From 2bb4f29f28002a9086b0b14e4065acf0ce8d7e87 Mon Sep 17 00:00:00 2001 From: Pete Savage Date: Wed, 27 Nov 2024 13:48:23 +0000 Subject: [PATCH] Updated latest libs --- Makefile | 4 +- build/build_config_docs.sh | 4 +- .../operators.coreos.com_subscriptions.yaml | 1796 ++++++++--------- config/rbac/role.yaml | 87 +- controllers/cloud.redhat.com/config/types.go | 887 ++++---- deploy-mutate.yml | 89 +- deploy.yml | 88 +- docs/api_ref.md | 8 +- 8 files changed, 1354 insertions(+), 1609 deletions(-) diff --git a/Makefile b/Makefile index b4206529b..7a4073762 100644 --- a/Makefile +++ b/Makefile @@ -174,11 +174,11 @@ update-version: ## Updates the version in the image CONTROLLER_GEN = $(shell pwd)/bin/controller-gen controller-gen: ## Download controller-gen locally if necessary. - $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0) + $(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.16.4) KUSTOMIZE = $(shell pwd)/bin/kustomize kustomize: ## Download kustomize locally if necessary. - $(call go-install-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v4@v4.5.2) + $(call go-install-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v5@v5.5.0) ENVTEST = $(shell pwd)/bin/setup-envtest envtest: ## Download envtest-setup locally if necessary. diff --git a/build/build_config_docs.sh b/build/build_config_docs.sh index f32f762d4..41fd89784 100755 --- a/build/build_config_docs.sh +++ b/build/build_config_docs.sh @@ -2,7 +2,7 @@ set -e -python -m venv docs/build/venv +python3.12 -m venv docs/build/venv source docs/build/venv/bin/activate -pip install json-schema-for-humans==0.47 +pip install json-schema-for-humans==v1.0.2 generate-schema-doc --config with_footer=false --config template_name=md controllers/cloud.redhat.com/config/schema.json docs/api_ref.md diff --git a/config/crd/bases/operators.coreos.com_subscriptions.yaml b/config/crd/bases/operators.coreos.com_subscriptions.yaml index 4565581d4..85eae3e73 100644 --- a/config/crd/bases/operators.coreos.com_subscriptions.yaml +++ b/config/crd/bases/operators.coreos.com_subscriptions.yaml @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.8.0 - creationTimestamp: null + controller-gen.kubebuilder.io/version: v0.16.4 name: subscriptions.operators.coreos.com spec: group: operators.coreos.com @@ -20,14 +19,19 @@ spec: openAPIV3Schema: properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources type: string kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string metadata: type: object @@ -42,8 +46,9 @@ spec: a subscription. properties: env: - description: Env is a list of environment variables to set in - the container. Cannot be updated. + description: |- + Env is a list of environment variables to set in the container. Cannot be + updated. items: description: EnvVar represents an environment variable present in a Container. @@ -53,19 +58,19 @@ spec: C_IDENTIFIER. type: string value: - description: 'Variable references $(VAR_NAME) are expanded - using the previously defined environment variables in - the container and any service environment variables. If - a variable cannot be resolved, the reference in the input - string will be unchanged. Double $$ are reduced to a single - $, which allows for escaping the $(VAR_NAME) syntax: i.e. - "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - Escaped references will never be expanded, regardless - of whether the variable exists or not. Defaults to "".' + description: |- + Variable references $(VAR_NAME) are expanded using the previously defined + environment variables in the container and any service environment variables. + If a variable cannot be resolved, the reference in the input string will be + unchanged. Double $$ are reduced to a single $, which allows for escaping the + $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will produce the string literal + "$(VAR_NAME)". Escaped references will never be expanded, regardless of whether + the variable exists or not. Defaults to "". type: string valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. + description: |- + Source for the environment variable's value. Cannot be used if value is not + empty. properties: configMapKeyRef: description: Selects a key of a ConfigMap. @@ -74,9 +79,9 @@ spec: description: The key to select. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap or its @@ -86,11 +91,10 @@ spec: - key type: object fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, `metadata.labels['''']`, - `metadata.annotations['''']`, spec.nodeName, - spec.serviceAccountName, status.hostIP, status.podIP, - status.podIPs.' + description: |- + Selects a field of the pod: supports metadata.name, metadata.namespace, + `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. properties: apiVersion: description: Version of the schema the FieldPath @@ -104,10 +108,10 @@ spec: - fieldPath type: object resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, + requests.memory and requests.ephemeral-storage) are currently supported. properties: containerName: description: 'Container name: required for volumes, @@ -132,9 +136,9 @@ spec: be a valid secret key. type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the Secret or its key @@ -149,13 +153,13 @@ spec: type: object type: array envFrom: - description: EnvFrom is a list of sources to populate environment - variables in the container. The keys defined within a source - must be a C_IDENTIFIER. All invalid keys will be reported as - an event when the container is starting. When a key exists in - multiple sources, the value associated with the last source - will take precedence. Values defined by an Env with a duplicate - key will take precedence. Immutable. + description: |- + EnvFrom is a list of sources to populate environment variables in the + container. The keys defined within a source must be a C_IDENTIFIER. All invalid + keys will be reported as an event when the container is starting. When a key + exists in multiple sources, the value associated with the last source will take + precedence. Values defined by an Env with a duplicate key will take precedence. + Immutable. items: description: EnvFromSource represents the source of a set of ConfigMaps @@ -164,23 +168,26 @@ spec: description: The ConfigMap to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap must be defined type: boolean type: object prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. + description: |- + An optional identifier to prepend to each key in the ConfigMap. Must be a + C_IDENTIFIER. type: string secretRef: description: The Secret to select from properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the Secret must be defined @@ -189,55 +196,60 @@ spec: type: object type: array nodeSelector: - description: 'NodeSelector is a selector which must be true for - the pod to fit on a node. Selector which must match a node''s - labels for the pod to be scheduled on that node. More info: - https://kubernetes.io/docs/concepts/configuration/assign-pod-node/' + description: |- + NodeSelector is a selector which must be true for the pod to fit on a node. + Selector which must match a node's labels for the pod to be scheduled on that + node. More info: + https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ x-kubernetes-preserve-unknown-fields: true resources: - description: 'Resources represents compute resources required - by this container. Immutable. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' + description: |- + Resources represents compute resources required by this container. Immutable. + More info: + https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ properties: limits: - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ x-kubernetes-preserve-unknown-fields: true requests: - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. If + Requests is omitted for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ x-kubernetes-preserve-unknown-fields: true type: object selector: - description: Selector is the label selector for pods to be configured. - Existing ReplicaSets whose pods are selected by this will be - the ones affected by this deployment. It must match the pod - template's labels. + description: |- + Selector is the label selector for pods to be configured. Existing ReplicaSets + whose pods are selected by this will be the ones affected by this deployment. + It must match the pod template's labels. properties: matchExpressions: - description: matchExpressions is a list of label selector - requirements. The requirements are ANDed. + description: |- + matchExpressions is a list of label selector requirements. The requirements are + ANDed. items: - description: A label selector requirement is a selector - that contains values, a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an + operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a key's relationship - to a set of values. Valid operators are In, NotIn, - Exists and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. Valid operators + are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of string values. If - the operator is In or NotIn, the values array must - be non-empty. If the operator is Exists or DoesNotExist, - the values array must be empty. This array is replaced - during a strategic merge patch. + description: |- + values is an array of string values. If the operator is In or NotIn, the values + array must be non-empty. If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -247,50 +259,50 @@ spec: type: object type: array matchLabels: - description: matchLabels is a map of {key,value} pairs. A - single {key,value} in the matchLabels map is equivalent - to an element of matchExpressions, whose key field is "key", - the operator is "In", and the values array contains only + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the + matchLabels map is equivalent to an element of matchExpressions, whose key + field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. x-kubernetes-preserve-unknown-fields: true type: object tolerations: description: Tolerations are the pod's tolerations. items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . + description: |- + The pod this Toleration is attached to tolerates any taint that matches the + triple using the matching operator . properties: effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. + description: |- + Effect indicates the taint effect to match. Empty means match all taint + effects. When specified, allowed values are NoSchedule, PreferNoSchedule and + NoExecute. type: string key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. + description: |- + Key is the taint key that the toleration applies to. Empty means match all + taint keys. If the key is empty, operator must be Exists; this combination + means to match all values and all keys. type: string operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. + description: |- + Operator represents a key's relationship to the value. Valid operators are + Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for + value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. + description: |- + TolerationSeconds represents the period of time the toleration (which must be + of effect NoExecute, otherwise this field is ignored) tolerates the taint. By + default, it is not set, which means tolerate the taint forever (do not evict). + Zero and negative values will be treated as 0 (evict immediately) by the + system. type: integer value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. + description: |- + Value is the taint value the toleration matches to. If the operator is Exists, + the value should be empty, otherwise just a regular string. type: string type: object type: array @@ -301,33 +313,35 @@ spec: a container. properties: mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. + description: |- + Path within the container at which the volume should be mounted. Must not + contain ':'. type: string mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. + description: |- + mountPropagation determines how mounts are propagated from the host to + container and the other way around. When not set, MountPropagationNone is used. + This field is beta in 1.10. type: string name: description: This must match the Name of a Volume. type: string readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. + description: |- + Mounted read-only if true, read-write otherwise (false or unspecified). + Defaults to false. type: boolean subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). + description: |- + Path within the volume from which the container's volume should be mounted. + Defaults to "" (volume's root). type: string subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. + description: |- + Expanded path within the volume from which the container's volume should be + mounted. Behaves similarly to SubPath but environment variable references + $(VAR_NAME) are expanded using the container's environment. Defaults to "" + (volume's root). SubPathExpr and SubPath are mutually exclusive. type: string required: - mountPath @@ -337,46 +351,49 @@ spec: volumes: description: List of Volumes to set in the podSpec. items: - description: Volume represents a named volume in a pod that - may be accessed by any container in the pod. + description: |- + Volume represents a named volume in a pod that may be accessed by any container + in the pod. properties: awsElasticBlockStore: - description: 'AWSElasticBlockStore represents an AWS Disk - resource that is attached to a kubelet''s host machine - and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + AWSElasticBlockStore represents an AWS Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore properties: fsType: - description: 'Filesystem type of the volume that you - want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + Filesystem type of the volume that you want to mount. Tip: Ensure that the + filesystem type is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: + how do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'The partition in the volume that you want - to mount. If omitted, the default is to mount by volume - name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property - empty).' + description: |- + The partition in the volume that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, you specify the + partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you + can leave the property empty). type: integer readOnly: - description: 'Specify "true" to force and set the ReadOnly - property in VolumeMounts to "true". If omitted, the - default is "false". More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + Specify "true" to force and set the ReadOnly property in VolumeMounts to + "true". If omitted, the default is "false". More info: + https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: boolean volumeID: - description: 'Unique ID of the persistent disk resource - in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore' + description: |- + Unique ID of the persistent disk resource in AWS (Amazon EBS volume). More + info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore type: string required: - volumeID type: object azureDisk: - description: AzureDisk represents an Azure Data Disk mount - on the host and bind mount to the pod. + description: |- + AzureDisk represents an Azure Data Disk mount on the host and bind mount to the + pod. properties: cachingMode: description: 'Host Caching mode: None, Read Only, Read @@ -389,33 +406,35 @@ spec: description: The URI the data disk in the blob storage type: string fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. type: string kind: - description: 'Expected values Shared: multiple blob - disks per storage account Dedicated: single blob - disk per storage account Managed: azure managed data - disk (only in managed availability set). defaults - to shared' + description: |- + Expected values Shared: multiple blob disks per storage account Dedicated: + single blob disk per storage account Managed: azure managed data disk (only in + managed availability set). defaults to shared type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + Defaults to false (read/write). ReadOnly here will force the ReadOnly setting + in VolumeMounts. type: boolean required: - diskName - diskURI type: object azureFile: - description: AzureFile represents an Azure File Service - mount on the host and bind mount to the pod. + description: |- + AzureFile represents an Azure File Service mount on the host and bind mount to + the pod. properties: readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + Defaults to false (read/write). ReadOnly here will force the ReadOnly setting + in VolumeMounts. type: boolean secretName: description: the name of secret that contains Azure @@ -433,71 +452,82 @@ spec: that shares a pod's lifetime properties: monitors: - description: 'Required: Monitors is a collection of - Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + Required: Monitors is a collection of Ceph monitors More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it items: type: string type: array path: - description: 'Optional: Used as the mounted root, rather - than the full Ceph tree, default is /' + description: |- + Optional: Used as the mounted root, rather than the full Ceph tree, default is + / type: string readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: boolean secretFile: - description: 'Optional: SecretFile is the path to key - ring for User, default is /etc/ceph/user.secret More - info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + Optional: SecretFile is the path to key ring for User, default is + /etc/ceph/user.secret More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string secretRef: - description: 'Optional: SecretRef is reference to the - authentication secret for User, default is empty. - More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + Optional: SecretRef is reference to the authentication secret for User, default + is empty. More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object user: - description: 'Optional: User is the rados user name, - default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it' + description: |- + Optional: User is the rados user name, default is admin More info: + https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it type: string required: - monitors type: object cinder: - description: 'Cinder represents a cinder volume attached - and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + Cinder represents a cinder volume attached and mounted on kubelets host + machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md properties: fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be + "ext4" if unspecified. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md type: string readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts. - More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md type: boolean secretRef: - description: 'Optional: points to a secret object containing - parameters used to connect to OpenStack.' + description: |- + Optional: points to a secret object containing parameters used to connect to + OpenStack. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object volumeID: - description: 'volume id used to identify the volume - in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md' + description: |- + volume id used to identify the volume in cinder. More info: + https://examples.k8s.io/mysql-cinder-pd/README.md type: string required: - volumeID @@ -507,27 +537,23 @@ spec: populate this volume properties: defaultMode: - description: 'Optional: mode bits used to set permissions - on created files by default. Must be an octal value - between 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults - to 0644. Directories within the path are not affected - by this setting. This might be in conflict with other - options that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. type: integer items: - description: If unspecified, each key-value pair in - the Data field of the referenced ConfigMap will be - projected into the volume as a file whose name is - the key and content is the value. If specified, the - listed keys will be projected into the specified paths, - and unlisted keys will not be present. If a key is - specified which is not present in the ConfigMap, the - volume setup will error unless it is marked optional. - Paths must be relative and may not contain the '..' - path or start with '..'. + description: |- + If unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the key and + content is the value. If specified, the listed keys will be projected into the + specified paths, and unlisted keys will not be present. If a key is specified + which is not present in the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain the '..' path or + start with '..'. items: description: Maps a string key to a path within a volume. @@ -536,22 +562,18 @@ spec: description: The key to project. type: string mode: - description: 'Optional: mode bits used to set - permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set.' + description: |- + Optional: mode bits used to set permissions on this file. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: The relative path of the file to - map the key to. May not be an absolute path. - May not contain the path element '..'. May not - start with the string '..'. + description: |- + The relative path of the file to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start with the string '..'. type: string required: - key @@ -559,8 +581,9 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string optional: description: Specify whether the ConfigMap or its keys @@ -568,76 +591,75 @@ spec: type: boolean type: object csi: - description: CSI (Container Storage Interface) represents - ephemeral storage that is handled by certain external - CSI drivers (Beta feature). + description: |- + CSI (Container Storage Interface) represents ephemeral storage that is handled + by certain external CSI drivers (Beta feature). properties: driver: - description: Driver is the name of the CSI driver that - handles this volume. Consult with your admin for the - correct name as registered in the cluster. + description: |- + Driver is the name of the CSI driver that handles this volume. Consult with + your admin for the correct name as registered in the cluster. type: string fsType: - description: Filesystem type to mount. Ex. "ext4", "xfs", - "ntfs". If not provided, the empty value is passed - to the associated CSI driver which will determine - the default filesystem to apply. + description: |- + Filesystem type to mount. Ex. "ext4", "xfs", "ntfs". If not provided, the empty + value is passed to the associated CSI driver which will determine the default + filesystem to apply. type: string nodePublishSecretRef: - description: NodePublishSecretRef is a reference to - the secret object containing sensitive information - to pass to the CSI driver to complete the CSI NodePublishVolume - and NodeUnpublishVolume calls. This field is optional, - and may be empty if no secret is required. If the - secret object contains more than one secret, all secret - references are passed. + description: |- + NodePublishSecretRef is a reference to the secret object containing sensitive + information to pass to the CSI driver to complete the CSI NodePublishVolume and + NodeUnpublishVolume calls. This field is optional, and may be empty if no + secret is required. If the secret object contains more than one secret, all + secret references are passed. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object readOnly: - description: Specifies a read-only configuration for - the volume. Defaults to false (read/write). + description: |- + Specifies a read-only configuration for the volume. Defaults to false + (read/write). type: boolean volumeAttributes: - description: VolumeAttributes stores driver-specific - properties that are passed to the CSI driver. Consult - your driver's documentation for supported values. + description: |- + VolumeAttributes stores driver-specific properties that are passed to the CSI + driver. Consult your driver's documentation for supported values. x-kubernetes-preserve-unknown-fields: true required: - driver type: object downwardAPI: - description: DownwardAPI represents downward API about the - pod that should populate this volume + description: |- + DownwardAPI represents downward API about the pod that should populate this + volume properties: defaultMode: - description: 'Optional: mode bits to use on created - files by default. Must be a Optional: mode bits used - to set permissions on created files by default. Must - be an octal value between 0000 and 0777 or a decimal - value between 0 and 511. YAML accepts both octal and - decimal values, JSON requires decimal values for mode - bits. Defaults to 0644. Directories within the path - are not affected by this setting. This might be in - conflict with other options that affect the file mode, - like fsGroup, and the result can be other mode bits - set.' + description: |- + Optional: mode bits to use on created files by default. Must be a Optional: + mode bits used to set permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. + Defaults to 0644. Directories within the path are not affected by this setting. + This might be in conflict with other options that affect the file mode, like + fsGroup, and the result can be other mode bits set. type: integer items: description: Items is a list of downward API volume file items: - description: DownwardAPIVolumeFile represents information - to create the file containing the pod field + description: |- + DownwardAPIVolumeFile represents information to create the file containing the + pod field properties: fieldRef: - description: 'Required: Selects a field of the - pod: only annotations, labels, name and namespace - are supported.' + description: |- + Required: Selects a field of the pod: only annotations, labels, name and + namespace are supported. properties: apiVersion: description: Version of the schema the FieldPath @@ -651,29 +673,25 @@ spec: - fieldPath type: object mode: - description: 'Optional: mode bits used to set - permissions on this file, must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: 'Required: Path is the relative - path name of the file to be created. Must not - be absolute or contain the ''..'' path. Must - be utf-8 encoded. The first item of the relative - path must not start with ''..''' + description: |- + Required: Path is the relative path name of the file to be created. Must not + be absolute or contain the '..' path. Must be utf-8 encoded. The first item of + the relative path must not start with '..' type: string resourceFieldRef: - description: 'Selects a resource of the container: - only resources limits and requests (limits.cpu, - limits.memory, requests.cpu and requests.memory) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently + supported. properties: containerName: description: 'Container name: required for @@ -695,107 +713,98 @@ spec: type: array type: object emptyDir: - description: 'EmptyDir represents a temporary directory - that shares a pod''s lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + EmptyDir represents a temporary directory that shares a pod's lifetime. More + info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir properties: medium: - description: 'What type of storage medium should back - this directory. The default is "" which means to use - the node''s default medium. Must be an empty string - (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir' + description: |- + What type of storage medium should back this directory. The default is "" which + means to use the node's default medium. Must be an empty string (default) or + Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir type: string sizeLimit: - description: 'Total amount of local storage required - for this EmptyDir volume. The size limit is also applicable - for memory medium. The maximum usage on memory medium - EmptyDir would be the minimum value between the SizeLimit - specified here and the sum of memory limits of all - containers in a pod. The default is nil which means - that the limit is undefined. More info: http://kubernetes.io/docs/user-guide/volumes#emptydir' + description: |- + Total amount of local storage required for this EmptyDir volume. The size limit + is also applicable for memory medium. The maximum usage on memory medium + EmptyDir would be the minimum value between the SizeLimit specified here and + the sum of memory limits of all containers in a pod. The default is nil which + means that the limit is undefined. More info: + http://kubernetes.io/docs/user-guide/volumes#emptydir x-kubernetes-preserve-unknown-fields: true type: object ephemeral: - description: 'Ephemeral represents a volume that is handled - by a cluster storage driver. The volume''s lifecycle is - tied to the pod that defines it - it will be created before - the pod starts, and deleted when the pod is removed. Use - this if: a) the volume is only needed while the pod runs, - b) features of normal volumes like restoring from snapshot - or capacity tracking are needed, c) the storage driver - is specified through a storage class, and d) the storage - driver supports dynamic volume provisioning through a - PersistentVolumeClaim (see EphemeralVolumeSource for more information - on the connection between this volume type and PersistentVolumeClaim). - Use PersistentVolumeClaim or one of the vendor-specific - APIs for volumes that persist for longer than the lifecycle - of an individual pod. Use CSI for light-weight local ephemeral - volumes if the CSI driver is meant to be used that way - - see the documentation of the driver for more information. - A pod can use both types of ephemeral volumes and persistent - volumes at the same time. This is a beta feature and only - available when the GenericEphemeralVolume feature gate - is enabled.' + description: |- + Ephemeral represents a volume that is handled by a cluster storage driver. The + volume's lifecycle is tied to the pod that defines it - it will be created + before the pod starts, and deleted when the pod is removed. + Use this if: a) the volume is only needed while the pod runs, b) features of + normal volumes like restoring from snapshot or capacity tracking are needed, + c) the storage driver is specified through a storage class, and d) the storage + driver supports dynamic volume provisioning through a PersistentVolumeClaim + (see EphemeralVolumeSource for more information on the connection between + this volume type and PersistentVolumeClaim). + Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that + persist for longer than the lifecycle of an individual pod. + Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to + be used that way - see the documentation of the driver for more information. + A pod can use both types of ephemeral volumes and persistent volumes at the + same time. + This is a beta feature and only available when the GenericEphemeralVolume + feature gate is enabled. properties: volumeClaimTemplate: - description: Will be used to create a stand-alone PVC - to provision the volume. The pod in which this EphemeralVolumeSource - is embedded will be the owner of the PVC, i.e. the - PVC will be deleted together with the pod. The name - of the PVC will be `-` where - `` is the name from the `PodSpec.Volumes` - array entry. Pod validation will reject the pod if - the concatenated name is not valid for a PVC (for - example, too long). An existing PVC with that name - that is not owned by the pod will *not* be used for - the pod to avoid using an unrelated volume by mistake. - Starting the pod is then blocked until the unrelated - PVC is removed. If such a pre-created PVC is meant - to be used by the pod, the PVC has to updated with - an owner reference to the pod once the pod exists. - Normally this should not be necessary, but it may + description: |- + Will be used to create a stand-alone PVC to provision the volume. The pod in + which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. + the PVC will be deleted together with the pod. The name of the PVC will be + `-` where `` is the name from the + `PodSpec.Volumes` array entry. Pod validation will reject the pod if the + concatenated name is not valid for a PVC (for example, too long). + An existing PVC with that name that is not owned by the pod will *not* be used + for the pod to avoid using an unrelated volume by mistake. Starting the pod is + then blocked until the unrelated PVC is removed. If such a pre-created PVC is + meant to be used by the pod, the PVC has to updated with an owner reference to + the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. - This field is read-only and no changes will be made - by Kubernetes to the PVC after it has been created. - Required, must not be nil. + This field is read-only and no changes will be made by Kubernetes to the PVC + after it has been created. + Required, must not be nil. properties: metadata: - description: May contain labels and annotations - that will be copied into the PVC when creating - it. No other fields are allowed and will be rejected - during validation. + description: |- + May contain labels and annotations that will be copied into the PVC when + creating it. No other fields are allowed and will be rejected during + validation. x-kubernetes-preserve-unknown-fields: true spec: - description: The specification for the PersistentVolumeClaim. - The entire content is copied unchanged into the - PVC that gets created from this template. The - same fields as in a PersistentVolumeClaim are - also valid here. + description: |- + The specification for the PersistentVolumeClaim. The entire content is copied + unchanged into the PVC that gets created from this template. The same fields as + in a PersistentVolumeClaim are also valid here. properties: accessModes: - description: 'AccessModes contains the desired - access modes the volume should have. More - info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' + description: |- + AccessModes contains the desired access modes the volume should have. More + info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 items: type: string type: array dataSource: - description: 'This field can be used to specify - either: * An existing VolumeSnapshot object - (snapshot.storage.k8s.io/VolumeSnapshot) * - An existing PVC (PersistentVolumeClaim) If - the provisioner or an external controller - can support the specified data source, it - will create a new volume based on the contents - of the specified data source. If the AnyVolumeDataSource - feature gate is enabled, this field will always - have the same contents as the DataSourceRef - field.' + description: |- + This field can be used to specify either: * An existing VolumeSnapshot object + (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC + (PersistentVolumeClaim) If the provisioner or an external controller can + support the specified data source, it will create a new volume based on the + contents of the specified data source. If the AnyVolumeDataSource feature gate + is enabled, this field will always have the same contents as the DataSourceRef + field. properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other + description: |- + APIGroup is the group for the resource being referenced. If APIGroup is not + specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: @@ -811,38 +820,27 @@ spec: - name type: object dataSourceRef: - description: 'Specifies the object from which - to populate the volume with data, if a non-empty - volume is desired. This may be any local object - from a non-empty API group (non core object) - or a PersistentVolumeClaim object. When this - field is specified, volume binding will only - succeed if the type of the specified object - matches some installed volume populator or - dynamic provisioner. This field will replace - the functionality of the DataSource field - and as such if both fields are non-empty, - they must have the same value. For backwards - compatibility, both fields (DataSource and - DataSourceRef) will be set to the same value - automatically if one of them is empty and - the other is non-empty. There are two important - differences between DataSource and DataSourceRef: - * While DataSource only allows two specific - types of objects, DataSourceRef allows any - non-core object, as well as PersistentVolumeClaim - objects. * While DataSource ignores disallowed - values (dropping them), DataSourceRef preserves - all values, and generates an error if a disallowed - value is specified. (Alpha) Using this field - requires the AnyVolumeDataSource feature gate - to be enabled.' + description: |- + Specifies the object from which to populate the volume with data, if a + non-empty volume is desired. This may be any local object from a non-empty API + group (non core object) or a PersistentVolumeClaim object. When this field is + specified, volume binding will only succeed if the type of the specified object + matches some installed volume populator or dynamic provisioner. This field will + replace the functionality of the DataSource field and as such if both fields + are non-empty, they must have the same value. For backwards compatibility, both + fields (DataSource and DataSourceRef) will be set to the same value + automatically if one of them is empty and the other is non-empty. There are two + important differences between DataSource and DataSourceRef: * While DataSource + only allows two specific types of objects, DataSourceRef allows any non-core + object, as well as PersistentVolumeClaim objects. * While DataSource ignores + disallowed values (dropping them), DataSourceRef preserves all values, and + generates an error if a disallowed value is specified. (Alpha) Using this + field requires the AnyVolumeDataSource feature gate to be enabled. properties: apiGroup: - description: APIGroup is the group for the - resource being referenced. If APIGroup - is not specified, the specified Kind must - be in the core API group. For any other + description: |- + APIGroup is the group for the resource being referenced. If APIGroup is not + specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required. type: string kind: @@ -858,22 +856,21 @@ spec: - name type: object resources: - description: 'Resources represents the minimum - resources the volume should have. More info: - https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' + description: |- + Resources represents the minimum resources the volume should have. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources properties: limits: - description: 'Limits describes the maximum - amount of compute resources allowed. More - info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Limits describes the maximum amount of compute resources allowed. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ x-kubernetes-preserve-unknown-fields: true requests: - description: 'Requests describes the minimum - amount of compute resources required. - If Requests is omitted for a container, - it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined - value. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/' + description: |- + Requests describes the minimum amount of compute resources required. If + Requests is omitted for a container, it defaults to Limits if that is + explicitly specified, otherwise to an implementation-defined value. More info: + https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ x-kubernetes-preserve-unknown-fields: true type: object selector: @@ -881,34 +878,28 @@ spec: for binding. properties: matchExpressions: - description: matchExpressions is a list - of label selector requirements. The requirements - are ANDed. + description: |- + matchExpressions is a list of label selector requirements. The requirements are + ANDed. items: - description: A label selector requirement - is a selector that contains values, - a key, and an operator that relates - the key and values. + description: |- + A label selector requirement is a selector that contains values, a key, and an + operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: - description: operator represents a - key's relationship to a set of values. - Valid operators are In, NotIn, Exists - and DoesNotExist. + description: |- + operator represents a key's relationship to a set of values. Valid operators + are In, NotIn, Exists and DoesNotExist. type: string values: - description: values is an array of - string values. If the operator is - In or NotIn, the values array must - be non-empty. If the operator is - Exists or DoesNotExist, the values - array must be empty. This array - is replaced during a strategic merge - patch. + description: |- + values is an array of string values. If the operator is In or NotIn, the values + array must be non-empty. If the operator is Exists or DoesNotExist, the values + array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array @@ -918,23 +909,22 @@ spec: type: object type: array matchLabels: - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator - is "In", and the values array contains - only "value". The requirements are ANDed. + description: |- + matchLabels is a map of {key,value} pairs. A single {key,value} in the + matchLabels map is equivalent to an element of matchExpressions, whose key + field is "key", the operator is "In", and the values array contains only + "value". The requirements are ANDed. x-kubernetes-preserve-unknown-fields: true type: object storageClassName: - description: 'Name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' + description: |- + Name of the StorageClass required by the claim. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 type: string volumeMode: - description: volumeMode defines what type of - volume is required by the claim. Value of - Filesystem is implied when not included in - claim spec. + description: |- + volumeMode defines what type of volume is required by the claim. Value of + Filesystem is implied when not included in claim spec. type: string volumeName: description: VolumeName is the binding reference @@ -946,23 +936,24 @@ spec: type: object type: object fc: - description: FC represents a Fibre Channel resource that - is attached to a kubelet's host machine and then exposed - to the pod. + description: |- + FC represents a Fibre Channel resource that is attached to a kubelet's host + machine and then exposed to the pod. properties: fsType: - description: 'Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified. TODO: how do we prevent errors in the - filesystem from compromising the machine' + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. TODO: how do we prevent errors in the filesystem from + compromising the machine type: string lun: description: 'Optional: FC target lun number' type: integer readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' + description: |- + Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. type: boolean targetWWNs: description: 'Optional: FC target worldwide names (WWNs)' @@ -970,60 +961,61 @@ spec: type: string type: array wwids: - description: 'Optional: FC volume world wide identifiers - (wwids) Either wwids or combination of targetWWNs - and lun must be set, but not both simultaneously.' + description: |- + Optional: FC volume world wide identifiers (wwids) Either wwids or combination + of targetWWNs and lun must be set, but not both simultaneously. items: type: string type: array type: object flexVolume: - description: FlexVolume represents a generic volume resource - that is provisioned/attached using an exec based plugin. + description: |- + FlexVolume represents a generic volume resource that is provisioned/attached + using an exec based plugin. properties: driver: description: Driver is the name of the driver to use for this volume. type: string fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". The default filesystem depends on FlexVolume - script. + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". The default filesystem depends on + FlexVolume script. type: string options: description: 'Optional: Extra command options if any.' x-kubernetes-preserve-unknown-fields: true readOnly: - description: 'Optional: Defaults to false (read/write). - ReadOnly here will force the ReadOnly setting in VolumeMounts.' + description: |- + Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly + setting in VolumeMounts. type: boolean secretRef: - description: 'Optional: SecretRef is reference to the - secret object containing sensitive information to - pass to the plugin scripts. This may be empty if no - secret object is specified. If the secret object contains - more than one secret, all secrets are passed to the - plugin scripts.' + description: |- + Optional: SecretRef is reference to the secret object containing sensitive + information to pass to the plugin scripts. This may be empty if no secret + object is specified. If the secret object contains more than one secret, all + secrets are passed to the plugin scripts. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object required: - driver type: object flocker: - description: Flocker represents a Flocker volume attached - to a kubelet's host machine. This depends on the Flocker - control service being running + description: |- + Flocker represents a Flocker volume attached to a kubelet's host machine. This + depends on the Flocker control service being running properties: datasetName: - description: Name of the dataset stored as metadata - -> name on the dataset for Flocker should be considered - as deprecated + description: |- + Name of the dataset stored as metadata -> name on the dataset for Flocker + should be considered as deprecated type: string datasetUUID: description: UUID of the dataset. This is unique identifier @@ -1031,52 +1023,54 @@ spec: type: string type: object gcePersistentDisk: - description: 'GCEPersistentDisk represents a GCE Disk resource - that is attached to a kubelet''s host machine and then - exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + GCEPersistentDisk represents a GCE Disk resource that is attached to a + kubelet's host machine and then exposed to the pod. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk properties: fsType: - description: 'Filesystem type of the volume that you - want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + Filesystem type of the volume that you want to mount. Tip: Ensure that the + filesystem type is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how + do we prevent errors in the filesystem from compromising the machine type: string partition: - description: 'The partition in the volume that you want - to mount. If omitted, the default is to mount by volume - name. Examples: For volume /dev/sda1, you specify - the partition as "1". Similarly, the volume partition - for /dev/sda is "0" (or you can leave the property - empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + The partition in the volume that you want to mount. If omitted, the default is + to mount by volume name. Examples: For volume /dev/sda1, you specify the + partition as "1". Similarly, the volume partition for /dev/sda is "0" (or you + can leave the property empty). More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: integer pdName: - description: 'Unique name of the PD resource in GCE. - Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + Unique name of the PD resource in GCE. Used to identify the disk in GCE. More + info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: string readOnly: - description: 'ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk' + description: |- + ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to + false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk type: boolean required: - pdName type: object gitRepo: - description: 'GitRepo represents a git repository at a particular - revision. DEPRECATED: GitRepo is deprecated. To provision - a container with a git repo, mount an EmptyDir into an - InitContainer that clones the repo using git, then mount - the EmptyDir into the Pod''s container.' + description: |- + GitRepo represents a git repository at a particular revision. DEPRECATED: + GitRepo is deprecated. To provision a container with a git repo, mount an + EmptyDir into an InitContainer that clones the repo using git, then mount the + EmptyDir into the Pod's container. properties: directory: - description: Target directory name. Must not contain - or start with '..'. If '.' is supplied, the volume - directory will be the git repository. Otherwise, - if specified, the volume will contain the git repository - in the subdirectory with the given name. + description: |- + Target directory name. Must not contain or start with '..'. If '.' is + supplied, the volume directory will be the git repository. Otherwise, if + specified, the volume will contain the git repository in the subdirectory with + the given name. type: string repository: description: Repository URL @@ -1088,53 +1082,59 @@ spec: - repository type: object glusterfs: - description: 'Glusterfs represents a Glusterfs mount on - the host that shares a pod''s lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md' + description: |- + Glusterfs represents a Glusterfs mount on the host that shares a pod's + lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md properties: endpoints: - description: 'EndpointsName is the endpoint name that - details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + EndpointsName is the endpoint name that details Glusterfs topology. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string path: - description: 'Path is the Glusterfs volume path. More - info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + Path is the Glusterfs volume path. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: string readOnly: - description: 'ReadOnly here will force the Glusterfs - volume to be mounted with read-only permissions. Defaults - to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod' + description: |- + ReadOnly here will force the Glusterfs volume to be mounted with read-only + permissions. Defaults to false. More info: + https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod type: boolean required: - endpoints - path type: object hostPath: - description: 'HostPath represents a pre-existing file or - directory on the host machine that is directly exposed - to the container. This is generally used for system agents - or other privileged things that are allowed to see the - host machine. Most containers will NOT need this. More - info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - --- TODO(jonesdl) We need to restrict who can use host - directory mounts and who can/can not mount host directories - as read/write.' + description: |- + HostPath represents a pre-existing file or directory on the host machine that + is directly exposed to the container. This is generally used for system agents + or other privileged things that are allowed to see the host machine. Most + containers will NOT need this. More info: + https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) + We need to restrict who can use host directory mounts and who can/can not mount + host directories as read/write. properties: path: - description: 'Path of the directory on the host. If - the path is a symlink, it will follow the link to - the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + Path of the directory on the host. If the path is a symlink, it will follow the + link to the real path. More info: + https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string type: - description: 'Type for HostPath Volume Defaults to "" - More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath' + description: |- + Type for HostPath Volume Defaults to "" More info: + https://kubernetes.io/docs/concepts/storage/volumes#hostpath type: string required: - path type: object iscsi: - description: 'ISCSI represents an ISCSI Disk resource that - is attached to a kubelet''s host machine and then exposed - to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md' + description: |- + ISCSI represents an ISCSI Disk resource that is attached to a kubelet's host + machine and then exposed to the pod. More info: + https://examples.k8s.io/volumes/iscsi/README.md properties: chapAuthDiscovery: description: whether support iSCSI Discovery CHAP authentication @@ -1143,19 +1143,18 @@ spec: description: whether support iSCSI Session CHAP authentication type: boolean fsType: - description: 'Filesystem type of the volume that you - want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + Filesystem type of the volume that you want to mount. Tip: Ensure that the + filesystem type is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we + prevent errors in the filesystem from compromising the machine type: string initiatorName: - description: Custom iSCSI Initiator Name. If initiatorName - is specified with iscsiInterface simultaneously, new - iSCSI interface : will - be created for the connection. + description: |- + Custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface + simultaneously, new iSCSI interface : will be + created for the connection. type: string iqn: description: Target iSCSI Qualified Name. @@ -1168,30 +1167,31 @@ spec: description: iSCSI Target Lun number. type: integer portals: - description: iSCSI Target Portal List. The portal is - either an IP or ip_addr:port if the port is other - than default (typically TCP ports 860 and 3260). + description: |- + iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the + port is other than default (typically TCP ports 860 and 3260). items: type: string type: array readOnly: - description: ReadOnly here will force the ReadOnly setting - in VolumeMounts. Defaults to false. + description: |- + ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to + false. type: boolean secretRef: description: CHAP Secret for iSCSI target and initiator authentication properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object targetPortal: - description: iSCSI Target Portal. The Portal is either - an IP or ip_addr:port if the port is other than default - (typically TCP ports 860 and 3260). + description: |- + iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is + other than default (typically TCP ports 860 and 3260). type: string required: - iqn @@ -1199,39 +1199,46 @@ spec: - targetPortal type: object name: - description: 'Volume''s name. Must be a DNS_LABEL and unique - within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Volume's name. Must be a DNS_LABEL and unique within the pod. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string nfs: - description: 'NFS represents an NFS mount on the host that - shares a pod''s lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + NFS represents an NFS mount on the host that shares a pod's lifetime More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs properties: path: - description: 'Path that is exported by the NFS server. - More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + Path that is exported by the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string readOnly: - description: 'ReadOnly here will force the NFS export - to be mounted with read-only permissions. Defaults - to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + ReadOnly here will force the NFS export to be mounted with read-only + permissions. Defaults to false. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs type: boolean server: - description: 'Server is the hostname or IP address of - the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs' + description: |- + Server is the hostname or IP address of the NFS server. More info: + https://kubernetes.io/docs/concepts/storage/volumes#nfs type: string required: - path - server type: object persistentVolumeClaim: - description: 'PersistentVolumeClaimVolumeSource represents - a reference to a PersistentVolumeClaim in the same namespace. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + PersistentVolumeClaimVolumeSource represents a reference to a + PersistentVolumeClaim in the same namespace. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims properties: claimName: - description: 'ClaimName is the name of a PersistentVolumeClaim - in the same namespace as the pod using this volume. - More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims' + description: |- + ClaimName is the name of a PersistentVolumeClaim in the same namespace as the + pod using this volume. More info: + https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims type: string readOnly: description: Will force the ReadOnly setting in VolumeMounts. @@ -1241,15 +1248,15 @@ spec: - claimName type: object photonPersistentDisk: - description: PhotonPersistentDisk represents a PhotonController - persistent disk attached and mounted on kubelets host - machine + description: |- + PhotonPersistentDisk represents a PhotonController persistent disk attached and + mounted on kubelets host machine properties: fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. type: string pdID: description: ID that identifies Photon Controller persistent @@ -1259,18 +1266,20 @@ spec: - pdID type: object portworxVolume: - description: PortworxVolume represents a portworx volume - attached and mounted on kubelets host machine + description: |- + PortworxVolume represents a portworx volume attached and mounted on kubelets + host machine properties: fsType: - description: FSType represents the filesystem type to - mount Must be a filesystem type supported by the host - operating system. Ex. "ext4", "xfs". Implicitly inferred + description: |- + FSType represents the filesystem type to mount Must be a filesystem type + supported by the host operating system. Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + Defaults to false (read/write). ReadOnly here will force the ReadOnly setting + in VolumeMounts. type: boolean volumeID: description: VolumeID uniquely identifies a Portworx @@ -1284,15 +1293,13 @@ spec: and downward API properties: defaultMode: - description: Mode bits used to set permissions on created - files by default. Must be an octal value between 0000 - and 0777 or a decimal value between 0 and 511. YAML - accepts both octal and decimal values, JSON requires - decimal values for mode bits. Directories within the - path are not affected by this setting. This might - be in conflict with other options that affect the - file mode, like fsGroup, and the result can be other - mode bits set. + description: |- + Mode bits used to set permissions on created files by default. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. + Directories within the path are not affected by this setting. This might be in + conflict with other options that affect the file mode, like fsGroup, and the + result can be other mode bits set. type: integer sources: description: list of volume projections @@ -1305,18 +1312,14 @@ spec: to project properties: items: - description: If unspecified, each key-value - pair in the Data field of the referenced - ConfigMap will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the ConfigMap, the volume setup will - error unless it is marked optional. Paths - must be relative and may not contain the - '..' path or start with '..'. + description: |- + If unspecified, each key-value pair in the Data field of the referenced + ConfigMap will be projected into the volume as a file whose name is the key and + content is the value. If specified, the listed keys will be projected into the + specified paths, and unlisted keys will not be present. If a key is specified + which is not present in the ConfigMap, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain the '..' path or + start with '..'. items: description: Maps a string key to a path within a volume. @@ -1325,25 +1328,18 @@ spec: description: The key to project. type: string mode: - description: 'Optional: mode bits used - to set permissions on this file. Must - be an octal value between 0000 and - 0777 or a decimal value between 0 - and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, - like fsGroup, and the result can be - other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: The relative path of the - file to map the key to. May not be - an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: |- + The relative path of the file to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start with the string '..'. type: string required: - key @@ -1351,10 +1347,9 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the ConfigMap @@ -1369,14 +1364,14 @@ spec: description: Items is a list of DownwardAPIVolume file items: - description: DownwardAPIVolumeFile represents - information to create the file containing - the pod field + description: |- + DownwardAPIVolumeFile represents information to create the file containing the + pod field properties: fieldRef: - description: 'Required: Selects a field - of the pod: only annotations, labels, - name and namespace are supported.' + description: |- + Required: Selects a field of the pod: only annotations, labels, name and + namespace are supported. properties: apiVersion: description: Version of the schema @@ -1391,33 +1386,25 @@ spec: - fieldPath type: object mode: - description: 'Optional: mode bits used - to set permissions on this file, must - be an octal value between 0000 and - 0777 or a decimal value between 0 - and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, - like fsGroup, and the result can be - other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file, must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: 'Required: Path is the - relative path name of the file to - be created. Must not be absolute or - contain the ''..'' path. Must be utf-8 - encoded. The first item of the relative - path must not start with ''..''' + description: |- + Required: Path is the relative path name of the file to be created. Must not + be absolute or contain the '..' path. Must be utf-8 encoded. The first item of + the relative path must not start with '..' type: string resourceFieldRef: - description: 'Selects a resource of - the container: only resources limits - and requests (limits.cpu, limits.memory, - requests.cpu and requests.memory) - are currently supported.' + description: |- + Selects a resource of the container: only resources limits and requests + (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently + supported. properties: containerName: description: 'Container name: required @@ -1446,18 +1433,14 @@ spec: to project properties: items: - description: If unspecified, each key-value - pair in the Data field of the referenced - Secret will be projected into the volume - as a file whose name is the key and content - is the value. If specified, the listed keys - will be projected into the specified paths, - and unlisted keys will not be present. If - a key is specified which is not present - in the Secret, the volume setup will error - unless it is marked optional. Paths must - be relative and may not contain the '..' - path or start with '..'. + description: |- + If unspecified, each key-value pair in the Data field of the referenced Secret + will be projected into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected into the + specified paths, and unlisted keys will not be present. If a key is specified + which is not present in the Secret, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain the '..' path or + start with '..'. items: description: Maps a string key to a path within a volume. @@ -1466,25 +1449,18 @@ spec: description: The key to project. type: string mode: - description: 'Optional: mode bits used - to set permissions on this file. Must - be an octal value between 0000 and - 0777 or a decimal value between 0 - and 511. YAML accepts both octal and - decimal values, JSON requires decimal - values for mode bits. If not specified, - the volume defaultMode will be used. - This might be in conflict with other - options that affect the file mode, - like fsGroup, and the result can be - other mode bits set.' + description: |- + Optional: mode bits used to set permissions on this file. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: The relative path of the - file to map the key to. May not be - an absolute path. May not contain - the path element '..'. May not start - with the string '..'. + description: |- + The relative path of the file to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start with the string '..'. type: string required: - key @@ -1492,10 +1468,9 @@ spec: type: object type: array name: - description: 'Name of the referent. More info: + description: |- + Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, - kind, uid?' type: string optional: description: Specify whether the Secret or @@ -1507,29 +1482,25 @@ spec: data to project properties: audience: - description: Audience is the intended audience - of the token. A recipient of a token must - identify itself with an identifier specified - in the audience of the token, and otherwise - should reject the token. The audience defaults - to the identifier of the apiserver. + description: |- + Audience is the intended audience of the token. A recipient of a token must + identify itself with an identifier specified in the audience of the token, and + otherwise should reject the token. The audience defaults to the identifier of + the apiserver. type: string expirationSeconds: - description: ExpirationSeconds is the requested - duration of validity of the service account - token. As the token approaches expiration, - the kubelet volume plugin will proactively - rotate the service account token. The kubelet - will start trying to rotate the token if - the token is older than 80 percent of its - time to live or if the token is older than - 24 hours.Defaults to 1 hour and must be - at least 10 minutes. + description: |- + ExpirationSeconds is the requested duration of validity of the service account + token. As the token approaches expiration, the kubelet volume plugin will + proactively rotate the service account token. The kubelet will start trying to + rotate the token if the token is older than 80 percent of its time to live or + if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 + minutes. type: integer path: - description: Path is the path relative to - the mount point of the file to project the - token into. + description: |- + Path is the path relative to the mount point of the file to project the token + into. type: string required: - path @@ -1546,20 +1517,20 @@ spec: no group type: string readOnly: - description: ReadOnly here will force the Quobyte volume - to be mounted with read-only permissions. Defaults - to false. + description: |- + ReadOnly here will force the Quobyte volume to be mounted with read-only + permissions. Defaults to false. type: boolean registry: - description: Registry represents a single or multiple - Quobyte Registry services specified as a string as - host:port pair (multiple entries are separated with - commas) which acts as the central registry for volumes + description: |- + Registry represents a single or multiple Quobyte Registry services specified as + a string as host:port pair (multiple entries are separated with commas) which + acts as the central registry for volumes type: string tenant: - description: Tenant owning the given Quobyte volume - in the Backend Used with dynamically provisioned Quobyte - volumes, value is set by the plugin + description: |- + Tenant owning the given Quobyte volume in the Backend Used with dynamically + provisioned Quobyte volumes, value is set by the plugin type: string user: description: User to map volume access to Defaults to @@ -1574,68 +1545,75 @@ spec: - volume type: object rbd: - description: 'RBD represents a Rados Block Device mount - on the host that shares a pod''s lifetime. More info: - https://examples.k8s.io/volumes/rbd/README.md' + description: |- + RBD represents a Rados Block Device mount on the host that shares a pod's + lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md properties: fsType: - description: 'Filesystem type of the volume that you - want to mount. Tip: Ensure that the filesystem type - is supported by the host operating system. Examples: - "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" - if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - TODO: how do we prevent errors in the filesystem from - compromising the machine' + description: |- + Filesystem type of the volume that you want to mount. Tip: Ensure that the + filesystem type is supported by the host operating system. Examples: "ext4", + "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. More info: + https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent + errors in the filesystem from compromising the machine type: string image: - description: 'The rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + The rados image name. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string keyring: - description: 'Keyring is the path to key ring for RBDUser. - Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + Keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More + info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string monitors: - description: 'A collection of Ceph monitors. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + A collection of Ceph monitors. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it items: type: string type: array pool: - description: 'The rados pool name. Default is rbd. More - info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + The rados pool name. Default is rbd. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string readOnly: - description: 'ReadOnly here will force the ReadOnly - setting in VolumeMounts. Defaults to false. More info: - https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + ReadOnly here will force the ReadOnly setting in VolumeMounts. Defaults to + false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: boolean secretRef: - description: 'SecretRef is name of the authentication - secret for RBDUser. If provided overrides keyring. - Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + SecretRef is name of the authentication secret for RBDUser. If provided + overrides keyring. Default is nil. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object user: - description: 'The rados user name. Default is admin. - More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it' + description: |- + The rados user name. Default is admin. More info: + https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it type: string required: - image - monitors type: object scaleIO: - description: ScaleIO represents a ScaleIO persistent volume - attached and mounted on Kubernetes nodes. + description: |- + ScaleIO represents a ScaleIO persistent volume attached and mounted on + Kubernetes nodes. properties: fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Default is "xfs". + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Default is "xfs". type: string gateway: description: The host address of the ScaleIO API Gateway. @@ -1645,18 +1623,19 @@ spec: for the configured storage. type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + Defaults to false (read/write). ReadOnly here will force the ReadOnly setting + in VolumeMounts. type: boolean secretRef: - description: SecretRef references to the secret for - ScaleIO user and other sensitive information. If this - is not provided, Login operation will fail. + description: |- + SecretRef references to the secret for ScaleIO user and other sensitive + information. If this is not provided, Login operation will fail. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object sslEnabled: @@ -1664,9 +1643,9 @@ spec: with Gateway, default false type: boolean storageMode: - description: Indicates whether the storage for a volume - should be ThickProvisioned or ThinProvisioned. Default - is ThinProvisioned. + description: |- + Indicates whether the storage for a volume should be ThickProvisioned or + ThinProvisioned. Default is ThinProvisioned. type: string storagePool: description: The ScaleIO Storage Pool associated with @@ -1677,9 +1656,9 @@ spec: in ScaleIO. type: string volumeName: - description: The name of a volume already created in - the ScaleIO system that is associated with this volume - source. + description: |- + The name of a volume already created in the ScaleIO system that is associated + with this volume source. type: string required: - gateway @@ -1687,31 +1666,28 @@ spec: - system type: object secret: - description: 'Secret represents a secret that should populate - this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + Secret represents a secret that should populate this volume. More info: + https://kubernetes.io/docs/concepts/storage/volumes#secret properties: defaultMode: - description: 'Optional: mode bits used to set permissions - on created files by default. Must be an octal value - between 0000 and 0777 or a decimal value between 0 - and 511. YAML accepts both octal and decimal values, - JSON requires decimal values for mode bits. Defaults - to 0644. Directories within the path are not affected - by this setting. This might be in conflict with other - options that affect the file mode, like fsGroup, and - the result can be other mode bits set.' + description: |- + Optional: mode bits used to set permissions on created files by default. Must + be an octal value between 0000 and 0777 or a decimal value between 0 and 511. + YAML accepts both octal and decimal values, JSON requires decimal values for + mode bits. Defaults to 0644. Directories within the path are not affected by + this setting. This might be in conflict with other options that affect the file + mode, like fsGroup, and the result can be other mode bits set. type: integer items: - description: If unspecified, each key-value pair in - the Data field of the referenced Secret will be projected - into the volume as a file whose name is the key and - content is the value. If specified, the listed keys - will be projected into the specified paths, and unlisted - keys will not be present. If a key is specified which - is not present in the Secret, the volume setup will - error unless it is marked optional. Paths must be - relative and may not contain the '..' path or start - with '..'. + description: |- + If unspecified, each key-value pair in the Data field of the referenced Secret + will be projected into the volume as a file whose name is the key and content + is the value. If specified, the listed keys will be projected into the + specified paths, and unlisted keys will not be present. If a key is specified + which is not present in the Secret, the volume setup will error unless it is + marked optional. Paths must be relative and may not contain the '..' path or + start with '..'. items: description: Maps a string key to a path within a volume. @@ -1720,22 +1696,18 @@ spec: description: The key to project. type: string mode: - description: 'Optional: mode bits used to set - permissions on this file. Must be an octal value - between 0000 and 0777 or a decimal value between - 0 and 511. YAML accepts both octal and decimal - values, JSON requires decimal values for mode - bits. If not specified, the volume defaultMode - will be used. This might be in conflict with - other options that affect the file mode, like - fsGroup, and the result can be other mode bits - set.' + description: |- + Optional: mode bits used to set permissions on this file. Must be an octal + value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts + both octal and decimal values, JSON requires decimal values for mode bits. If + not specified, the volume defaultMode will be used. This might be in conflict + with other options that affect the file mode, like fsGroup, and the result can + be other mode bits set. type: integer path: - description: The relative path of the file to - map the key to. May not be an absolute path. - May not contain the path element '..'. May not - start with the string '..'. + description: |- + The relative path of the file to map the key to. May not be an absolute path. + May not contain the path element '..'. May not start with the string '..'. type: string required: - key @@ -1747,65 +1719,68 @@ spec: must be defined type: boolean secretName: - description: 'Name of the secret in the pod''s namespace - to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret' + description: |- + Name of the secret in the pod's namespace to use. More info: + https://kubernetes.io/docs/concepts/storage/volumes#secret type: string type: object storageos: - description: StorageOS represents a StorageOS volume attached - and mounted on Kubernetes nodes. + description: |- + StorageOS represents a StorageOS volume attached and mounted on Kubernetes + nodes. properties: fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. type: string readOnly: - description: Defaults to false (read/write). ReadOnly - here will force the ReadOnly setting in VolumeMounts. + description: |- + Defaults to false (read/write). ReadOnly here will force the ReadOnly setting + in VolumeMounts. type: boolean secretRef: - description: SecretRef specifies the secret to use for - obtaining the StorageOS API credentials. If not specified, - default values will be attempted. + description: |- + SecretRef specifies the secret to use for obtaining the StorageOS API + credentials. If not specified, default values will be attempted. properties: name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string type: object volumeName: - description: VolumeName is the human-readable name of - the StorageOS volume. Volume names are only unique - within a namespace. + description: |- + VolumeName is the human-readable name of the StorageOS volume. Volume names + are only unique within a namespace. type: string volumeNamespace: - description: VolumeNamespace specifies the scope of - the volume within StorageOS. If no namespace is specified - then the Pod's namespace will be used. This allows - the Kubernetes name scoping to be mirrored within - StorageOS for tighter integration. Set VolumeName - to any name to override the default behaviour. Set - to "default" if you are not using namespaces within - StorageOS. Namespaces that do not pre-exist within - StorageOS will be created. + description: |- + VolumeNamespace specifies the scope of the volume within StorageOS. If no + namespace is specified then the Pod's namespace will be used. This allows the + Kubernetes name scoping to be mirrored within StorageOS for tighter + integration. Set VolumeName to any name to override the default behaviour. Set + to "default" if you are not using namespaces within StorageOS. Namespaces that + do not pre-exist within StorageOS will be created. type: string type: object vsphereVolume: - description: VsphereVolume represents a vSphere volume attached - and mounted on kubelets host machine + description: |- + VsphereVolume represents a vSphere volume attached and mounted on kubelets host + machine properties: fsType: - description: Filesystem type to mount. Must be a filesystem - type supported by the host operating system. Ex. "ext4", - "xfs", "ntfs". Implicitly inferred to be "ext4" if - unspecified. + description: |- + Filesystem type to mount. Must be a filesystem type supported by the host + operating system. Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" + if unspecified. type: string storagePolicyID: - description: Storage Policy Based Management (SPBM) - profile ID associated with the StoragePolicyName. + description: |- + Storage Policy Based Management (SPBM) profile ID associated with the + StoragePolicyName. type: string storagePolicyName: description: Storage Policy Based Management (SPBM) @@ -1823,8 +1798,9 @@ spec: type: array type: object installPlanApproval: - description: Approval is the user approval policy for an InstallPlan. - It must be one of "Automatic" or "Manual". + description: |- + Approval is the user approval policy for an InstallPlan. It must be one of + "Automatic" or "Manual". type: string name: description: Name corresponds to the JSON schema field "name". @@ -1848,12 +1824,14 @@ spec: description: Status corresponds to the JSON schema field "status". properties: catalogHealth: - description: CatalogHealth contains the Subscription's view of its - relevant CatalogSources' status. It is used to determine SubscriptionStatusConditions - related to CatalogSources. + description: |- + CatalogHealth contains the Subscription's view of its relevant CatalogSources' + status. It is used to determine SubscriptionStatusConditions related to + CatalogSources. items: - description: SubscriptionCatalogHealth describes the health of a - CatalogSource the Subscription knows about. + description: |- + SubscriptionCatalogHealth describes the health of a CatalogSource the + Subscription knows about. properties: catalogSourceRef: description: CatalogSourceRef is a reference to a CatalogSource. @@ -1862,34 +1840,41 @@ spec: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead - of an entire object, this string should contain a valid - JSON/Go field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container - within a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that - triggered the event) or if no container name is specified - "spec.containers[2]" (container with index 2 in this pod). - This syntax is chosen only to have some well-defined way - of referencing a part of an object. TODO: this design - is not final and this field is subject to change in the - future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as + desiredState.manifest.containers[2]. For example, if the object reference is to + a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that + triggered the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen only to have some + well-defined way of referencing a part of an object. TODO: this design is not + final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object healthy: @@ -1907,19 +1892,22 @@ spec: type: object type: array conditions: - description: Conditions is a list of the latest available observations - about a Subscription's current state. + description: |- + Conditions is a list of the latest available observations about a + Subscription's current state. items: - description: SubscriptionCondition represents the latest available - observations of a Subscription's state. + description: |- + SubscriptionCondition represents the latest available observations of a + Subscription's state. properties: lastHeartbeatTime: description: LastHeartbeatTime is the last time we got an update on a given condition type: string lastTransitionTime: - description: LastTransitionTime is the last time the condition - transit from one status to another + description: |- + LastTransitionTime is the last time the condition transit from one status to + another type: string message: description: Message is a human-readable message indicating @@ -1950,48 +1938,58 @@ spec: installplan type: integer installPlanRef: - description: InstallPlanRef is a reference to the latest InstallPlan - that contains the Subscription's current CSV. + description: |- + InstallPlanRef is a reference to the latest InstallPlan that contains the + Subscription's current CSV. properties: apiVersion: description: API version of the referent. type: string fieldPath: - description: 'If referring to a piece of an object instead of - an entire object, this string should contain a valid JSON/Go - field access statement, such as desiredState.manifest.containers[2]. - For example, if the object reference is to a container within - a pod, this would take on a value like: "spec.containers{name}" - (where "name" refers to the name of the container that triggered - the event) or if no container name is specified "spec.containers[2]" - (container with index 2 in this pod). This syntax is chosen - only to have some well-defined way of referencing a part of - an object. TODO: this design is not final and this field is - subject to change in the future.' + description: |- + If referring to a piece of an object instead of an entire object, this string + should contain a valid JSON/Go field access statement, such as + desiredState.manifest.containers[2]. For example, if the object reference is to + a container within a pod, this would take on a value like: + "spec.containers{name}" (where "name" refers to the name of the container that + triggered the event) or if no container name is specified "spec.containers[2]" + (container with index 2 in this pod). This syntax is chosen only to have some + well-defined way of referencing a part of an object. TODO: this design is not + final and this field is subject to change in the future. type: string kind: - description: 'Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: |- + Kind of the referent. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds type: string name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' + description: |- + Name of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names type: string namespace: - description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' + description: |- + Namespace of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ type: string resourceVersion: - description: 'Specific resourceVersion to which this reference - is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency' + description: |- + Specific resourceVersion to which this reference is made, if any. More info: + https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency type: string uid: - description: 'UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids' + description: |- + UID of the referent. More info: + https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids type: string type: object installedCSV: description: InstalledCSV is the CSV currently installed by the Subscription. type: string installplan: - description: 'Install is a reference to the latest InstallPlan generated - for the Subscription. DEPRECATED: InstallPlanRef' + description: |- + Install is a reference to the latest InstallPlan generated for the + Subscription. DEPRECATED: InstallPlanRef properties: apiVersion: description: ApiVersion corresponds to the JSON schema field "apiVersion". @@ -2003,10 +2001,10 @@ spec: description: Name corresponds to the JSON schema field "name". type: string uuid: - description: UID is a type that holds unique ID values, including - UUIDs. Because we don't ONLY use UUIDs, this is an alias to - string. Being a type captures intent and helps make sure that - UIDs and names do not get conflated. + description: |- + UID is a type that holds unique ID values, including UUIDs. Because we don't + ONLY use UUIDs, this is an alias to string. Being a type captures intent and + helps make sure that UIDs and names do not get conflated. type: string required: - apiVersion @@ -2033,9 +2031,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index ff5a9715c..88b7f5bb6 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -2,7 +2,6 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: manager-role rules: - apiGroups: @@ -23,19 +22,6 @@ rules: - patch - update - watch -- apiGroups: - - "" - resources: - - configmaps - - events - - namespaces - - persistentvolumeclaims - - secrets - - services - verbs: - - get - - list - - watch - apiGroups: - "" resources: @@ -86,45 +72,7 @@ rules: - cloud.redhat.com resources: - clowdapps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cloud.redhat.com - resources: - - clowdapps/status - verbs: - - get - - patch - - update -- apiGroups: - - cloud.redhat.com - resources: - clowdenvironments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - cloud.redhat.com - resources: - - clowdenvironments/status - verbs: - - get - - patch - - update -- apiGroups: - - cloud.redhat.com - resources: - clowdjobinvocations verbs: - create @@ -137,6 +85,8 @@ rules: - apiGroups: - cloud.redhat.com resources: + - clowdapps/status + - clowdenvironments/status - clowdjobinvocations/status verbs: - get @@ -173,41 +123,8 @@ rules: - kafka.strimzi.io resources: - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - kafka.strimzi.io - resources: - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - kafka.strimzi.io - resources: - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - kafka.strimzi.io - resources: - kafkausers verbs: - create diff --git a/controllers/cloud.redhat.com/config/types.go b/controllers/cloud.redhat.com/config/types.go index c5349b89c..2f9866aad 100644 --- a/controllers/cloud.redhat.com/config/types.go +++ b/controllers/cloud.redhat.com/config/types.go @@ -2,692 +2,691 @@ package config -import "encoding/json" import "fmt" +import "encoding/json" import "reflect" +// UnmarshalJSON implements json.Unmarshaler. +func (j *TopicConfig) UnmarshalJSON(b []byte) error { + var raw map[string]interface{} + if err := json.Unmarshal(b, &raw); err != nil { + return err + } + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") + } + if v, ok := raw["requestedName"]; !ok || v == nil { + return fmt.Errorf("field requestedName: required") + } + type Plain TopicConfig + var plain Plain + if err := json.Unmarshal(b, &plain); err != nil { + return err + } + *j = TopicConfig(plain) + return nil +} + +// UnmarshalJSON implements json.Unmarshaler. +func (j *DatabaseConfig) UnmarshalJSON(b []byte) error { + var raw map[string]interface{} + if err := json.Unmarshal(b, &raw); err != nil { + return err + } + if v, ok := raw["adminPassword"]; !ok || v == nil { + return fmt.Errorf("field adminPassword: required") + } + if v, ok := raw["adminUsername"]; !ok || v == nil { + return fmt.Errorf("field adminUsername: required") + } + if v, ok := raw["hostname"]; !ok || v == nil { + return fmt.Errorf("field hostname: required") + } + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") + } + if v, ok := raw["password"]; !ok || v == nil { + return fmt.Errorf("field password: required") + } + if v, ok := raw["port"]; !ok || v == nil { + return fmt.Errorf("field port: required") + } + if v, ok := raw["sslMode"]; !ok || v == nil { + return fmt.Errorf("field sslMode: required") + } + if v, ok := raw["username"]; !ok || v == nil { + return fmt.Errorf("field username: required") + } + type Plain DatabaseConfig + var plain Plain + if err := json.Unmarshal(b, &plain); err != nil { + return err + } + *j = DatabaseConfig(plain) + return nil +} + // ClowdApp deployment configuration for Clowder enabled apps. type AppConfig struct { // Defines the path to the BOPURL. - BOPURL *string `json:"BOPURL,omitempty" yaml:"BOPURL,omitempty" mapstructure:"BOPURL,omitempty"` + BOPURL *string `json:"BOPURL,omitempty"` // Database corresponds to the JSON schema field "database". - Database *DatabaseConfig `json:"database,omitempty" yaml:"database,omitempty" mapstructure:"database,omitempty"` + Database *DatabaseConfig `json:"database,omitempty"` // Endpoints corresponds to the JSON schema field "endpoints". - Endpoints []DependencyEndpoint `json:"endpoints,omitempty" yaml:"endpoints,omitempty" mapstructure:"endpoints,omitempty"` + Endpoints []DependencyEndpoint `json:"endpoints,omitempty"` // FeatureFlags corresponds to the JSON schema field "featureFlags". - FeatureFlags *FeatureFlagsConfig `json:"featureFlags,omitempty" yaml:"featureFlags,omitempty" mapstructure:"featureFlags,omitempty"` + FeatureFlags *FeatureFlagsConfig `json:"featureFlags,omitempty"` // A set of configMap/secret hashes - HashCache *string `json:"hashCache,omitempty" yaml:"hashCache,omitempty" mapstructure:"hashCache,omitempty"` + HashCache *string `json:"hashCache,omitempty"` // The external hostname of the deployment, where applicable - Hostname *string `json:"hostname,omitempty" yaml:"hostname,omitempty" mapstructure:"hostname,omitempty"` + Hostname *string `json:"hostname,omitempty"` // InMemoryDb corresponds to the JSON schema field "inMemoryDb". - InMemoryDb *InMemoryDBConfig `json:"inMemoryDb,omitempty" yaml:"inMemoryDb,omitempty" mapstructure:"inMemoryDb,omitempty"` + InMemoryDb *InMemoryDBConfig `json:"inMemoryDb,omitempty"` // Kafka corresponds to the JSON schema field "kafka". - Kafka *KafkaConfig `json:"kafka,omitempty" yaml:"kafka,omitempty" mapstructure:"kafka,omitempty"` + Kafka *KafkaConfig `json:"kafka,omitempty"` // Logging corresponds to the JSON schema field "logging". - Logging LoggingConfig `json:"logging" yaml:"logging" mapstructure:"logging"` + Logging LoggingConfig `json:"logging"` // Metadata corresponds to the JSON schema field "metadata". - Metadata *AppMetadata `json:"metadata,omitempty" yaml:"metadata,omitempty" mapstructure:"metadata,omitempty"` + Metadata *AppMetadata `json:"metadata,omitempty"` // Defines the path to the metrics server that the app should be configured to // listen on for metric traffic. - MetricsPath string `json:"metricsPath" yaml:"metricsPath" mapstructure:"metricsPath"` + MetricsPath string `json:"metricsPath"` // Defines the metrics port that the app should be configured to listen on for // metric traffic. - MetricsPort int `json:"metricsPort" yaml:"metricsPort" mapstructure:"metricsPort"` + MetricsPort int `json:"metricsPort"` // ObjectStore corresponds to the JSON schema field "objectStore". - ObjectStore *ObjectStoreConfig `json:"objectStore,omitempty" yaml:"objectStore,omitempty" mapstructure:"objectStore,omitempty"` + ObjectStore *ObjectStoreConfig `json:"objectStore,omitempty"` // PrivateEndpoints corresponds to the JSON schema field "privateEndpoints". - PrivateEndpoints []PrivateDependencyEndpoint `json:"privateEndpoints,omitempty" yaml:"privateEndpoints,omitempty" mapstructure:"privateEndpoints,omitempty"` + PrivateEndpoints []PrivateDependencyEndpoint `json:"privateEndpoints,omitempty"` // Defines the private port that the app should be configured to listen on for API // traffic. - PrivatePort *int `json:"privatePort,omitempty" yaml:"privatePort,omitempty" mapstructure:"privatePort,omitempty"` + PrivatePort *int `json:"privatePort,omitempty"` // Defines the public port that the app should be configured to listen on for API // traffic. - PublicPort *int `json:"publicPort,omitempty" yaml:"publicPort,omitempty" mapstructure:"publicPort,omitempty"` + PublicPort *int `json:"publicPort,omitempty"` // Defines the port CA path - TlsCAPath *string `json:"tlsCAPath,omitempty" yaml:"tlsCAPath,omitempty" mapstructure:"tlsCAPath,omitempty"` + TlsCAPath *string `json:"tlsCAPath,omitempty"` // Deprecated: Use 'publicPort' instead. - WebPort *int `json:"webPort,omitempty" yaml:"webPort,omitempty" mapstructure:"webPort,omitempty"` -} - -// Arbitrary metadata pertaining to the application application -type AppMetadata struct { - // Metadata pertaining to an application's deployments - Deployments []DeploymentMetadata `json:"deployments,omitempty" yaml:"deployments,omitempty" mapstructure:"deployments,omitempty"` - - // Name of the ClowdEnvironment this ClowdApp runs in - EnvName *string `json:"envName,omitempty" yaml:"envName,omitempty" mapstructure:"envName,omitempty"` - - // Name of the ClowdApp - Name *string `json:"name,omitempty" yaml:"name,omitempty" mapstructure:"name,omitempty"` -} - -// Broker Configuration -type BrokerConfig struct { - // Authtype corresponds to the JSON schema field "authtype". - Authtype *BrokerConfigAuthtype `json:"authtype,omitempty" yaml:"authtype,omitempty" mapstructure:"authtype,omitempty"` - - // CA certificate trust list for broker in PEM format. If absent, client should - // use OS default trust list - Cacert *string `json:"cacert,omitempty" yaml:"cacert,omitempty" mapstructure:"cacert,omitempty"` - - // Hostname of kafka broker - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` - - // Port of kafka broker - Port *int `json:"port,omitempty" yaml:"port,omitempty" mapstructure:"port,omitempty"` - - // Sasl corresponds to the JSON schema field "sasl". - Sasl *KafkaSASLConfig `json:"sasl,omitempty" yaml:"sasl,omitempty" mapstructure:"sasl,omitempty"` - - // Broker security procotol, expect one of either: SASL_SSL, SSL - SecurityProtocol *string `json:"securityProtocol,omitempty" yaml:"securityProtocol,omitempty" mapstructure:"securityProtocol,omitempty"` -} - -type BrokerConfigAuthtype string - -const BrokerConfigAuthtypeSasl BrokerConfigAuthtype = "sasl" - -// Cloud Watch configuration -type CloudWatchConfig struct { - // Defines the access key that the app should use for configuring CloudWatch. - AccessKeyId string `json:"accessKeyId" yaml:"accessKeyId" mapstructure:"accessKeyId"` - - // Defines the logGroup that the app should use for configuring CloudWatch. - LogGroup string `json:"logGroup" yaml:"logGroup" mapstructure:"logGroup"` - - // Defines the region that the app should use for configuring CloudWatch. - Region string `json:"region" yaml:"region" mapstructure:"region"` - - // Defines the secret key that the app should use for configuring CloudWatch. - SecretAccessKey string `json:"secretAccessKey" yaml:"secretAccessKey" mapstructure:"secretAccessKey"` -} - -// Database Configuration -type DatabaseConfig struct { - // Defines the pgAdmin password. - AdminPassword string `json:"adminPassword" yaml:"adminPassword" mapstructure:"adminPassword"` - - // Defines the pgAdmin username. - AdminUsername string `json:"adminUsername" yaml:"adminUsername" mapstructure:"adminUsername"` - - // Defines the hostname of the database configured for the ClowdApp. - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` - - // Defines the database name. - Name string `json:"name" yaml:"name" mapstructure:"name"` - - // Defines the password for the standard user. - Password string `json:"password" yaml:"password" mapstructure:"password"` - - // Defines the port of the database configured for the ClowdApp. - Port int `json:"port" yaml:"port" mapstructure:"port"` - - // Defines the CA used to access the database. - RdsCa *string `json:"rdsCa,omitempty" yaml:"rdsCa,omitempty" mapstructure:"rdsCa,omitempty"` - - // Defines the postgres SSL mode that should be used. - SslMode string `json:"sslMode" yaml:"sslMode" mapstructure:"sslMode"` - - // Defines a username with standard access to the database. - Username string `json:"username" yaml:"username" mapstructure:"username"` -} - -// Dependent service connection info -type DependencyEndpoint struct { - // The top level api path that the app should serve from /api/ - // (deprecated, use apiPaths) - ApiPath string `json:"apiPath" yaml:"apiPath" mapstructure:"apiPath"` - - // The list of API paths (each matching format: '/api/some-path/') that this app - // will serve requests from - ApiPaths []string `json:"apiPaths,omitempty" yaml:"apiPaths,omitempty" mapstructure:"apiPaths,omitempty"` - - // The app name of the ClowdApp hosting the service. - App string `json:"app" yaml:"app" mapstructure:"app"` - - // The hostname of the dependent service. - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` - - // The PodSpec name of the dependent service inside the ClowdApp. - Name string `json:"name" yaml:"name" mapstructure:"name"` - - // The port of the dependent service. - Port int `json:"port" yaml:"port" mapstructure:"port"` - - // The TLS port of the dependent service. - TlsPort *int `json:"tlsPort,omitempty" yaml:"tlsPort,omitempty" mapstructure:"tlsPort,omitempty"` -} - -// Deployment Metadata -type DeploymentMetadata struct { - // Image used by deployment - Image string `json:"image" yaml:"image" mapstructure:"image"` - - // Name of deployment - Name string `json:"name" yaml:"name" mapstructure:"name"` -} - -// Feature Flags Configuration -type FeatureFlagsConfig struct { - // Defines the client access token to use when connect to the FeatureFlags server - ClientAccessToken *string `json:"clientAccessToken,omitempty" yaml:"clientAccessToken,omitempty" mapstructure:"clientAccessToken,omitempty"` - - // Defines the hostname for the FeatureFlags server - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` - - // Defines the port for the FeatureFlags server - Port int `json:"port" yaml:"port" mapstructure:"port"` - - // Details the scheme to use for FeatureFlags http/https - Scheme FeatureFlagsConfigScheme `json:"scheme" yaml:"scheme" mapstructure:"scheme"` -} - -type FeatureFlagsConfigScheme string - -const FeatureFlagsConfigSchemeHttp FeatureFlagsConfigScheme = "http" -const FeatureFlagsConfigSchemeHttps FeatureFlagsConfigScheme = "https" - -// In Memory DB Configuration -type InMemoryDBConfig struct { - // Defines the hostname for the In Memory DB server configuration. - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` - - // Defines the password for the In Memory DB server configuration. - Password *string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Defines the port for the In Memory DB server configuration. - Port int `json:"port" yaml:"port" mapstructure:"port"` - - // Defines the sslMode used by the In Memory DB server coniguration - SslMode *bool `json:"sslMode,omitempty" yaml:"sslMode,omitempty" mapstructure:"sslMode,omitempty"` - - // Defines the username for the In Memory DB server configuration. - Username *string `json:"username,omitempty" yaml:"username,omitempty" mapstructure:"username,omitempty"` -} - -// Kafka Configuration -type KafkaConfig struct { - // Defines the brokers the app should connect to for Kafka services. - Brokers []BrokerConfig `json:"brokers" yaml:"brokers" mapstructure:"brokers"` - - // Defines a list of the topic configurations available to the application. - Topics []TopicConfig `json:"topics" yaml:"topics" mapstructure:"topics"` -} - -// SASL Configuration for Kafka -type KafkaSASLConfig struct { - // Broker SASL password - Password *string `json:"password,omitempty" yaml:"password,omitempty" mapstructure:"password,omitempty"` - - // Broker SASL mechanism, expect: SCRAM-SHA-512 - SaslMechanism *string `json:"saslMechanism,omitempty" yaml:"saslMechanism,omitempty" mapstructure:"saslMechanism,omitempty"` - - // Broker security protocol, expect one of either: SASL_SSL, SSL. DEPRECATED, use - // the top level securityProtocol field instead - SecurityProtocol *string `json:"securityProtocol,omitempty" yaml:"securityProtocol,omitempty" mapstructure:"securityProtocol,omitempty"` - - // Broker SASL username - Username *string `json:"username,omitempty" yaml:"username,omitempty" mapstructure:"username,omitempty"` -} - -// Logging Configuration -type LoggingConfig struct { - // Cloudwatch corresponds to the JSON schema field "cloudwatch". - Cloudwatch *CloudWatchConfig `json:"cloudwatch,omitempty" yaml:"cloudwatch,omitempty" mapstructure:"cloudwatch,omitempty"` - - // Defines the type of logging configuration - Type string `json:"type" yaml:"type" mapstructure:"type"` -} - -// Object Storage Bucket -type ObjectStoreBucket struct { - // Defines the access key for specificed bucket. - AccessKey *string `json:"accessKey,omitempty" yaml:"accessKey,omitempty" mapstructure:"accessKey,omitempty"` - - // Defines the endpoint for the Object Storage server configuration. - Endpoint *string `json:"endpoint,omitempty" yaml:"endpoint,omitempty" mapstructure:"endpoint,omitempty"` - - // The actual name of the bucket being accessed. - Name string `json:"name" yaml:"name" mapstructure:"name"` - - // Defines the region for the specified bucket. - Region *string `json:"region,omitempty" yaml:"region,omitempty" mapstructure:"region,omitempty"` - - // The name that was requested for the bucket in the ClowdApp. - RequestedName string `json:"requestedName" yaml:"requestedName" mapstructure:"requestedName"` - - // Defines the secret key for the specified bucket. - SecretKey *string `json:"secretKey,omitempty" yaml:"secretKey,omitempty" mapstructure:"secretKey,omitempty"` - - // Details if the Object Server uses TLS. - Tls *bool `json:"tls,omitempty" yaml:"tls,omitempty" mapstructure:"tls,omitempty"` + WebPort *int `json:"webPort,omitempty"` } // UnmarshalJSON implements json.Unmarshaler. -func (j *InMemoryDBConfig) UnmarshalJSON(b []byte) error { +func (j *DependencyEndpoint) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } + if v, ok := raw["apiPath"]; !ok || v == nil { + return fmt.Errorf("field apiPath: required") + } + if v, ok := raw["app"]; !ok || v == nil { + return fmt.Errorf("field app: required") + } if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in InMemoryDBConfig: required") + return fmt.Errorf("field hostname: required") + } + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") } if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in InMemoryDBConfig: required") + return fmt.Errorf("field port: required") } - type Plain InMemoryDBConfig + type Plain DependencyEndpoint var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = InMemoryDBConfig(plain) + *j = DependencyEndpoint(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *BrokerConfig) UnmarshalJSON(b []byte) error { +func (j *PrivateDependencyEndpoint) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } + if v, ok := raw["app"]; !ok || v == nil { + return fmt.Errorf("field app: required") + } if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in BrokerConfig: required") + return fmt.Errorf("field hostname: required") } - type Plain BrokerConfig + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") + } + if v, ok := raw["port"]; !ok || v == nil { + return fmt.Errorf("field port: required") + } + type Plain PrivateDependencyEndpoint var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = BrokerConfig(plain) + *j = PrivateDependencyEndpoint(plain) return nil } -// Topic Configuration -type TopicConfig struct { - // The name of the actual topic on the Kafka server. - Name string `json:"name" yaml:"name" mapstructure:"name"` - - // The name that the app requested in the ClowdApp definition. - RequestedName string `json:"requestedName" yaml:"requestedName" mapstructure:"requestedName"` -} - // UnmarshalJSON implements json.Unmarshaler. -func (j *TopicConfig) UnmarshalJSON(b []byte) error { +func (j *ObjectStoreConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in TopicConfig: required") + if v, ok := raw["hostname"]; !ok || v == nil { + return fmt.Errorf("field hostname: required") } - if v, ok := raw["requestedName"]; !ok || v == nil { - return fmt.Errorf("field requestedName in TopicConfig: required") + if v, ok := raw["port"]; !ok || v == nil { + return fmt.Errorf("field port: required") } - type Plain TopicConfig + if v, ok := raw["tls"]; !ok || v == nil { + return fmt.Errorf("field tls: required") + } + type Plain ObjectStoreConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = TopicConfig(plain) + *j = ObjectStoreConfig(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *BrokerConfigAuthtype) UnmarshalJSON(b []byte) error { +func (j *FeatureFlagsConfigScheme) UnmarshalJSON(b []byte) error { var v string if err := json.Unmarshal(b, &v); err != nil { return err } var ok bool - for _, expected := range enumValues_BrokerConfigAuthtype { + for _, expected := range enumValues_FeatureFlagsConfigScheme { if reflect.DeepEqual(v, expected) { ok = true break } } if !ok { - return fmt.Errorf("invalid value (expected one of %#v): %#v", enumValues_BrokerConfigAuthtype, v) + return fmt.Errorf("invalid value (expected one of %#v): %#v", enumValues_FeatureFlagsConfigScheme, v) } - *j = BrokerConfigAuthtype(v) + *j = FeatureFlagsConfigScheme(v) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *KafkaConfig) UnmarshalJSON(b []byte) error { +func (j *ObjectStoreBucket) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["brokers"]; !ok || v == nil { - return fmt.Errorf("field brokers in KafkaConfig: required") + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") } - if v, ok := raw["topics"]; !ok || v == nil { - return fmt.Errorf("field topics in KafkaConfig: required") + if v, ok := raw["requestedName"]; !ok || v == nil { + return fmt.Errorf("field requestedName: required") } - type Plain KafkaConfig + type Plain ObjectStoreBucket var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = KafkaConfig(plain) + *j = ObjectStoreBucket(plain) return nil } -var enumValues_FeatureFlagsConfigScheme = []interface{}{ - "http", - "https", +// Arbitrary metadata pertaining to the application application +type AppMetadata struct { + // Metadata pertaining to an application's deployments + Deployments []DeploymentMetadata `json:"deployments,omitempty"` + + // Name of the ClowdEnvironment this ClowdApp runs in + EnvName *string `json:"envName,omitempty"` + + // Name of the ClowdApp + Name *string `json:"name,omitempty"` } // UnmarshalJSON implements json.Unmarshaler. -func (j *CloudWatchConfig) UnmarshalJSON(b []byte) error { +func (j *DeploymentMetadata) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["accessKeyId"]; !ok || v == nil { - return fmt.Errorf("field accessKeyId in CloudWatchConfig: required") - } - if v, ok := raw["logGroup"]; !ok || v == nil { - return fmt.Errorf("field logGroup in CloudWatchConfig: required") - } - if v, ok := raw["region"]; !ok || v == nil { - return fmt.Errorf("field region in CloudWatchConfig: required") + if v, ok := raw["image"]; !ok || v == nil { + return fmt.Errorf("field image: required") } - if v, ok := raw["secretAccessKey"]; !ok || v == nil { - return fmt.Errorf("field secretAccessKey in CloudWatchConfig: required") + if v, ok := raw["name"]; !ok || v == nil { + return fmt.Errorf("field name: required") } - type Plain CloudWatchConfig + type Plain DeploymentMetadata var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = CloudWatchConfig(plain) + *j = DeploymentMetadata(plain) return nil } -var enumValues_BrokerConfigAuthtype = []interface{}{ - "sasl", -} - // UnmarshalJSON implements json.Unmarshaler. -func (j *LoggingConfig) UnmarshalJSON(b []byte) error { +func (j *FeatureFlagsConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["type"]; !ok || v == nil { - return fmt.Errorf("field type in LoggingConfig: required") + if v, ok := raw["hostname"]; !ok || v == nil { + return fmt.Errorf("field hostname: required") } - type Plain LoggingConfig + if v, ok := raw["port"]; !ok || v == nil { + return fmt.Errorf("field port: required") + } + if v, ok := raw["scheme"]; !ok || v == nil { + return fmt.Errorf("field scheme: required") + } + type Plain FeatureFlagsConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = LoggingConfig(plain) + *j = FeatureFlagsConfig(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *FeatureFlagsConfigScheme) UnmarshalJSON(b []byte) error { - var v string - if err := json.Unmarshal(b, &v); err != nil { +func (j *LoggingConfig) UnmarshalJSON(b []byte) error { + var raw map[string]interface{} + if err := json.Unmarshal(b, &raw); err != nil { return err } - var ok bool - for _, expected := range enumValues_FeatureFlagsConfigScheme { - if reflect.DeepEqual(v, expected) { - ok = true - break - } + if v, ok := raw["type"]; !ok || v == nil { + return fmt.Errorf("field type: required") } - if !ok { - return fmt.Errorf("invalid value (expected one of %#v): %#v", enumValues_FeatureFlagsConfigScheme, v) + type Plain LoggingConfig + var plain Plain + if err := json.Unmarshal(b, &plain); err != nil { + return err } - *j = FeatureFlagsConfigScheme(v) + *j = LoggingConfig(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *DeploymentMetadata) UnmarshalJSON(b []byte) error { +func (j *InMemoryDBConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["image"]; !ok || v == nil { - return fmt.Errorf("field image in DeploymentMetadata: required") + if v, ok := raw["hostname"]; !ok || v == nil { + return fmt.Errorf("field hostname: required") } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in DeploymentMetadata: required") + if v, ok := raw["port"]; !ok || v == nil { + return fmt.Errorf("field port: required") } - type Plain DeploymentMetadata + type Plain InMemoryDBConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = DeploymentMetadata(plain) + *j = InMemoryDBConfig(plain) return nil } +type BrokerConfigAuthtype string + // UnmarshalJSON implements json.Unmarshaler. -func (j *DependencyEndpoint) UnmarshalJSON(b []byte) error { +func (j *CloudWatchConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["apiPath"]; !ok || v == nil { - return fmt.Errorf("field apiPath in DependencyEndpoint: required") - } - if v, ok := raw["app"]; !ok || v == nil { - return fmt.Errorf("field app in DependencyEndpoint: required") + if v, ok := raw["accessKeyId"]; !ok || v == nil { + return fmt.Errorf("field accessKeyId: required") } - if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in DependencyEndpoint: required") + if v, ok := raw["logGroup"]; !ok || v == nil { + return fmt.Errorf("field logGroup: required") } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in DependencyEndpoint: required") + if v, ok := raw["region"]; !ok || v == nil { + return fmt.Errorf("field region: required") } - if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in DependencyEndpoint: required") + if v, ok := raw["secretAccessKey"]; !ok || v == nil { + return fmt.Errorf("field secretAccessKey: required") } - type Plain DependencyEndpoint + type Plain CloudWatchConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = DependencyEndpoint(plain) + *j = CloudWatchConfig(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *FeatureFlagsConfig) UnmarshalJSON(b []byte) error { +func (j *BrokerConfigAuthtype) UnmarshalJSON(b []byte) error { + var v string + if err := json.Unmarshal(b, &v); err != nil { + return err + } + var ok bool + for _, expected := range enumValues_BrokerConfigAuthtype { + if reflect.DeepEqual(v, expected) { + ok = true + break + } + } + if !ok { + return fmt.Errorf("invalid value (expected one of %#v): %#v", enumValues_BrokerConfigAuthtype, v) + } + *j = BrokerConfigAuthtype(v) + return nil +} + +const BrokerConfigAuthtypeSasl BrokerConfigAuthtype = "sasl" + +// Cloud Watch configuration +type CloudWatchConfig struct { + // Defines the access key that the app should use for configuring CloudWatch. + AccessKeyId string `json:"accessKeyId"` + + // Defines the logGroup that the app should use for configuring CloudWatch. + LogGroup string `json:"logGroup"` + + // Defines the region that the app should use for configuring CloudWatch. + Region string `json:"region"` + + // Defines the secret key that the app should use for configuring CloudWatch. + SecretAccessKey string `json:"secretAccessKey"` +} + +// Broker Configuration +type BrokerConfig struct { + // Authtype corresponds to the JSON schema field "authtype". + Authtype *BrokerConfigAuthtype `json:"authtype,omitempty"` + + // CA certificate trust list for broker in PEM format. If absent, client should + // use OS default trust list + Cacert *string `json:"cacert,omitempty"` + + // Hostname of kafka broker + Hostname string `json:"hostname"` + + // Port of kafka broker + Port *int `json:"port,omitempty"` + + // Sasl corresponds to the JSON schema field "sasl". + Sasl *KafkaSASLConfig `json:"sasl,omitempty"` + + // Broker security procotol, expect one of either: SASL_SSL, SSL + SecurityProtocol *string `json:"securityProtocol,omitempty"` +} + +// UnmarshalJSON implements json.Unmarshaler. +func (j *BrokerConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in FeatureFlagsConfig: required") - } - if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in FeatureFlagsConfig: required") - } - if v, ok := raw["scheme"]; !ok || v == nil { - return fmt.Errorf("field scheme in FeatureFlagsConfig: required") + return fmt.Errorf("field hostname: required") } - type Plain FeatureFlagsConfig + type Plain BrokerConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = FeatureFlagsConfig(plain) + *j = BrokerConfig(plain) return nil } // UnmarshalJSON implements json.Unmarshaler. -func (j *ObjectStoreBucket) UnmarshalJSON(b []byte) error { +func (j *KafkaConfig) UnmarshalJSON(b []byte) error { var raw map[string]interface{} if err := json.Unmarshal(b, &raw); err != nil { return err } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in ObjectStoreBucket: required") + if v, ok := raw["brokers"]; !ok || v == nil { + return fmt.Errorf("field brokers: required") } - if v, ok := raw["requestedName"]; !ok || v == nil { - return fmt.Errorf("field requestedName in ObjectStoreBucket: required") + if v, ok := raw["topics"]; !ok || v == nil { + return fmt.Errorf("field topics: required") } - type Plain ObjectStoreBucket + type Plain KafkaConfig var plain Plain if err := json.Unmarshal(b, &plain); err != nil { return err } - *j = ObjectStoreBucket(plain) + *j = KafkaConfig(plain) return nil } +// Database Configuration +type DatabaseConfig struct { + // Defines the pgAdmin password. + AdminPassword string `json:"adminPassword"` + + // Defines the pgAdmin username. + AdminUsername string `json:"adminUsername"` + + // Defines the hostname of the database configured for the ClowdApp. + Hostname string `json:"hostname"` + + // Defines the database name. + Name string `json:"name"` + + // Defines the password for the standard user. + Password string `json:"password"` + + // Defines the port of the database configured for the ClowdApp. + Port int `json:"port"` + + // Defines the CA used to access the database. + RdsCa *string `json:"rdsCa,omitempty"` + + // Defines the postgres SSL mode that should be used. + SslMode string `json:"sslMode"` + + // Defines a username with standard access to the database. + Username string `json:"username"` +} + +// Dependent service connection info +type DependencyEndpoint struct { + // The top level api path that the app should serve from /api/ + // (deprecated, use apiPaths) + ApiPath string `json:"apiPath"` + + // The list of API paths (each matching format: '/api/some-path/') that this app + // will serve requests from + ApiPaths []string `json:"apiPaths,omitempty"` + + // The app name of the ClowdApp hosting the service. + App string `json:"app"` + + // The hostname of the dependent service. + Hostname string `json:"hostname"` + + // The PodSpec name of the dependent service inside the ClowdApp. + Name string `json:"name"` + + // The port of the dependent service. + Port int `json:"port"` + + // The TLS port of the dependent service. + TlsPort *int `json:"tlsPort,omitempty"` +} + +// Deployment Metadata +type DeploymentMetadata struct { + // Image used by deployment + Image string `json:"image"` + + // Name of deployment + Name string `json:"name"` +} + +// Feature Flags Configuration +type FeatureFlagsConfig struct { + // Defines the client access token to use when connect to the FeatureFlags server + ClientAccessToken *string `json:"clientAccessToken,omitempty"` + + // Defines the hostname for the FeatureFlags server + Hostname string `json:"hostname"` + + // Defines the port for the FeatureFlags server + Port int `json:"port"` + + // Details the scheme to use for FeatureFlags http/https + Scheme FeatureFlagsConfigScheme `json:"scheme"` +} + +type FeatureFlagsConfigScheme string + +const FeatureFlagsConfigSchemeHttp FeatureFlagsConfigScheme = "http" +const FeatureFlagsConfigSchemeHttps FeatureFlagsConfigScheme = "https" + +// In Memory DB Configuration +type InMemoryDBConfig struct { + // Defines the hostname for the In Memory DB server configuration. + Hostname string `json:"hostname"` + + // Defines the password for the In Memory DB server configuration. + Password *string `json:"password,omitempty"` + + // Defines the port for the In Memory DB server configuration. + Port int `json:"port"` + + // Defines the sslMode used by the In Memory DB server coniguration + SslMode *bool `json:"sslMode,omitempty"` + + // Defines the username for the In Memory DB server configuration. + Username *string `json:"username,omitempty"` +} + +// Kafka Configuration +type KafkaConfig struct { + // Defines the brokers the app should connect to for Kafka services. + Brokers []BrokerConfig `json:"brokers"` + + // Defines a list of the topic configurations available to the application. + Topics []TopicConfig `json:"topics"` +} + +// SASL Configuration for Kafka +type KafkaSASLConfig struct { + // Broker SASL password + Password *string `json:"password,omitempty"` + + // Broker SASL mechanism, expect: SCRAM-SHA-512 + SaslMechanism *string `json:"saslMechanism,omitempty"` + + // Broker security protocol, expect one of either: SASL_SSL, SSL. DEPRECATED, use + // the top level securityProtocol field instead + SecurityProtocol *string `json:"securityProtocol,omitempty"` + + // Broker SASL username + Username *string `json:"username,omitempty"` +} + +// Logging Configuration +type LoggingConfig struct { + // Cloudwatch corresponds to the JSON schema field "cloudwatch". + Cloudwatch *CloudWatchConfig `json:"cloudwatch,omitempty"` + + // Defines the type of logging configuration + Type string `json:"type"` +} + +// Object Storage Bucket +type ObjectStoreBucket struct { + // Defines the access key for specificed bucket. + AccessKey *string `json:"accessKey,omitempty"` + + // Defines the endpoint for the Object Storage server configuration. + Endpoint *string `json:"endpoint,omitempty"` + + // The actual name of the bucket being accessed. + Name string `json:"name"` + + // Defines the region for the specified bucket. + Region *string `json:"region,omitempty"` + + // The name that was requested for the bucket in the ClowdApp. + RequestedName string `json:"requestedName"` + + // Defines the secret key for the specified bucket. + SecretKey *string `json:"secretKey,omitempty"` + + // Details if the Object Server uses TLS. + Tls *bool `json:"tls,omitempty"` +} + // Object Storage Configuration type ObjectStoreConfig struct { // Defines the access key for the Object Storage server configuration. - AccessKey *string `json:"accessKey,omitempty" yaml:"accessKey,omitempty" mapstructure:"accessKey,omitempty"` + AccessKey *string `json:"accessKey,omitempty"` // Buckets corresponds to the JSON schema field "buckets". - Buckets []ObjectStoreBucket `json:"buckets,omitempty" yaml:"buckets,omitempty" mapstructure:"buckets,omitempty"` + Buckets []ObjectStoreBucket `json:"buckets,omitempty"` // Defines the hostname for the Object Storage server configuration. - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` + Hostname string `json:"hostname"` // Defines the port for the Object Storage server configuration. - Port int `json:"port" yaml:"port" mapstructure:"port"` + Port int `json:"port"` // Defines the secret key for the Object Storage server configuration. - SecretKey *string `json:"secretKey,omitempty" yaml:"secretKey,omitempty" mapstructure:"secretKey,omitempty"` + SecretKey *string `json:"secretKey,omitempty"` // Details if the Object Server uses TLS. - Tls bool `json:"tls" yaml:"tls" mapstructure:"tls"` -} - -// UnmarshalJSON implements json.Unmarshaler. -func (j *ObjectStoreConfig) UnmarshalJSON(b []byte) error { - var raw map[string]interface{} - if err := json.Unmarshal(b, &raw); err != nil { - return err - } - if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in ObjectStoreConfig: required") - } - if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in ObjectStoreConfig: required") - } - if v, ok := raw["tls"]; !ok || v == nil { - return fmt.Errorf("field tls in ObjectStoreConfig: required") - } - type Plain ObjectStoreConfig - var plain Plain - if err := json.Unmarshal(b, &plain); err != nil { - return err - } - *j = ObjectStoreConfig(plain) - return nil + Tls bool `json:"tls"` } // Dependent service connection info type PrivateDependencyEndpoint struct { // The app name of the ClowdApp hosting the service. - App string `json:"app" yaml:"app" mapstructure:"app"` + App string `json:"app"` // The hostname of the dependent service. - Hostname string `json:"hostname" yaml:"hostname" mapstructure:"hostname"` + Hostname string `json:"hostname"` // The PodSpec name of the dependent service inside the ClowdApp. - Name string `json:"name" yaml:"name" mapstructure:"name"` + Name string `json:"name"` // The port of the dependent service. - Port int `json:"port" yaml:"port" mapstructure:"port"` + Port int `json:"port"` // The TLS port of the dependent service. - TlsPort *int `json:"tlsPort,omitempty" yaml:"tlsPort,omitempty" mapstructure:"tlsPort,omitempty"` + TlsPort *int `json:"tlsPort,omitempty"` } -// UnmarshalJSON implements json.Unmarshaler. -func (j *PrivateDependencyEndpoint) UnmarshalJSON(b []byte) error { - var raw map[string]interface{} - if err := json.Unmarshal(b, &raw); err != nil { - return err - } - if v, ok := raw["app"]; !ok || v == nil { - return fmt.Errorf("field app in PrivateDependencyEndpoint: required") - } - if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in PrivateDependencyEndpoint: required") - } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in PrivateDependencyEndpoint: required") - } - if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in PrivateDependencyEndpoint: required") - } - type Plain PrivateDependencyEndpoint - var plain Plain - if err := json.Unmarshal(b, &plain); err != nil { - return err - } - *j = PrivateDependencyEndpoint(plain) - return nil +// Topic Configuration +type TopicConfig struct { + // The name of the actual topic on the Kafka server. + Name string `json:"name"` + + // The name that the app requested in the ClowdApp definition. + RequestedName string `json:"requestedName"` } -// UnmarshalJSON implements json.Unmarshaler. -func (j *DatabaseConfig) UnmarshalJSON(b []byte) error { - var raw map[string]interface{} - if err := json.Unmarshal(b, &raw); err != nil { - return err - } - if v, ok := raw["adminPassword"]; !ok || v == nil { - return fmt.Errorf("field adminPassword in DatabaseConfig: required") - } - if v, ok := raw["adminUsername"]; !ok || v == nil { - return fmt.Errorf("field adminUsername in DatabaseConfig: required") - } - if v, ok := raw["hostname"]; !ok || v == nil { - return fmt.Errorf("field hostname in DatabaseConfig: required") - } - if v, ok := raw["name"]; !ok || v == nil { - return fmt.Errorf("field name in DatabaseConfig: required") - } - if v, ok := raw["password"]; !ok || v == nil { - return fmt.Errorf("field password in DatabaseConfig: required") - } - if v, ok := raw["port"]; !ok || v == nil { - return fmt.Errorf("field port in DatabaseConfig: required") - } - if v, ok := raw["sslMode"]; !ok || v == nil { - return fmt.Errorf("field sslMode in DatabaseConfig: required") - } - if v, ok := raw["username"]; !ok || v == nil { - return fmt.Errorf("field username in DatabaseConfig: required") - } - type Plain DatabaseConfig - var plain Plain - if err := json.Unmarshal(b, &plain); err != nil { - return err - } - *j = DatabaseConfig(plain) - return nil +var enumValues_BrokerConfigAuthtype = []interface{}{ + "sasl", +} +var enumValues_FeatureFlagsConfigScheme = []interface{}{ + "http", + "https", } // UnmarshalJSON implements json.Unmarshaler. @@ -697,13 +696,13 @@ func (j *AppConfig) UnmarshalJSON(b []byte) error { return err } if v, ok := raw["logging"]; !ok || v == nil { - return fmt.Errorf("field logging in AppConfig: required") + return fmt.Errorf("field logging: required") } if v, ok := raw["metricsPath"]; !ok || v == nil { - return fmt.Errorf("field metricsPath in AppConfig: required") + return fmt.Errorf("field metricsPath: required") } if v, ok := raw["metricsPort"]; !ok || v == nil { - return fmt.Errorf("field metricsPort in AppConfig: required") + return fmt.Errorf("field metricsPort: required") } type Plain AppConfig var plain Plain diff --git a/deploy-mutate.yml b/deploy-mutate.yml index 96841fcbc..bbcc6c7ab 100644 --- a/deploy-mutate.yml +++ b/deploy-mutate.yml @@ -8096,7 +8096,6 @@ objects: - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: clowder-manager-role rules: - apiGroups: @@ -8117,19 +8116,6 @@ objects: - patch - update - watch - - apiGroups: - - '' - resources: - - configmaps - - events - - namespaces - - persistentvolumeclaims - - secrets - - services - verbs: - - get - - list - - watch - apiGroups: - '' resources: @@ -8180,45 +8166,7 @@ objects: - cloud.redhat.com resources: - clowdapps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - cloud.redhat.com - resources: - - clowdapps/status - verbs: - - get - - patch - - update - - apiGroups: - - cloud.redhat.com - resources: - clowdenvironments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - cloud.redhat.com - resources: - - clowdenvironments/status - verbs: - - get - - patch - - update - - apiGroups: - - cloud.redhat.com - resources: - clowdjobinvocations verbs: - create @@ -8231,6 +8179,8 @@ objects: - apiGroups: - cloud.redhat.com resources: + - clowdapps/status + - clowdenvironments/status - clowdjobinvocations/status verbs: - get @@ -8267,41 +8217,8 @@ objects: - kafka.strimzi.io resources: - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkausers verbs: - create @@ -8673,6 +8590,7 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' + creationTimestamp: null name: clowder-mutating-webhook-configuration webhooks: - admissionReviewVersions: @@ -8700,6 +8618,7 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' + creationTimestamp: null name: clowder-validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/deploy.yml b/deploy.yml index c842c82a7..7cb8cd9d8 100644 --- a/deploy.yml +++ b/deploy.yml @@ -8096,7 +8096,6 @@ objects: - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - creationTimestamp: null name: clowder-manager-role rules: - apiGroups: @@ -8117,19 +8116,6 @@ objects: - patch - update - watch - - apiGroups: - - '' - resources: - - configmaps - - events - - namespaces - - persistentvolumeclaims - - secrets - - services - verbs: - - get - - list - - watch - apiGroups: - '' resources: @@ -8180,45 +8166,7 @@ objects: - cloud.redhat.com resources: - clowdapps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - cloud.redhat.com - resources: - - clowdapps/status - verbs: - - get - - patch - - update - - apiGroups: - - cloud.redhat.com - resources: - clowdenvironments - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - cloud.redhat.com - resources: - - clowdenvironments/status - verbs: - - get - - patch - - update - - apiGroups: - - cloud.redhat.com - resources: - clowdjobinvocations verbs: - create @@ -8231,6 +8179,8 @@ objects: - apiGroups: - cloud.redhat.com resources: + - clowdapps/status + - clowdenvironments/status - clowdjobinvocations/status verbs: - get @@ -8267,41 +8217,8 @@ objects: - kafka.strimzi.io resources: - kafkaconnects - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkas - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkatopics - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - kafka.strimzi.io - resources: - kafkausers verbs: - create @@ -8673,6 +8590,7 @@ objects: metadata: annotations: service.beta.openshift.io/inject-cabundle: 'true' + creationTimestamp: null name: clowder-validating-webhook-configuration webhooks: - admissionReviewVersions: diff --git a/docs/api_ref.md b/docs/api_ref.md index 5044bf8b8..3a1167654 100644 --- a/docs/api_ref.md +++ b/docs/api_ref.md @@ -461,7 +461,7 @@ Must be one of: | - [securityProtocol](#kafka_brokers_items_sasl_securityProtocol ) | No | string | No | - | Broker security protocol, expect one of either: SASL_SSL, SSL. DEPRECATED, use the top level securityProtocol field instead | | - [saslMechanism](#kafka_brokers_items_sasl_saslMechanism ) | No | string | No | - | Broker SASL mechanism, expect: SCRAM-SHA-512 | -##### 9.1.1.5.1. Property `root > kafka > brokers > brokers items > sasl > username` +###### 9.1.1.5.1. Property `root > kafka > brokers > brokers items > sasl > username` | | | | ------------ | -------- | @@ -470,7 +470,7 @@ Must be one of: **Description:** Broker SASL username -##### 9.1.1.5.2. Property `root > kafka > brokers > brokers items > sasl > password` +###### 9.1.1.5.2. Property `root > kafka > brokers > brokers items > sasl > password` | | | | ------------ | -------- | @@ -479,7 +479,7 @@ Must be one of: **Description:** Broker SASL password -##### 9.1.1.5.3. Property `root > kafka > brokers > brokers items > sasl > securityProtocol` +###### 9.1.1.5.3. Property `root > kafka > brokers > brokers items > sasl > securityProtocol` | | | | ------------ | -------- | @@ -488,7 +488,7 @@ Must be one of: **Description:** Broker security protocol, expect one of either: SASL_SSL, SSL. DEPRECATED, use the top level securityProtocol field instead -##### 9.1.1.5.4. Property `root > kafka > brokers > brokers items > sasl > saslMechanism` +###### 9.1.1.5.4. Property `root > kafka > brokers > brokers items > sasl > saslMechanism` | | | | ------------ | -------- |