Condition `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"` \n // other fields }"
type: object
required:
- lastTransitionTime
- message
- reason
- status
- type
properties:
lastTransitionTime:
description: lastTransitionTime is the last time the condition transitioned from one status to another. This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
type: string
format: date-time
message:
description: message is a human readable message indicating details about the transition. This may be an empty string.
type: string
maxLength: 32768
observedGeneration:
description: observedGeneration represents the .metadata.generation that the condition was set based upon. For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date with respect to the current state of the instance.
type: integer
format: int64
minimum: 0
reason:
description: reason contains a programmatic identifier indicating the reason for the condition's last transition. Producers of specific condition types may define expected values and meanings for this field, and whether the values are considered a guaranteed API. The value should be a CamelCase string. This field may not be empty.
type: string
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
status:
description: status of the condition, one of True, False, Unknown.
type: string
enum:
- "True"
- "False"
- Unknown
type:
description: type of condition in CamelCase or in foo.example.com/CamelCase. --- Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be useful (see .node.status.conditions), the ability to deconflict is important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
type: string
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
lastUpdated:
description: LastUpdated is a timestamp of the last time the OperatorGroup's status was Updated.
type: string
format: date-time
namespaces:
description: Namespaces is the set of target namespaces for the OperatorGroup.
type: array
items:
type: string
x-kubernetes-list-type: set
serviceAccountRef:
description: ServiceAccountRef references the service account object specified.
type: object
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
served: true
storage: true
subresources:
status: {}
- name: v1alpha2
schema:
openAPIV3Schema:
description: OperatorGroup is the unit of multitenancy for OLM managed operators. It constrains the installation of operators in its namespace to a specified set of target namespaces.
type: object
required:
- metadata
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OperatorGroupSpec is the spec for an OperatorGroup resource.
type: object
properties:
selector:
description: Selector selects the OperatorGroup's target namespaces.
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
serviceAccountName:
description: ServiceAccountName is the admin specified service account which will be used to deploy operator(s) in this operator group.
type: string
staticProvidedAPIs:
description: Static tells OLM not to update the OperatorGroup's providedAPIs annotation
type: boolean
targetNamespaces:
description: TargetNamespaces is an explicit set of namespaces to target. If it is set, Selector is ignored.
type: array
items:
type: string
status:
description: OperatorGroupStatus is the status for an OperatorGroupResource.
type: object
required:
- lastUpdated
properties:
lastUpdated:
description: LastUpdated is a timestamp of the last time the OperatorGroup's status was Updated.
type: string
format: date-time
namespaces:
description: Namespaces is the set of target namespaces for the OperatorGroup.
type: array
items:
type: string
serviceAccountRef:
description: ServiceAccountRef references the service account object specified.
type: object
properties:
apiVersion:
description: API version of the referent.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
served: true
storage: false
subresources:
status: {}

137
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_operators.operators.coreos.com.yaml Normal file
View File

@@ -0,0 +1,137 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.9.0
creationTimestamp: null
name: operators.operators.coreos.com
spec:
group: operators.coreos.com
names:
categories:
- olm
kind: Operator
listKind: OperatorList
plural: operators
singular: operator
scope: Cluster
versions:
- name: v1
schema:
openAPIV3Schema:
description: Operator represents a cluster operator.
type: object
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OperatorSpec defines the desired state of Operator
type: object
status:
description: OperatorStatus defines the observed state of an Operator and its components
type: object
properties:
components:
description: Components describes resources that compose the operator.
type: object
required:
- labelSelector
properties:
labelSelector:
description: LabelSelector is a label query over a set of resources used to select the operator's components
type: object
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements. The requirements are ANDed.
type: array
items:
description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values.
type: object
required:
- key
- operator
properties:
key:
description: key is the label key that the selector applies to.
type: string
operator:
description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
type: array
items:
type: string
matchLabels:
description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
additionalProperties:
type: string
refs:
description: Refs are a set of references to the operator's component resources, selected with LabelSelector.
type: array
items:
description: RichReference is a reference to a resource, enriched with its status conditions.
type: object
properties:
apiVersion:
description: API version of the referent.
type: string
conditions:
description: Conditions represents the latest state of the component.
type: array
items:
description: Condition represent the latest available observations of an component's state.
type: object
required:
- status
- type
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status to another.
type: string
format: date-time
lastUpdateTime:
description: Last time the condition was probed
type: string
format: date-time
message:
description: A human readable message indicating details about the transition.
type: string
reason:
description: The reason for the condition's last transition.
type: string
status:
description: Status of the condition, one of True, False, Unknown.
type: string
type:
description: Type of condition.
type: string
fieldPath:
description: 'If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: "spec.containers{name}" (where "name" refers to the name of the container that triggered the event) or if no container name is specified "spec.containers[2]" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.'
type: string
kind:
description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
resourceVersion:
description: 'Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency'
type: string
uid:
description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids'
type: string
served: true
storage: true
subresources:
status: {}

1853
crd/olm/apiextensions.k8s.io_v1_CustomResourceDefinition_subscriptions.operators.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17
crd/olm/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

39
crd/olm/index.rhai Normal file
View File

@@ -0,0 +1,39 @@
const VERSION="0.27.0";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const sourcesDir=`https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v${VERSION}`;
const sources=[
"crds.yaml"
];
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_catalogsources.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_clusterserviceversions.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_installplans.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_olmconfigs.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_operatorconditions.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_operatorgroups.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_operators.operators.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_subscriptions.operators.coreos.com.yaml",
];
fn pre_pack() {
for file in global::sources {
shell(`curl -sL ${global::sourcesDir}/${file} > ${global::SRC}/${file}`);
}
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/olm/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: olm
description: CRD for Operator Lifecycle Manager
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

1626
crd/opentelemetry/apiextensions.k8s.io_v1_CustomResourceDefinition_instrumentations.opentelemetry.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

2949
crd/opentelemetry/apiextensions.k8s.io_v1_CustomResourceDefinition_opampbridges.opentelemetry.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

7692
crd/opentelemetry/apiextensions.k8s.io_v1_CustomResourceDefinition_opentelemetrycollectors.opentelemetry.io.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17
crd/opentelemetry/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

29
crd/opentelemetry/index.rhai Normal file
View File

@@ -0,0 +1,29 @@
const VERSION="0.93.0";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_instrumentations.opentelemetry.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_opampbridges.opentelemetry.io.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_opentelemetrycollectors.opentelemetry.io.yaml",
];
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}
fn pre_pack() {
shell(`kubectl kustomize https://github.com/open-telemetry/opentelemetry-operator//config/crd/?ref=v${global::VERSION} > ${global::SRC}/otel.yaml`);
}

16
crd/opentelemetry/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: opentelemetry
description: CRD for the OTEL operator
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

5721
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_alertmanagerconfigs.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

7427
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_alertmanagers.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

719
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_podmonitors.monitoring.coreos.com.yaml Normal file
View File

@@ -0,0 +1,719 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.71.0
name: podmonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: PodMonitor
listKind: PodMonitorList
plural: podmonitors
shortNames:
- pmon
singular: podmonitor
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: PodMonitor defines monitoring for a set of pods.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Pod selection for target discovery
by Prometheus.
properties:
attachMetadata:
description: "`attachMetadata` defines additional metadata which is
added to the discovered targets. \n It requires Prometheus >= v2.37.0."
properties:
node:
description: When set to true, Prometheus must have the `get`
permission on the `Nodes` objects.
type: boolean
type: object
jobLabel:
description: "The label to use to retrieve the job name from. `jobLabel`
selects the label from the associated Kubernetes `Pod` object which
will be used as the `job` label for all metrics. \n For example
if `jobLabel` is set to `foo` and the Kubernetes `Pod` object is
labeled with `foo: bar`, then Prometheus adds the `job=\"bar\"`
label to all ingested metrics. \n If the value of this field is
empty, the `job` label of the metrics defaults to the namespace
and name of the PodMonitor object (e.g. `<namespace>/<name>`)."
type: string
keepDroppedTargets:
description: "Per-scrape limit on the number of targets dropped by
relabeling that will be kept in memory. 0 means no limit. \n It
requires Prometheus >= v2.47.0."
format: int64
type: integer
labelLimit:
description: "Per-scrape limit on number of labels that will be accepted
for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
labelNameLengthLimit:
description: "Per-scrape limit on length of labels name that will
be accepted for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
labelValueLengthLimit:
description: "Per-scrape limit on length of labels value that will
be accepted for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
namespaceSelector:
description: Selector to select which namespaces the Kubernetes `Pods`
objects are discovered from.
properties:
any:
description: Boolean describing whether all namespaces are selected
in contrast to a list restricting them.
type: boolean
matchNames:
description: List of namespace names to select from.
items:
type: string
type: array
type: object
podMetricsEndpoints:
description: List of endpoints part of this PodMonitor.
items:
description: PodMetricsEndpoint defines an endpoint serving Prometheus
metrics to be scraped by Prometheus.
properties:
authorization:
description: "`authorization` configures the Authorization header
credentials to use when scraping the target. \n Cannot be
set at the same time as `basicAuth`, or `oauth2`."
properties:
credentials:
description: Selects a key of a Secret in the namespace
that contains the credentials for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: "Defines the authentication type. The value
is case-insensitive. \n \"Basic\" is not a supported value.
\n Default: \"Bearer\""
type: string
type: object
basicAuth:
description: "`basicAuth` configures the Basic Authentication
credentials to use when scraping the target. \n Cannot be
set at the same time as `authorization`, or `oauth2`."
properties:
password:
description: '`password` specifies a key of a Secret containing
the password for authentication.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: '`username` specifies a key of a Secret containing
the username for authentication.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
bearerTokenSecret:
description: "`bearerTokenSecret` specifies a key of a Secret
containing the bearer token for scraping targets. The secret
needs to be in the same namespace as the PodMonitor object
and readable by the Prometheus Operator. \n Deprecated: use
`authorization` instead."
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
enableHttp2:
description: '`enableHttp2` can be used to disable HTTP2 when
scraping the target.'
type: boolean
filterRunning:
description: "When true, the pods which are not running (e.g.
either in Failed or Succeeded state) are dropped during the
target discovery. \n If unset, the filtering is enabled. \n
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase"
type: boolean
followRedirects:
description: '`followRedirects` defines whether the scrape requests
should follow HTTP 3xx redirects.'
type: boolean
honorLabels:
description: When true, `honorLabels` preserves the metric's
labels when they collide with the target's labels.
type: boolean
honorTimestamps:
description: '`honorTimestamps` controls whether Prometheus
preserves the timestamps when exposed by the target.'
type: boolean
interval:
description: "Interval at which Prometheus scrapes the metrics
from the target. \n If empty, Prometheus uses the global scrape
interval."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
metricRelabelings:
description: '`metricRelabelings` configures the relabeling
rules to apply to the samples before ingestion.'
items:
description: "RelabelConfig allows dynamic rewriting of the
label set for targets, alerts, scraped samples and remote
write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label name
which may only contain ASCII letters, numbers, as
well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is written
in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
oauth2:
description: "`oauth2` configures the OAuth2 settings to use
when scraping the target. \n It requires Prometheus >= 2.27.0.
\n Cannot be set at the same time as `authorization`, or `basicAuth`."
properties:
clientId:
description: '`clientId` specifies a key of a Secret or
ConfigMap containing the OAuth2 client''s ID.'
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
clientSecret:
description: '`clientSecret` specifies a key of a Secret
containing the OAuth2 client''s secret.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
endpointParams:
additionalProperties:
type: string
description: '`endpointParams` configures the HTTP parameters
to append to the token URL.'
type: object
scopes:
description: '`scopes` defines the OAuth2 scopes used for
the token request.'
items:
type: string
type: array
tokenUrl:
description: '`tokenURL` configures the URL to fetch the
token from.'
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
params:
additionalProperties:
items:
type: string
type: array
description: '`params` define optional HTTP URL parameters.'
type: object
path:
description: "HTTP path from which to scrape for metrics. \n
If empty, Prometheus uses the default value (e.g. `/metrics`)."
type: string
port:
description: "Name of the Pod port which this endpoint refers
to. \n It takes precedence over `targetPort`."
type: string
proxyUrl:
description: '`proxyURL` configures the HTTP Proxy URL (e.g.
"http://proxyserver:2195") to go through when scraping the
target.'
type: string
relabelings:
description: "`relabelings` configures the relabeling rules
to apply the target's metadata labels. \n The Operator automatically
adds relabelings for a few standard Kubernetes fields. \n
The original scrape job's name is available via the `__tmp_prometheus_job_name`
label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
items:
description: "RelabelConfig allows dynamic rewriting of the
label set for targets, alerts, scraped samples and remote
write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label name
which may only contain ASCII letters, numbers, as
well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is written
in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
scheme:
description: "HTTP scheme to use for scraping. \n `http` and
`https` are the expected values unless you rewrite the `__scheme__`
label via relabeling. \n If empty, Prometheus uses the default
value `http`."
enum:
- http
- https
type: string
scrapeTimeout:
description: "Timeout after which Prometheus considers the scrape
to be failed. \n If empty, Prometheus uses the global scrape
timeout unless it is less than the target's scrape interval
value in which the latter is used."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetPort:
anyOf:
- type: integer
- type: string
description: "Name or number of the target port of the `Pod`
object behind the Service, the port must be specified with
container port property. \n Deprecated: use 'port' instead."
x-kubernetes-int-or-string: true
tlsConfig:
description: TLS configuration to use when scraping the target.
properties:
ca:
description: Certificate authority used when verifying server
certificates.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
cert:
description: Client certificate to present when doing client-authentication.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for the
targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
trackTimestampsStaleness:
description: "`trackTimestampsStaleness` defines whether Prometheus
tracks staleness of the metrics that have an explicit timestamp
present in scraped data. Has no effect if `honorTimestamps`
is false. \n It requires Prometheus >= v2.48.0."
type: boolean
type: object
type: array
podTargetLabels:
description: '`podTargetLabels` defines the labels which are transferred
from the associated Kubernetes `Pod` object onto the ingested metrics.'
items:
type: string
type: array
sampleLimit:
description: '`sampleLimit` defines a per-scrape limit on the number
of scraped samples that will be accepted.'
format: int64
type: integer
selector:
description: Label selector to select the Kubernetes `Pod` objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
targetLimit:
description: '`targetLimit` defines a limit on the number of scraped
targets that will be accepted.'
format: int64
type: integer
required:
- selector
type: object
required:
- spec
type: object
served: true
storage: true

736
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_probes.monitoring.coreos.com.yaml Normal file
View File

@@ -0,0 +1,736 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.71.0
name: probes.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: Probe
listKind: ProbeList
plural: probes
shortNames:
- prb
singular: probe
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: Probe defines monitoring for a set of static targets or ingresses.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Ingress selection for target discovery
by Prometheus.
properties:
authorization:
description: Authorization section for this endpoint
properties:
credentials:
description: Selects a key of a Secret in the namespace that contains
the credentials for authentication.
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: "Defines the authentication type. The value is case-insensitive.
\n \"Basic\" is not a supported value. \n Default: \"Bearer\""
type: string
type: object
basicAuth:
description: 'BasicAuth allow an endpoint to authenticate over basic
authentication. More info: https://prometheus.io/docs/operating/configuration/#endpoint'
properties:
password:
description: '`password` specifies a key of a Secret containing
the password for authentication.'
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: '`username` specifies a key of a Secret containing
the username for authentication.'
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
bearerTokenSecret:
description: Secret to mount to read bearer token for scraping targets.
The secret needs to be in the same namespace as the probe and accessible
by the Prometheus Operator.
properties:
key:
description: The key of the secret to select from. Must be a
valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
interval:
description: Interval at which targets are probed using the configured
prober. If not specified Prometheus' global scrape interval is used.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
jobName:
description: The job name assigned to scraped metrics by default.
type: string
keepDroppedTargets:
description: "Per-scrape limit on the number of targets dropped by
relabeling that will be kept in memory. 0 means no limit. \n It
requires Prometheus >= v2.47.0."
format: int64
type: integer
labelLimit:
description: Per-scrape limit on number of labels that will be accepted
for a sample. Only valid in Prometheus versions 2.27.0 and newer.
format: int64
type: integer
labelNameLengthLimit:
description: Per-scrape limit on length of labels name that will be
accepted for a sample. Only valid in Prometheus versions 2.27.0
and newer.
format: int64
type: integer
labelValueLengthLimit:
description: Per-scrape limit on length of labels value that will
be accepted for a sample. Only valid in Prometheus versions 2.27.0
and newer.
format: int64
type: integer
metricRelabelings:
description: MetricRelabelConfigs to apply to samples before ingestion.
items:
description: "RelabelConfig allows dynamic rewriting of the label
set for targets, alerts, scraped samples and remote write samples.
\n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require Prometheus
>= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source label
values. \n Only applicable when the action is `HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace action
is performed if the regular expression matches. \n Regex capture
groups are available."
type: string
separator:
description: Separator is the string between concatenated SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing labels.
Their content is concatenated using the configured Separator
and matched against the configured regular expression.
items:
description: LabelName is a valid Prometheus label name which
may only contain ASCII letters, numbers, as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is written
in a replacement. \n It is mandatory for `Replace`, `HashMod`,
`Lowercase`, `Uppercase`, `KeepEqual` and `DropEqual` actions.
\n Regex capture groups are available."
type: string
type: object
type: array
module:
description: 'The module to use for probing specifying how to probe
the target. Example module configuring in the blackbox exporter:
https://github.com/prometheus/blackbox_exporter/blob/master/example.yml'
type: string
oauth2:
description: OAuth2 for the URL. Only valid in Prometheus versions
2.27.0 and newer.
properties:
clientId:
description: '`clientId` specifies a key of a Secret or ConfigMap
containing the OAuth2 client''s ID.'
properties:
configMap:
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
clientSecret:
description: '`clientSecret` specifies a key of a Secret containing
the OAuth2 client''s secret.'
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
endpointParams:
additionalProperties:
type: string
description: '`endpointParams` configures the HTTP parameters
to append to the token URL.'
type: object
scopes:
description: '`scopes` defines the OAuth2 scopes used for the
token request.'
items:
type: string
type: array
tokenUrl:
description: '`tokenURL` configures the URL to fetch the token
from.'
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
prober:
description: Specification for the prober to use for probing targets.
The prober.URL parameter is required. Targets cannot be probed if
left empty.
properties:
path:
default: /probe
description: Path to collect metrics from. Defaults to `/probe`.
type: string
proxyUrl:
description: Optional ProxyURL.
type: string
scheme:
description: HTTP scheme to use for scraping. `http` and `https`
are the expected values unless you rewrite the `__scheme__`
label via relabeling. If empty, Prometheus uses the default
value `http`.
enum:
- http
- https
type: string
url:
description: Mandatory URL of the prober.
type: string
required:
- url
type: object
sampleLimit:
description: SampleLimit defines per-scrape limit on number of scraped
samples that will be accepted.
format: int64
type: integer
scrapeTimeout:
description: Timeout for scraping metrics from the Prometheus exporter.
If not specified, the Prometheus global scrape timeout is used.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetLimit:
description: TargetLimit defines a limit on the number of scraped
targets that will be accepted.
format: int64
type: integer
targets:
description: Targets defines a set of static or dynamically discovered
targets to probe.
properties:
ingress:
description: ingress defines the Ingress objects to probe and
the relabeling configuration. If `staticConfig` is also defined,
`staticConfig` takes precedence.
properties:
namespaceSelector:
description: From which namespaces to select Ingress objects.
properties:
any:
description: Boolean describing whether all namespaces
are selected in contrast to a list restricting them.
type: boolean
matchNames:
description: List of namespace names to select from.
items:
type: string
type: array
type: object
relabelingConfigs:
description: 'RelabelConfigs to apply to the label set of
the target before it gets scraped. The original ingress
address is available via the `__tmp_prometheus_ingress_address`
label. It can be used to customize the probed URL. The original
scrape job''s name is available via the `__tmp_prometheus_job_name`
label. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
items:
description: "RelabelConfig allows dynamic rewriting of
the label set for targets, alerts, scraped samples and
remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label
name which may only contain ASCII letters, numbers,
as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is
written in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
selector:
description: Selector to select the Ingress objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector
requirements. The requirements are ANDed.
items:
description: A label selector requirement is a selector
that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector
applies to.
type: string
operator:
description: operator represents a key's relationship
to a set of values. Valid operators are In, NotIn,
Exists and DoesNotExist.
type: string
values:
description: values is an array of string values.
If the operator is In or NotIn, the values array
must be non-empty. If the operator is Exists or
DoesNotExist, the values array must be empty.
This array is replaced during a strategic merge
patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs.
A single {key,value} in the matchLabels map is equivalent
to an element of matchExpressions, whose key field is
"key", the operator is "In", and the values array contains
only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
type: object
staticConfig:
description: 'staticConfig defines the static list of targets
to probe and the relabeling configuration. If `ingress` is also
defined, `staticConfig` takes precedence. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#static_config.'
properties:
labels:
additionalProperties:
type: string
description: Labels assigned to all metrics scraped from the
targets.
type: object
relabelingConfigs:
description: 'RelabelConfigs to apply to the label set of
the targets before it gets scraped. More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config'
items:
description: "RelabelConfig allows dynamic rewriting of
the label set for targets, alerts, scraped samples and
remote write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label
name which may only contain ASCII letters, numbers,
as well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is
written in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
static:
description: The list of hosts to probe.
items:
type: string
type: array
type: object
type: object
tlsConfig:
description: TLS configuration to use when scraping the endpoint.
properties:
ca:
description: Certificate authority used when verifying server
certificates.
properties:
configMap:
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
cert:
description: Client certificate to present when doing client-authentication.
properties:
configMap:
description: ConfigMap containing data to use for the targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the ConfigMap or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keySecret:
description: Secret containing the client key file for the targets.
properties:
key:
description: The key of the secret to select from. Must be
a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must be
defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
type: object
required:
- spec
type: object
served: true
storage: true

8546
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_prometheusagents.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

9949
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_prometheuses.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

130
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_prometheusrules.monitoring.coreos.com.yaml Normal file
View File

@@ -0,0 +1,130 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.71.0
name: prometheusrules.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: PrometheusRule
listKind: PrometheusRuleList
plural: prometheusrules
shortNames:
- promrule
singular: prometheusrule
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: PrometheusRule defines recording and alerting rules for a Prometheus
instance
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired alerting rule definitions for Prometheus.
properties:
groups:
description: Content of Prometheus rule file
items:
description: RuleGroup is a list of sequentially evaluated recording
and alerting rules.
properties:
interval:
description: Interval determines how often rules in the group
are evaluated.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
limit:
description: Limit the number of alerts an alerting rule and
series a recording rule can produce. Limit is supported starting
with Prometheus >= 2.31 and Thanos Ruler >= 0.24.
type: integer
name:
description: Name of the rule group.
minLength: 1
type: string
partial_response_strategy:
description: 'PartialResponseStrategy is only used by ThanosRuler
and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response'
pattern: ^(?i)(abort|warn)?$
type: string
rules:
description: List of alerting and recording rules.
items:
description: 'Rule describes an alerting or recording rule
See Prometheus documentation: [alerting](https://www.prometheus.io/docs/prometheus/latest/configuration/alerting_rules/)
or [recording](https://www.prometheus.io/docs/prometheus/latest/configuration/recording_rules/#recording-rules)
rule'
properties:
alert:
description: Name of the alert. Must be a valid label
value. Only one of `record` and `alert` must be set.
type: string
annotations:
additionalProperties:
type: string
description: Annotations to add to each alert. Only valid
for alerting rules.
type: object
expr:
anyOf:
- type: integer
- type: string
description: PromQL expression to evaluate.
x-kubernetes-int-or-string: true
for:
description: Alerts are considered firing once they have
been returned for this long.
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
keep_firing_for:
description: KeepFiringFor defines how long an alert will
continue firing after the condition that triggered it
has cleared.
minLength: 1
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
labels:
additionalProperties:
type: string
description: Labels to add or overwrite.
type: object
record:
description: Name of the time series to output to. Must
be a valid metric name. Only one of `record` and `alert`
must be set.
type: string
required:
- expr
type: object
type: array
required:
- name
type: object
type: array
x-kubernetes-list-map-keys:
- name
x-kubernetes-list-type: map
type: object
required:
- spec
type: object
served: true
storage: true

742
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_servicemonitors.monitoring.coreos.com.yaml Normal file
View File

@@ -0,0 +1,742 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.13.0
operator.prometheus.io/version: 0.71.0
name: servicemonitors.monitoring.coreos.com
spec:
group: monitoring.coreos.com
names:
categories:
- prometheus-operator
kind: ServiceMonitor
listKind: ServiceMonitorList
plural: servicemonitors
shortNames:
- smon
singular: servicemonitor
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: ServiceMonitor defines monitoring for a set of services.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Specification of desired Service selection for target discovery
by Prometheus.
properties:
attachMetadata:
description: "`attachMetadata` defines additional metadata which is
added to the discovered targets. \n It requires Prometheus >= v2.37.0."
properties:
node:
description: When set to true, Prometheus must have the `get`
permission on the `Nodes` objects.
type: boolean
type: object
endpoints:
description: List of endpoints part of this ServiceMonitor.
items:
description: Endpoint defines an endpoint serving Prometheus metrics
to be scraped by Prometheus.
properties:
authorization:
description: "`authorization` configures the Authorization header
credentials to use when scraping the target. \n Cannot be
set at the same time as `basicAuth`, or `oauth2`."
properties:
credentials:
description: Selects a key of a Secret in the namespace
that contains the credentials for authentication.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type:
description: "Defines the authentication type. The value
is case-insensitive. \n \"Basic\" is not a supported value.
\n Default: \"Bearer\""
type: string
type: object
basicAuth:
description: "`basicAuth` configures the Basic Authentication
credentials to use when scraping the target. \n Cannot be
set at the same time as `authorization`, or `oauth2`."
properties:
password:
description: '`password` specifies a key of a Secret containing
the password for authentication.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
username:
description: '`username` specifies a key of a Secret containing
the username for authentication.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
bearerTokenFile:
description: "File to read bearer token for scraping the target.
\n Deprecated: use `authorization` instead."
type: string
bearerTokenSecret:
description: "`bearerTokenSecret` specifies a key of a Secret
containing the bearer token for scraping targets. The secret
needs to be in the same namespace as the ServiceMonitor object
and readable by the Prometheus Operator. \n Deprecated: use
`authorization` instead."
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
enableHttp2:
description: '`enableHttp2` can be used to disable HTTP2 when
scraping the target.'
type: boolean
filterRunning:
description: "When true, the pods which are not running (e.g.
either in Failed or Succeeded state) are dropped during the
target discovery. \n If unset, the filtering is enabled. \n
More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-phase"
type: boolean
followRedirects:
description: '`followRedirects` defines whether the scrape requests
should follow HTTP 3xx redirects.'
type: boolean
honorLabels:
description: When true, `honorLabels` preserves the metric's
labels when they collide with the target's labels.
type: boolean
honorTimestamps:
description: '`honorTimestamps` controls whether Prometheus
preserves the timestamps when exposed by the target.'
type: boolean
interval:
description: "Interval at which Prometheus scrapes the metrics
from the target. \n If empty, Prometheus uses the global scrape
interval."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
metricRelabelings:
description: '`metricRelabelings` configures the relabeling
rules to apply to the samples before ingestion.'
items:
description: "RelabelConfig allows dynamic rewriting of the
label set for targets, alerts, scraped samples and remote
write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label name
which may only contain ASCII letters, numbers, as
well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is written
in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
oauth2:
description: "`oauth2` configures the OAuth2 settings to use
when scraping the target. \n It requires Prometheus >= 2.27.0.
\n Cannot be set at the same time as `authorization`, or `basicAuth`."
properties:
clientId:
description: '`clientId` specifies a key of a Secret or
ConfigMap containing the OAuth2 client''s ID.'
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
clientSecret:
description: '`clientSecret` specifies a key of a Secret
containing the OAuth2 client''s secret.'
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
endpointParams:
additionalProperties:
type: string
description: '`endpointParams` configures the HTTP parameters
to append to the token URL.'
type: object
scopes:
description: '`scopes` defines the OAuth2 scopes used for
the token request.'
items:
type: string
type: array
tokenUrl:
description: '`tokenURL` configures the URL to fetch the
token from.'
minLength: 1
type: string
required:
- clientId
- clientSecret
- tokenUrl
type: object
params:
additionalProperties:
items:
type: string
type: array
description: params define optional HTTP URL parameters.
type: object
path:
description: "HTTP path from which to scrape for metrics. \n
If empty, Prometheus uses the default value (e.g. `/metrics`)."
type: string
port:
description: "Name of the Service port which this endpoint refers
to. \n It takes precedence over `targetPort`."
type: string
proxyUrl:
description: '`proxyURL` configures the HTTP Proxy URL (e.g.
"http://proxyserver:2195") to go through when scraping the
target.'
type: string
relabelings:
description: "`relabelings` configures the relabeling rules
to apply the target's metadata labels. \n The Operator automatically
adds relabelings for a few standard Kubernetes fields. \n
The original scrape job's name is available via the `__tmp_prometheus_job_name`
label. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
items:
description: "RelabelConfig allows dynamic rewriting of the
label set for targets, alerts, scraped samples and remote
write samples. \n More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config"
properties:
action:
default: replace
description: "Action to perform based on the regex matching.
\n `Uppercase` and `Lowercase` actions require Prometheus
>= v2.36.0. `DropEqual` and `KeepEqual` actions require
Prometheus >= v2.41.0. \n Default: \"Replace\""
enum:
- replace
- Replace
- keep
- Keep
- drop
- Drop
- hashmod
- HashMod
- labelmap
- LabelMap
- labeldrop
- LabelDrop
- labelkeep
- LabelKeep
- lowercase
- Lowercase
- uppercase
- Uppercase
- keepequal
- KeepEqual
- dropequal
- DropEqual
type: string
modulus:
description: "Modulus to take of the hash of the source
label values. \n Only applicable when the action is
`HashMod`."
format: int64
type: integer
regex:
description: Regular expression against which the extracted
value is matched.
type: string
replacement:
description: "Replacement value against which a Replace
action is performed if the regular expression matches.
\n Regex capture groups are available."
type: string
separator:
description: Separator is the string between concatenated
SourceLabels.
type: string
sourceLabels:
description: The source labels select values from existing
labels. Their content is concatenated using the configured
Separator and matched against the configured regular
expression.
items:
description: LabelName is a valid Prometheus label name
which may only contain ASCII letters, numbers, as
well as underscores.
pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
type: string
type: array
targetLabel:
description: "Label to which the resulting string is written
in a replacement. \n It is mandatory for `Replace`,
`HashMod`, `Lowercase`, `Uppercase`, `KeepEqual` and
`DropEqual` actions. \n Regex capture groups are available."
type: string
type: object
type: array
scheme:
description: "HTTP scheme to use for scraping. \n `http` and
`https` are the expected values unless you rewrite the `__scheme__`
label via relabeling. \n If empty, Prometheus uses the default
value `http`."
enum:
- http
- https
type: string
scrapeTimeout:
description: "Timeout after which Prometheus considers the scrape
to be failed. \n If empty, Prometheus uses the global scrape
timeout unless it is less than the target's scrape interval
value in which the latter is used."
pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
type: string
targetPort:
anyOf:
- type: integer
- type: string
description: "Name or number of the target port of the `Pod`
object behind the Service, the port must be specified with
container port property. \n Deprecated: use `port` instead."
x-kubernetes-int-or-string: true
tlsConfig:
description: TLS configuration to use when scraping the target.
properties:
ca:
description: Certificate authority used when verifying server
certificates.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
caFile:
description: Path to the CA cert in the Prometheus container
to use for the targets.
type: string
cert:
description: Client certificate to present when doing client-authentication.
properties:
configMap:
description: ConfigMap containing data to use for the
targets.
properties:
key:
description: The key to select.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the ConfigMap or its
key must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
secret:
description: Secret containing data to use for the targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind,
uid?'
type: string
optional:
description: Specify whether the Secret or its key
must be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
type: object
certFile:
description: Path to the client cert file in the Prometheus
container for the targets.
type: string
insecureSkipVerify:
description: Disable target certificate validation.
type: boolean
keyFile:
description: Path to the client key file in the Prometheus
container for the targets.
type: string
keySecret:
description: Secret containing the client key file for the
targets.
properties:
key:
description: The key of the secret to select from. Must
be a valid secret key.
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
TODO: Add other useful fields. apiVersion, kind, uid?'
type: string
optional:
description: Specify whether the Secret or its key must
be defined
type: boolean
required:
- key
type: object
x-kubernetes-map-type: atomic
serverName:
description: Used to verify the hostname for the targets.
type: string
type: object
trackTimestampsStaleness:
description: "`trackTimestampsStaleness` defines whether Prometheus
tracks staleness of the metrics that have an explicit timestamp
present in scraped data. Has no effect if `honorTimestamps`
is false. \n It requires Prometheus >= v2.48.0."
type: boolean
type: object
type: array
jobLabel:
description: "`jobLabel` selects the label from the associated Kubernetes
`Service` object which will be used as the `job` label for all metrics.
\n For example if `jobLabel` is set to `foo` and the Kubernetes
`Service` object is labeled with `foo: bar`, then Prometheus adds
the `job=\"bar\"` label to all ingested metrics. \n If the value
of this field is empty or if the label doesn't exist for the given
Service, the `job` label of the metrics defaults to the name of
the associated Kubernetes `Service`."
type: string
keepDroppedTargets:
description: "Per-scrape limit on the number of targets dropped by
relabeling that will be kept in memory. 0 means no limit. \n It
requires Prometheus >= v2.47.0."
format: int64
type: integer
labelLimit:
description: "Per-scrape limit on number of labels that will be accepted
for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
labelNameLengthLimit:
description: "Per-scrape limit on length of labels name that will
be accepted for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
labelValueLengthLimit:
description: "Per-scrape limit on length of labels value that will
be accepted for a sample. \n It requires Prometheus >= v2.27.0."
format: int64
type: integer
namespaceSelector:
description: Selector to select which namespaces the Kubernetes `Endpoints`
objects are discovered from.
properties:
any:
description: Boolean describing whether all namespaces are selected
in contrast to a list restricting them.
type: boolean
matchNames:
description: List of namespace names to select from.
items:
type: string
type: array
type: object
podTargetLabels:
description: '`podTargetLabels` defines the labels which are transferred
from the associated Kubernetes `Pod` object onto the ingested metrics.'
items:
type: string
type: array
sampleLimit:
description: '`sampleLimit` defines a per-scrape limit on the number
of scraped samples that will be accepted.'
format: int64
type: integer
selector:
description: Label selector to select the Kubernetes `Endpoints` objects.
properties:
matchExpressions:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
required:
- key
- operator
type: object
type: array
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
targetLabels:
description: '`targetLabels` defines the labels which are transferred
from the associated Kubernetes `Service` object onto the ingested
metrics.'
items:
type: string
type: array
targetLimit:
description: '`targetLimit` defines a limit on the number of scraped
targets that will be accepted.'
format: int64
type: integer
required:
- selector
type: object
required:
- spec
type: object
served: true
storage: true

6915
crd/prometheus/apiextensions.k8s.io_v1_CustomResourceDefinition_thanosrulers.monitoring.coreos.com.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

17
crd/prometheus/datas.tf Normal file
View File

@@ -0,0 +1,17 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/name" = var.component
"app.kubernetes.io/instance" = var.instance
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = []
}

48
crd/prometheus/index.rhai Normal file
View File

@@ -0,0 +1,48 @@
const VERSION="0.71.0";
const SRC=src;
const DEST=dest;
const DOIT=config.apply;
const sourcesDir=`https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/v${VERSION}/example/prometheus-operator-crd`;
const sources=[
"monitoring.coreos.com_alertmanagerconfigs.yaml",
"monitoring.coreos.com_alertmanagers.yaml",
"monitoring.coreos.com_prometheusrules.yaml",
"monitoring.coreos.com_servicemonitors.yaml",
"monitoring.coreos.com_podmonitors.yaml",
"monitoring.coreos.com_probes.yaml",
"monitoring.coreos.com_thanosrulers.yaml",
"monitoring.coreos.com_prometheuses.yaml",
"monitoring.coreos.com_prometheusagents.yaml",
];
const crdFiles=[
"apiextensions.k8s.io_v1_CustomResourceDefinition_alertmanagerconfigs.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_alertmanagers.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_podmonitors.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_probes.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_prometheusagents.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_prometheuses.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_prometheusrules.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_servicemonitors.monitoring.coreos.com.yaml",
"apiextensions.k8s.io_v1_CustomResourceDefinition_thanosrulers.monitoring.coreos.com.yaml",
];
fn pre_pack() {
for file in global::sources {
shell(`curl -sL ${global::sourcesDir}/${file} > ${global::SRC}/${file}`);
}
}
fn pre_install() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl replace -f ${global::SRC}/${file} || kubectl create -f ${global::SRC}/${file}`);
}
}
fn post_destroy() {
if ! global::DOIT {
return;
}
for file in global::crdFiles {
shell(`kubectl delete -f ${global::SRC}/${file}`);
}
}

16
crd/prometheus/index.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: vinyl.solidite.fr/v1beta1
kind: Component
category: crd
metadata:
name: prometheus
description: CRD for Prometheus Operator
options:
apply:
default: true
examples:
- true
type: boolean
dependencies: []
providers: null
tfaddtype: null

68
crd/rook/apiextensions.k8s.io_v1_CustomResourceDefinition_cephblockpoolradosnamespaces.ceph.rook.io.yaml Normal file
View File

@@ -0,0 +1,68 @@
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
name: cephblockpoolradosnamespaces.ceph.rook.io
spec:
group: ceph.rook.io
names:
kind: CephBlockPoolRadosNamespace
listKind: CephBlockPoolRadosNamespaceList
plural: cephblockpoolradosnamespaces
singular: cephblockpoolradosnamespace
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: CephBlockPoolRadosNamespace represents a Ceph BlockPool Rados Namespace
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: Spec represents the specification of a Ceph BlockPool Rados Namespace
properties:
blockPoolName:
description: BlockPoolName is the name of Ceph BlockPool. Typically it's the name of the CephBlockPool CR.
type: string
x-kubernetes-validations:
- message: blockPoolName is immutable
rule: self == oldSelf
name:
description: The name of the CephBlockPoolRadosNamespaceSpec namespace. If not set, the default is the name of the CR.
type: string
x-kubernetes-validations:
- message: name is immutable
rule: self == oldSelf
required:
- blockPoolName
type: object
status:
description: Status represents the status of a CephBlockPool Rados Namespace
properties:
info:
additionalProperties:
type: string
nullable: true
type: object
phase:
description: ConditionType represent a resource's status
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

381
crd/rook/apiextensions.k8s.io_v1_CustomResourceDefinition_cephblockpools.ceph.rook.io.yaml Normal file
View File

@@ -0,0 +1,381 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
name: cephblockpools.ceph.rook.io
spec:
group: ceph.rook.io
names:
kind: CephBlockPool
listKind: CephBlockPoolList
plural: cephblockpools
singular: cephblockpool
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .status.phase
name: Phase
type: string
name: v1
schema:
openAPIV3Schema:
description: CephBlockPool represents a Ceph Storage Pool
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NamedBlockPoolSpec allows a block pool to be created with a non-default name. This is more specific than the NamedPoolSpec so we get schema validation on the allowed pool names that can be specified.
properties:
compressionMode:
description: 'DEPRECATED: use Parameters instead, e.g., Parameters["compression_mode"] = "force" The inline compression mode in Bluestore OSD to set to (options are: none, passive, aggressive, force) Do NOT set a default value for kubebuilder as this will override the Parameters'
enum:
- none
- passive
- aggressive
- force
- ""
nullable: true
type: string
crushRoot:
description: The root of the crush hierarchy utilized by the pool
nullable: true
type: string
deviceClass:
description: The device class the OSD should set to for use in the pool
nullable: true
type: string
enableRBDStats:
description: EnableRBDStats is used to enable gathering of statistics for all RBD images in the pool
type: boolean
erasureCoded:
description: The erasure code settings
properties:
algorithm:
description: The algorithm for erasure coding
type: string
codingChunks:
description: Number of coding chunks per object in an erasure coded storage pool (required for erasure-coded pool type). This is the number of OSDs that can be lost simultaneously before data cannot be recovered.
minimum: 0
type: integer
dataChunks:
description: Number of data chunks per object in an erasure coded storage pool (required for erasure-coded pool type). The number of chunks required to recover an object when any single OSD is lost is the same as dataChunks so be aware that the larger the number of data chunks, the higher the cost of recovery.
minimum: 0
type: integer
required:
- codingChunks
- dataChunks
type: object
failureDomain:
description: 'The failure domain: osd/host/(region or zone if available) - technically also any type in the crush map'
type: string
mirroring:
description: The mirroring settings
properties:
enabled:
description: Enabled whether this pool is mirrored or not
type: boolean
mode:
description: 'Mode is the mirroring mode: either pool or image'
type: string
peers:
description: Peers represents the peers spec
nullable: true
properties:
secretNames:
description: SecretNames represents the Kubernetes Secret names to add rbd-mirror or cephfs-mirror peers
items:
type: string
type: array
type: object
snapshotSchedules:
description: SnapshotSchedules is the scheduling of snapshot for mirrored images/pools
items:
description: SnapshotScheduleSpec represents the snapshot scheduling settings of a mirrored pool
properties:
interval:
description: Interval represent the periodicity of the snapshot.
type: string
path:
description: Path is the path to snapshot, only valid for CephFS
type: string
startTime:
description: StartTime indicates when to start the snapshot
type: string
type: object
type: array
type: object
name:
description: The desired name of the pool if different from the CephBlockPool CR name.
enum:
- device_health_metrics
- .nfs
- .mgr
type: string
parameters:
additionalProperties:
type: string
description: Parameters is a list of properties to enable on a given pool
nullable: true
type: object
x-kubernetes-preserve-unknown-fields: true
quotas:
description: The quota settings
nullable: true
properties:
maxBytes:
description: MaxBytes represents the quota in bytes Deprecated in favor of MaxSize
format: int64
type: integer
maxObjects:
description: MaxObjects represents the quota in objects
format: int64
type: integer
maxSize:
description: MaxSize represents the quota in bytes as a string
pattern: ^[0-9]+[\.]?[0-9]*([KMGTPE]i|[kMGTPE])?$
type: string
type: object
replicated:
description: The replication settings
properties:
hybridStorage:
description: HybridStorage represents hybrid storage tier settings
nullable: true
properties:
primaryDeviceClass:
description: PrimaryDeviceClass represents high performance tier (for example SSD or NVME) for Primary OSD
minLength: 1
type: string
secondaryDeviceClass:
description: SecondaryDeviceClass represents low performance tier (for example HDDs) for remaining OSDs
minLength: 1
type: string
required:
- primaryDeviceClass
- secondaryDeviceClass
type: object
replicasPerFailureDomain:
description: ReplicasPerFailureDomain the number of replica in the specified failure domain
minimum: 1
type: integer
requireSafeReplicaSize:
description: RequireSafeReplicaSize if false allows you to set replica 1
type: boolean
size:
description: Size - Number of copies per object in a replicated storage pool, including the object itself (required for replicated pool type)
minimum: 0
type: integer
subFailureDomain:
description: SubFailureDomain the name of the sub-failure domain
type: string
targetSizeRatio:
description: TargetSizeRatio gives a hint (%) to Ceph in terms of expected consumption of the total cluster capacity
type: number
required:
- size
type: object
statusCheck:
description: The mirroring statusCheck
properties:
mirror:
description: HealthCheckSpec represents the health check of an object store bucket
nullable: true
properties:
disabled:
type: boolean
interval:
description: Interval is the internal in second or minute for the health check to run like 60s for 60 seconds
type: string
timeout:
type: string
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
type: object
status:
description: CephBlockPoolStatus represents the mirroring status of Ceph Storage Pool
properties:
conditions:
items:
description: Condition represents a status condition on any Rook-Ceph Custom Resource.
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
description: ConditionReason is a reason for a condition
type: string
status:
type: string
type:
description: ConditionType represent a resource's status
type: string
type: object
type: array
info:
additionalProperties:
type: string
nullable: true
type: object
mirroringInfo:
description: MirroringInfoSpec is the status of the pool mirroring
properties:
details:
type: string
lastChanged:
type: string
lastChecked:
type: string
mode:
description: Mode is the mirroring mode
type: string
peers:
description: Peers are the list of peer sites connected to that cluster
items:
description: PeersSpec contains peer details
properties:
client_name:
description: ClientName is the CephX user used to connect to the peer
type: string
direction:
description: Direction is the peer mirroring direction
type: string
mirror_uuid:
description: MirrorUUID is the mirror UUID
type: string
site_name:
description: SiteName is the current site name
type: string
uuid:
description: UUID is the peer UUID
type: string
type: object
type: array
site_name:
description: SiteName is the current site name
type: string
type: object
mirroringStatus:
description: MirroringStatusSpec is the status of the pool mirroring
properties:
details:
description: Details contains potential status errors
type: string
lastChanged:
description: LastChanged is the last time time the status last changed
type: string
lastChecked:
description: LastChecked is the last time time the status was checked
type: string
summary:
description: Summary is the mirroring status summary
properties:
daemon_health:
description: DaemonHealth is the health of the mirroring daemon
type: string
health:
description: Health is the mirroring health
type: string
image_health:
description: ImageHealth is the health of the mirrored image
type: string
states:
description: States is the various state for all mirrored images
nullable: true
properties:
error:
description: Error is when the mirroring state is errored
type: integer
replaying:
description: Replaying is when the replay of the mirroring journal is on-going
type: integer
starting_replay:
description: StartingReplay is when the replay of the mirroring journal starts
type: integer
stopped:
description: Stopped is when the mirroring state is stopped
type: integer
stopping_replay:
description: StopReplaying is when the replay of the mirroring journal stops
type: integer
syncing:
description: Syncing is when the image is syncing
type: integer
unknown:
description: Unknown is when the mirroring state is unknown
type: integer
type: object
type: object
type: object
observedGeneration:
description: ObservedGeneration is the latest generation observed by the controller.
format: int64
type: integer
phase:
description: ConditionType represent a resource's status
type: string
snapshotScheduleStatus:
description: SnapshotScheduleStatusSpec is the status of the snapshot schedule
properties:
details:
description: Details contains potential status errors
type: string
lastChanged:
description: LastChanged is the last time time the status last changed
type: string
lastChecked:
description: LastChecked is the last time time the status was checked
type: string
snapshotSchedules:
description: SnapshotSchedules is the list of snapshots scheduled
items:
description: SnapshotSchedulesSpec is the list of snapshot scheduled for images in a pool
properties:
image:
description: Image is the mirrored image
type: string
items:
description: Items is the list schedules times for a given snapshot
items:
description: SnapshotSchedule is a schedule
properties:
interval:
description: Interval is the interval in which snapshots will be taken
type: string
start_time:
description: StartTime is the snapshot starting time
type: string
type: object
type: array
namespace:
description: Namespace is the RADOS namespace the image is part of
type: string
pool:
description: Pool is the pool name
type: string
type: object
nullable: true
type: array
type: object
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

152
crd/rook/apiextensions.k8s.io_v1_CustomResourceDefinition_cephbucketnotifications.ceph.rook.io.yaml Normal file
View File

@@ -0,0 +1,152 @@
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.3
name: cephbucketnotifications.ceph.rook.io
spec:
group: ceph.rook.io
names:
kind: CephBucketNotification
listKind: CephBucketNotificationList
plural: cephbucketnotifications
singular: cephbucketnotification
scope: Namespaced
versions:
- name: v1
schema:
openAPIV3Schema:
description: CephBucketNotification represents a Bucket Notifications
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BucketNotificationSpec represent the spec of a Bucket Notification
properties:
events:
description: List of events that should trigger the notification
items:
description: BucketNotificationSpec represent the event type of the bucket notification
enum:
- s3:ObjectCreated:*
- s3:ObjectCreated:Put
- s3:ObjectCreated:Post
- s3:ObjectCreated:Copy
- s3:ObjectCreated:CompleteMultipartUpload
- s3:ObjectRemoved:*
- s3:ObjectRemoved:Delete
- s3:ObjectRemoved:DeleteMarkerCreated
type: string
type: array
filter:
description: Spec of notification filter
properties:
keyFilters:
description: Filters based on the object's key
items:
description: NotificationKeyFilterRule represent a single key rule in the Notification Filter spec
properties:
name:
description: Name of the filter - prefix/suffix/regex
enum:
- prefix
- suffix
- regex
type: string
value:
description: Value to filter on
type: string
required:
- name
- value
type: object
type: array
metadataFilters:
description: Filters based on the object's metadata
items:
description: NotificationFilterRule represent a single rule in the Notification Filter spec
properties:
name:
description: Name of the metadata or tag
minLength: 1
type: string
value:
description: Value to filter on
type: string
required:
- name
- value
type: object
type: array
tagFilters:
description: Filters based on the object's tags
items:
description: NotificationFilterRule represent a single rule in the Notification Filter spec
properties:
name:
description: Name of the metadata or tag
minLength: 1
type: string
value:
description: Value to filter on
type: string
required:
- name
- value
type: object
type: array
type: object
topic:
description: The name of the topic associated with this notification
minLength: 1
type: string
required:
- topic
type: object
status:
description: Status represents the status of an object
properties:
conditions:
items:
description: Condition represents a status condition on any Rook-Ceph Custom Resource.
properties:
lastHeartbeatTime:
format: date-time
type: string
lastTransitionTime:
format: date-time
type: string
message:
type: string
reason:
description: ConditionReason is a reason for a condition
type: string
status:
type: string
type:
description: ConditionType represent a resource's status
type: string
type: object
type: array
observedGeneration:
description: ObservedGeneration is the latest generation observed by the controller.
format: int64
type: integer
phase:
type: string
type: object
x-kubernetes-preserve-unknown-fields: true
required:
- metadata
- spec
type: object
served: true
storage: true
subresources:
status: {}

Some files were not shown because too many files have changed in this diff Show More